Release date: 2011-09-26
This release contains a variety of fixes from 9.0.4. For information about new features in the 9.0 major release, see Section E.125, « Release 9.0 ».
A dump/restore is not required for those running 9.0.X.
However, if you are upgrading from a version earlier than 9.0.4, see Section E.121, « Release 9.0.4 ».
Fix catalog cache invalidation after a VACUUM FULL or CLUSTER on a system catalog (Tom Lane)
In some cases the relocation of a system catalog row to another place would not be recognized by concurrent server processes, allowing catalog corruption to occur if they then tried to update that row. The worst-case outcome could be as bad as complete loss of a table.
Fix incorrect order of operations during sinval reset processing, and ensure that TOAST OIDs are preserved in system catalogs (Tom Lane)
These mistakes could lead to transient failures after a VACUUM FULL or CLUSTER on a system catalog.
Fix bugs in indexing of in-doubt HOT-updated tuples (Tom Lane)
These bugs could result in index corruption after reindexing a system catalog. They are not believed to affect user indexes.
Fix multiple bugs in GiST index page split processing (Heikki Linnakangas)
The probability of occurrence was low, but these could lead to index corruption.
Fix possible buffer overrun in tsvector_concat() (Tom Lane)
The function could underestimate the amount of memory needed for its result, leading to server crashes.
Fix crash in xml_recv when processing a « standalone » parameter (Tom Lane)
Make pg_options_to_table return NULL for an option with no value (Tom Lane)
Previously such cases would result in a server crash.
Avoid possibly accessing off the end of memory in ANALYZE and in SJIS-2004 encoding conversion (Noah Misch)
This fixes some very-low-probability server crash scenarios.
Protect pg_stat_reset_shared() against NULL input (Magnus Hagander)
Fix possible failure when a recovery conflict deadlock is detected within a sub-transaction (Tom Lane)
Avoid spurious conflicts while recycling btree index pages during hot standby (Noah Misch, Simon Riggs)
Shut down WAL receiver if it's still running at end of recovery (Heikki Linnakangas)
The postmaster formerly panicked in this situation, but it's actually a legitimate case.
Fix race condition in relcache init file invalidation (Tom Lane)
There was a window wherein a new backend process could read a stale init file but miss the inval messages that would tell it the data is stale. The result would be bizarre failures in catalog accesses, typically « could not read block 0 in file ... » later during startup.
Fix memory leak at end of a GiST index scan (Tom Lane)
Commands that perform many separate GiST index scans, such as verification of a new GiST-based exclusion constraint on a table already containing many rows, could transiently require large amounts of memory due to this leak.
Fix memory leak when encoding conversion has to be done on incoming command strings and LISTEN is active (Tom Lane)
Fix incorrect memory accounting (leading to possible memory bloat) in tuplestores supporting holdable cursors and plpgsql's RETURN NEXT command (Tom Lane)
Fix trigger WHEN conditions when both BEFORE and AFTER triggers exist (Tom Lane)
Evaluation of WHEN conditions for AFTER ROW UPDATE triggers could crash if there had been a BEFORE ROW trigger fired for the same update.
Fix performance problem when constructing a large, lossy bitmap (Tom Lane)
Fix join selectivity estimation for unique columns (Tom Lane)
This fixes an erroneous planner heuristic that could lead to poor estimates of the result size of a join.
Fix nested PlaceHolderVar expressions that appear only in sub-select target lists (Tom Lane)
This mistake could result in outputs of an outer join incorrectly appearing as NULL.
Allow the planner to assume that empty parent tables really are empty (Tom Lane)
Normally an empty table is assumed to have a certain minimum size for planning purposes; but this heuristic seems to do more harm than good for the parent table of an inheritance hierarchy, which often is permanently empty.
Allow nested EXISTS queries to be optimized properly (Tom Lane)
Fix array- and path-creating functions to ensure padding bytes are zeroes (Tom Lane)
This avoids some situations where the planner will think that semantically-equal constants are not equal, resulting in poor optimization.
Fix EXPLAIN to handle gating Result nodes within inner-indexscan subplans (Tom Lane)
The usual symptom of this oversight was « bogus varno » errors.
Fix btree preprocessing of indexedcol IS NULL conditions (Dean Rasheed)
Such a condition is unsatisfiable if combined with any other type of btree-indexable condition on the same index column. The case was handled incorrectly in 9.0.0 and later, leading to query output where there should be none.
Work around gcc 4.6.0 bug that breaks WAL replay (Tom Lane)
This could lead to loss of committed transactions after a server crash.
Fix dump bug for VALUES in a view (Tom Lane)
Disallow SELECT FOR UPDATE/SHARE on sequences (Tom Lane)
This operation doesn't work as expected and can lead to failures.
Fix VACUUM so that it always updates pg_class.reltuples/relpages (Tom Lane)
This fixes some scenarios where autovacuum could make increasingly poor decisions about when to vacuum tables.
Defend against integer overflow when computing size of a hash table (Tom Lane)
Fix cases where CLUSTER might attempt to access already-removed TOAST data (Tom Lane)
Fix premature timeout failures during initial authentication transaction (Tom Lane)
Fix portability bugs in use of credentials control messages for « peer » authentication (Tom Lane)
Fix SSPI login when multiple roundtrips are required (Ahmed Shinwari, Magnus Hagander)
The typical symptom of this problem was « The function requested is not supported » errors during SSPI login.
Fix failure when adding a new variable of a custom variable class to postgresql.conf (Tom Lane)
Throw an error if pg_hba.conf contains hostssl but SSL is disabled (Tom Lane)
This was concluded to be more user-friendly than the previous behavior of silently ignoring such lines.
Fix failure when DROP OWNED BY attempts to remove default privileges on sequences (Shigeru Hanada)
Fix typo in pg_srand48 seed initialization (Andres Freund)
This led to failure to use all bits of the provided seed. This function is not used on most platforms (only those without srandom), and the potential security exposure from a less-random-than-expected seed seems minimal in any case.
Avoid integer overflow when the sum of LIMIT and OFFSET values exceeds 2^63 (Heikki Linnakangas)
Add overflow checks to int4 and int8 versions of generate_series() (Robert Haas)
Fix trailing-zero removal in to_char() (Marti Raudsepp)
In a format with FM and no digit positions after the decimal point, zeroes to the left of the decimal point could be removed incorrectly.
Fix pg_size_pretty() to avoid overflow for inputs close to 2^63 (Tom Lane)
Weaken plpgsql's check for typmod matching in record values (Tom Lane)
An overly enthusiastic check could lead to discarding length modifiers that should have been kept.
Correctly handle quotes in locale names during initdb (Heikki Linnakangas)
The case can arise with some Windows locales, such as « People's Republic of China ».
In pg_upgrade, avoid dumping orphaned temporary tables (Bruce Momjian)
This prevents situations wherein table OID assignments could get out of sync between old and new installations.
Fix pg_upgrade to preserve toast tables' relfrozenxids during an upgrade from 8.3 (Bruce Momjian)
Failure to do this could lead to pg_clog files being removed too soon after the upgrade.
In pg_upgrade, fix the -l (log) option to work on Windows (Bruce Momjian)
In pg_ctl, support silent mode for service registrations on Windows (MauMau)
Fix psql's counting of script file line numbers during COPY from a different file (Tom Lane)
Fix pg_restore's direct-to-database mode for standard_conforming_strings (Tom Lane)
pg_restore could emit incorrect commands when restoring directly to a database server from an archive file that had been made with standard_conforming_strings set to on.
Be more user-friendly about unsupported cases for parallel pg_restore (Tom Lane)
This change ensures that such cases are detected and reported before any restore actions have been taken.
Fix write-past-buffer-end and memory leak in libpq's LDAP service lookup code (Albe Laurenz)
In libpq, avoid failures when using nonblocking I/O and an SSL connection (Martin Pihlak, Tom Lane)
Improve libpq's handling of failures during connection startup (Tom Lane)
In particular, the response to a server report of fork() failure during SSL connection startup is now saner.
Improve libpq's error reporting for SSL failures (Tom Lane)
Fix PQsetvalue() to avoid possible crash when adding a new tuple to a PGresult originally obtained from a server query (Andrew Chernow)
Make ecpglib write double values with 15 digits precision (Akira Kurosawa)
In ecpglib, be sure LC_NUMERIC setting is restored after an error (Michael Meskes)
Apply upstream fix for blowfish signed-character bug (CVE-2011-2483) (Tom Lane)
contrib/pg_crypto's blowfish encryption code could give wrong results on platforms where char is signed (which is most), leading to encrypted passwords being weaker than they should be.
Fix memory leak in contrib/seg (Heikki Linnakangas)
Fix pgstatindex() to give consistent results for empty indexes (Tom Lane)
Allow building with perl 5.14 (Alex Hunsaker)
Fix assorted issues with build and install file paths containing spaces (Tom Lane)
Update time zone data files to tzdata release 2011i for DST law changes in Canada, Egypt, Russia, Samoa, and South Sudan.