PostgreSQL 10.3, 9.6.8, 9.5.12, 9.4.17 和 9.3.22 全系列更新发布。本次更新主要是解决 CVE-2018-1058 漏洞,对该漏洞的描述为,用户可在不同的 schema 中创建 like-named 对象,而这些 schema 会改变其他用户查询的行为并导致意外或恶意的行为发生,即我们常说的木马攻击。 其他 Bug 修复和改进: Prevent logical replication from trying to replicate changes for unpublishable relations, such as materialized views and the "information_schema" tables Fix for a common table expression (WITH clause) returning correct results when being referenced in a subplan where there are concurrent-update rechecks Fix for an unexpected query planner error in certain cases where there are overlapping merge join clauses in an OUTER JOIN. Fix for potential data corruption with materialized views after running pg_upgrade. If receiving errors such as "could not access status of transaction" or "found xmin from before relfrozenxid" on materialized views, please use "REFRESH MATERIALIZED VIEW" without "CONCURRENTLY" to fix. Several fix for pg_dump, including a fix to help with the future work of cross-table statistics Fix for reporting a PL/Python stack trace relative to inner PL/Python functions Allow contrib/auto_explain to range up to INT_MAX, which is about 24 days Mark assorted configuration variables as PGDLLIMPORT, to ease porting extension modules to Windows 官方新闻:https://www.postgresql.org/about/news/1834/ 下载地址:https://www.postgresql.org/download/ PostgreSQL 10.3, 9.6.8, 9.5.12, 9.4.17 和 9.3.22 发布下载地址
