PostgreSQL全球开发小组发布了数据库系统支持的版本更新,包括10.1,9.6.6,9.5.10,9.4.15,9.3.20和9.2.24。此版本修复了三个安全问题。此版本还修复了在过去三个月中报告的BRIN索引,逻辑复制和其他错误中发现的问题。 这个版本已经修复了三个安全漏洞: CVE-2017-12172:启动脚本允许数据库管理员修改根文件 CVE-2017-15098:JSON函数中的内存泄露 CVE-2017-15099:INSERT ... ON CONFLICT DO UPDATE无法强制执行SELECT权限 bug修复和改进: Fix a race condition in BRIN indexing that could cause some rows to not be included in the indexing. Fix crash when logical decoding is invoked from a PL language function. Several fixes for logical replication. Restored behavior for CTEs attached to INSERT/UPDATE/DELETE statements to pre-version 10. Prevent low-probability crash in processing of nested trigger firings. Do not evaluate an aggregate function's argument expressions when the conditions in the FILTER clause evaluate to FALSE. This complies with SQL-standard behavior. Fix incorrect query results when multiple GROUPING SETS columns contain the same simple variable. 完整更新内容请查看发布主页。 下载地址:https://www.postgresql.org/download PostgreSQL 六版齐发,修复 3 个安全漏洞下载地址
