955b7d13bc
2018-02-08 Security Update Release ================================== The PostgreSQL Global Development Group has released an update to all supported versions of our database system, including 10.2, 9.6.7, 9.5.11, 9.4.16, 9.3.21. This release fixes two security issues. This release also fixes issues with VACUUM, GIN indexes, and hash indexes that could lead to data corruption, as well as fixes for using parallel queries and logical replication. All users using the affected versions of PostgreSQL should update as soon as possible. Please see the notes on "Updating" below for any post-update steps that may be required. Please note that PostgreSQL changed its versioning scheme with the release of version 10.0, so updating to version 10.2 from 10.0 or 10.1 is considered a minor update. Security Issues --------------- Two security vulnerabilities have been fixed by this release: * CVE-2018-1052: Fix the processing of partition keys containing multiple expressions * CVE-2018-1053: Ensure that all temporary files made with "pg_upgrade" are non-world-readable Local fixes to the FreeBSD ports -------------------------------- Inform users about data checksums [1]. Make sure /usr/bin/su is used regardless of PATH settings [2]. Enable DTRACE by default [3]. PR: 214671 [1], 223157 [2], 215028 [3] Security: c602c791-0cf4-11e8-a2ec-6cc21735f730 |
||
---|---|---|
.. | ||
502.pgsql.in | ||
dot.cshrc.in | ||
dot.profile.in | ||
patch-doc-Makefile | ||
patch-doc-src-sgml-Makefile | ||
patch-src_backend_utils_misc_postgresql.conf.sample | ||
patch-src-backend-Makefile | ||
patch-src-Makefile.shlib | ||
pkg-message-client.in | ||
pkg-message-contrib.in | ||
pkg-message-plperl.in | ||
pkg-message-plpython.in | ||
pkg-message-pltcl.in | ||
pkg-message-server.in | ||
pkgIndex.tcl.in | ||
postgresql.in |