Preliminary release notes for releases 8.4.3, 8.3.10, 8.2.16, 8.1.20,…

… 8.0.24, 7.4.28.
postgres · Mar 10, 2010 · 2ecea6f · 2ecea6f
1 parent f446c28
commit 2ecea6f
Show file tree

Hide file tree

Showing 5 changed files with 1,089 additions and 5 deletions.
diff --git a/doc/src/sgml/release-7.4.sgml b/doc/src/sgml/release-7.4.sgml
@@ -1,6 +1,125 @@
-<!-- $PostgreSQL: pgsql/doc/src/sgml/release-7.4.sgml,v 1.1.2.4 2009/12/10 00:31:33 tgl Exp $ -->
+<!-- $PostgreSQL: pgsql/doc/src/sgml/release-7.4.sgml,v 1.1.2.5 2010/03/10 01:58:38 tgl Exp $ -->
 <!-- See header comment in release.sgml about typical markup -->
 
+ <sect1 id="release-7-4-28">
+  <title>Release 7.4.28</title>
+
+  <note>
+  <title>Release date</title>
+  <simpara>2010-03-15</simpara>
+  </note>
+
+  <para>
+   This release contains a variety of fixes from 7.4.27.
+   For information about new features in the 7.4 major release, see
+   <xref linkend="release-7-4">.
+  </para>
+
+  <para>
+   The <productname>PostgreSQL</> community will stop releasing updates
+   for the 7.4.X release series in July 2010.
+   Users are encouraged to update to a newer release branch soon.
+  </para>
+
+  <sect2>
+   <title>Migration to Version 7.4.28</title>
+
+   <para>
+    A dump/restore is not required for those running 7.4.X.
+    However, if you are upgrading from a version earlier than 7.4.26,
+    see the release notes for 7.4.26.
+   </para>
+
+  </sect2>
+
+  <sect2>
+   <title>Changes</title>
+
+   <itemizedlist>
+
+    <listitem>
+     <para>
+      Add new configuration parameter <varname>ssl_renegotiation_limit</> to
+      control how often we do session key renegotiation for an SSL connection
+      (Magnus)
+     </para>
+
+     <para>
+      This can be set to zero to disable renegotiation completely, which may
+      be required if a broken SSL library is used.  In particular, some
+      vendors are shipping stopgap patches for CVE-2009-3555 that cause
+      renegotiation attempts to fail.
+     </para>
+    </listitem>
+
+    <listitem>
+     <para>
+      Make <function>substring()</> for <type>bit</> types treat any negative
+      length as meaning <quote>all the rest of the string</> (Tom)
+     </para>
+
+     <para>
+      The previous coding treated only -1 that way, and would produce an
+      invalid result value for other negative values, possibly leading to
+      a crash (CVE-2010-0442).
+     </para>
+    </listitem>
+
+    <listitem>
+     <para>
+      Fix some cases of pathologically slow regular expression matching (Tom)
+     </para>
+    </listitem>
+
+    <listitem>
+     <para>
+      When reading <filename>pg_hba.conf</> and related files, do not treat
+      <literal>@something</> as a file inclusion request if the <literal>@</>
+      appears inside quote marks; also, never treat <literal>@</> by itself
+      as a file inclusion request (Tom)
+     </para>
+
+     <para>
+      This prevents erratic behavior if a role or database name starts with
+      <literal>@</>.  If you need to include a file whose path name
+      contains spaces, you can still do so, but you must write
+      <literal>@"/path to/file"</> rather than putting the quotes around
+      the whole construct.
+     </para>
+    </listitem>
+
+    <listitem>
+     <para>
+      Prevent infinite loop on some platforms if a directory is named as
+      an inclusion target in <filename>pg_hba.conf</> and related files
+      (Tom)
+     </para>
+    </listitem>
+
+    <listitem>
+     <para>
+      Ensure PL/Tcl initializes the Tcl interpreter fully (Tom)
+     </para>
+
+     <para>
+      The only known symptom of this oversight is that the Tcl
+      <literal>clock</> command misbehaves if using Tcl 8.5 or later.
+     </para>
+    </listitem>
+
+    <listitem>
+     <para>
+      Prevent crash in <filename>contrib/dblink</> when too many key
+      columns are specified to a <function>dblink_build_sql_*</> function
+      (Rushabh Lathia, Joe Conway)
+     </para>
+    </listitem>
+
+   </itemizedlist>
+
+  </sect2>
+ </sect1>
+
  <sect1 id="release-7-4-27">
   <title>Release 7.4.27</title>
 

diff --git a/doc/src/sgml/release-8.0.sgml b/doc/src/sgml/release-8.0.sgml
@@ -1,6 +1,183 @@
-<!-- $PostgreSQL: pgsql/doc/src/sgml/release-8.0.sgml,v 1.1.2.4 2009/12/10 00:31:33 tgl Exp $ -->
+<!-- $PostgreSQL: pgsql/doc/src/sgml/release-8.0.sgml,v 1.1.2.5 2010/03/10 01:58:38 tgl Exp $ -->
 <!-- See header comment in release.sgml about typical markup -->
 
+ <sect1 id="release-8-0-24">
+  <title>Release 8.0.24</title>
+
+  <note>
+  <title>Release date</title>
+  <simpara>2010-03-15</simpara>
+  </note>
+
+  <para>
+   This release contains a variety of fixes from 8.0.23.
+   For information about new features in the 8.0 major release, see
+   <xref linkend="release-8-0">.
+  </para>
+
+  <para>
+   The <productname>PostgreSQL</> community will stop releasing updates
+   for the 8.0.X release series in July 2010.
+   Users are encouraged to update to a newer release branch soon.
+  </para>
+
+  <sect2>
+   <title>Migration to Version 8.0.24</title>
+
+   <para>
+    A dump/restore is not required for those running 8.0.X.
+    However, if you are upgrading from a version earlier than 8.0.22,
+    see the release notes for 8.0.22.
+   </para>
+
+  </sect2>
+
+  <sect2>
+   <title>Changes</title>
+
+   <itemizedlist>
+
+    <listitem>
+     <para>
+      Add new configuration parameter <varname>ssl_renegotiation_limit</> to
+      control how often we do session key renegotiation for an SSL connection
+      (Magnus)
+     </para>
+
+     <para>
+      This can be set to zero to disable renegotiation completely, which may
+      be required if a broken SSL library is used.  In particular, some
+      vendors are shipping stopgap patches for CVE-2009-3555 that cause
+      renegotiation attempts to fail.
+     </para>
+    </listitem>
+
+    <listitem>
+     <para>
+      Fix possible crashes when trying to recover from a failure in
+      subtransaction start (Tom)
+     </para>
+    </listitem>
+
+    <listitem>
+     <para>
+      Fix server memory leak associated with use of savepoints and a client
+      encoding different from server's encoding (Tom)
+     </para>
+    </listitem>
+
+    <listitem>
+     <para>
+      Make <function>substring()</> for <type>bit</> types treat any negative
+      length as meaning <quote>all the rest of the string</> (Tom)
+     </para>
+
+     <para>
+      The previous coding treated only -1 that way, and would produce an
+      invalid result value for other negative values, possibly leading to
+      a crash (CVE-2010-0442).
+     </para>
+    </listitem>
+
+    <listitem>
+     <para>
+      Fix integer-to-bit-string conversions to handle the first fractional
+      byte correctly when the output bit width is wider than the given
+      integer by something other than a multiple of 8 bits (Tom)
+     </para>
+    </listitem>
+
+    <listitem>
+     <para>
+      Fix some cases of pathologically slow regular expression matching (Tom)
+     </para>
+    </listitem>
+
+    <listitem>
+     <para>
+      Fix the <literal>STOP WAL LOCATION</> entry in backup history files to
+      report the next WAL segment's name when the end location is exactly at a
+      segment boundary (Itagaki Takahiro)
+     </para>
+    </listitem>
+
+    <listitem>
+     <para>
+      When reading <filename>pg_hba.conf</> and related files, do not treat
+      <literal>@something</> as a file inclusion request if the <literal>@</>
+      appears inside quote marks; also, never treat <literal>@</> by itself
+      as a file inclusion request (Tom)
+     </para>
+
+     <para>
+      This prevents erratic behavior if a role or database name starts with
+      <literal>@</>.  If you need to include a file whose path name
+      contains spaces, you can still do so, but you must write
+      <literal>@"/path to/file"</> rather than putting the quotes around
+      the whole construct.
+     </para>
+    </listitem>
+
+    <listitem>
+     <para>
+      Prevent infinite loop on some platforms if a directory is named as
+      an inclusion target in <filename>pg_hba.conf</> and related files
+      (Tom)
+     </para>
+    </listitem>
+
+    <listitem>
+     <para>
+      Fix plpgsql failure in one case where a composite column is set to NULL
+      (Tom)
+     </para>
+    </listitem>
+
+    <listitem>
+     <para>
+      Add <literal>volatile</> markings in PL/Python to avoid possible
+      compiler-specific misbehavior (Zdenek Kotala)
+     </para>
+    </listitem>
+
+    <listitem>
+     <para>
+      Ensure PL/Tcl initializes the Tcl interpreter fully (Tom)
+     </para>
+
+     <para>
+      The only known symptom of this oversight is that the Tcl
+      <literal>clock</> command misbehaves if using Tcl 8.5 or later.
+     </para>
+    </listitem>
+
+    <listitem>
+     <para>
+      Prevent crash in <filename>contrib/dblink</> when too many key
+      columns are specified to a <function>dblink_build_sql_*</> function
+      (Rushabh Lathia, Joe Conway)
+     </para>
+    </listitem>
+
+    <listitem>
+     <para>
+      Fix assorted crashes in <filename>contrib/xml2</> caused by sloppy
+      memory management (Tom)
+     </para>
+    </listitem>
+
+    <listitem>
+     <para>
+      Update time zone data files to <application>tzdata</> release 2010e
+      for DST law changes in Bangladesh, Chile, Fiji, Mexico, Paraguay, Samoa.
+     </para>
+    </listitem>
+
+   </itemizedlist>
+
+  </sect2>
+ </sect1>
+
  <sect1 id="release-8-0-23">
   <title>Release 8.0.23</title>