PostgreSQL 9.5 Beta 1 及各版本安全更新发布
PostgreSQL 9.5 Beta 1 发布,主要更新内容如下:
-
significant adjustments to Row Level Security (RLS) semantics
-
deadlock with LWLock improvements
-
index corruption issue with BRIN indexes
-
couldn't connect using PGSSLMODE=require on Windows
-
various problems with commit timestamp tracking
-
hash join memory leak
-
inconsistent behavior of jsonb_set with array append
详情请看:发行说明。
同时还发布了对所有支持版本的更新,包括9.4.5, 9.3.10, 9.2.14, 9.1.19 和 9.0.23,主要安全更新如下:
CVE-2015-5289: json or jsonb input values constructed from arbitrary user input can crash the PostgreSQL server and cause a denial of service.
CVE-2015-5288: The crypt() function included with the optional pgCrypto extension could be exploited to read a few additional bytes of memory. No working exploit for this issue has been developed.
更多内容请看:这里。
来自:http://www.oschina.net/news/66900/postgresql-9-5-beta1