Release date: 2007-02-05
This release contains a variety of fixes from 8.2.1, including a security fix.
A dump/restore is not required for those running 8.2.X.
Remove security vulnerabilities that allowed connected users to read backend memory (Tom)
The vulnerabilities involve suppressing the normal check that a SQL function returns the data type it's declared to, and changing the data type of a table column (CVE-2007-0555, CVE-2007-0556). These errors can easily be exploited to cause a backend crash, and in principle might be used to read database content that the user should not be able to access.
Fix not-so-rare-anymore bug wherein btree index page splits could fail due to choosing an infeasible split point (Heikki Linnakangas)
Fix Borland C compile scripts (L Bayuk)
for years ending in
Year 2000 is in the twentieth century, not the twenty-first.
/contrib/tsearch2 localization improvements (Tatsuo, Teodor)
Fix incorrect permission check in information_schema.key_column_usage view (Tom)
The symptom is "relation with OID nnnnn does not exist" errors. To get this fix without using initdb , use CREATE OR REPLACE VIEW to install the corrected definition found in share/information_schema.sql . Note you will need to do this in each database.
Improve VACUUM performance for databases with many tables (Tom)
Fix for rare Assert() crash triggered by UNION (Tom)
Fix potentially incorrect results from index searches using ROW inequality conditions (Tom)
Tighten security of multi-byte character processing for UTF8 sequences over three bytes long (Tom)
Fix bogus "permission denied" failures occurring on Windows due to attempts to fsync already-deleted files (Magnus, Tom)
Fix bug that could cause the statistics collector to hang on Windows (Magnus)
This would in turn lead to autovacuum not working.
Fix possible crashes when an already-in-use PL/pgSQL function is updated (Tom)
Improve PL/pgSQL handling of domain types (Sergiy Vyshnevetskiy, Tom)
Fix possible errors in processing PL/pgSQL exception blocks (Tom)