PostgreSQL 9.0.4 Documentation | ||||
---|---|---|---|---|
Prev | Fast Backward | Appendix E. Release Notes | Fast Forward | Next |
Release date: 2007-04-23
This release contains fixes from 7.3.18, including a security fix.
A dump/restore is not required for those running 7.3.X. However, if you are upgrading from a version earlier than 7.3.13, see the release notes for 7.3.13.
Support explicit placement of the temporary-table schema within search_path, and disable searching it for functions and operators (Tom)
This is needed to allow a security-definer function to set a truly secure value of search_path. Without it, an unprivileged SQL user can use temporary objects to execute code with the privileges of the security-definer function (CVE-2007-2138). See CREATE FUNCTION for more information.
Fix potential-data-corruption bug in how VACUUM FULL handles UPDATE chains (Tom, Pavan Deolasee)