Update release notes for 9.1.5, 9.0.9, 8.4.13, 8.3.20.

1 files changed, 387 insertions, 0 deletions

diff --git a/doc/src/sgml/release-9.1.sgml b/doc/src/sgml/release-9.1.sgml
index b65e8daa13..a65d7fb635 100644
--- a/doc/src/sgml/release-9.1.sgml
+++ b/doc/src/sgml/release-9.1.sgml
@@ -1,6 +1,393 @@
 <!-- doc/src/sgml/release-9.1.sgml -->
 <!-- See header comment in release.sgml about typical markup -->
 
+ <sect1 id="release-9-1-5">
+  <title>Release 9.1.5</title>
+
+  <note>
+  <title>Release Date</title>
+  <simpara>2012-08-17</simpara>
+  </note>
+
+  <para>
+   This release contains a variety of fixes from 9.1.4.
+   For information about new features in the 9.1 major release, see
+   <xref linkend="release-9-1">.
+  </para>
+
+  <sect2>
+   <title>Migration to Version 9.1.5</title>
+
+   <para>
+    A dump/restore is not required for those running 9.1.X.
+   </para>
+
+   <para>
+    However, if you are upgrading from a version earlier than 9.1.4,
+    see the release notes for 9.1.4.
+   </para>
+
+  </sect2>
+
+  <sect2>
+   <title>Changes</title>
+
+   <itemizedlist>
+
+    <listitem>
+     <para>
+      Prevent access to external files/URLs via XML entity references
+      (Noah Misch, Tom Lane)
+     </para>
+
+     <para>
+      <function>xml_parse()</> would attempt to fetch external files or
+      URLs as needed to resolve DTD and entity references in an XML value,
+      thus allowing unprivileged database users to attempt to fetch data
+      with the privileges of the database server.  While the external data
+      wouldn't get returned directly to the user, portions of it could be
+      exposed in error messages if the data didn't parse as valid XML; and
+      in any case the mere ability to check existence of a file might be
+      useful to an attacker.  (CVE-2012-3489)
+     </para>
+    </listitem>
+
+    <listitem>
+     <para>
+      Prevent access to external files/URLs via <filename>contrib/xml2</>'s
+      <function>xslt_process()</> (Peter Eisentraut)
+     </para>
+
+     <para>
+      <application>libxslt</> offers the ability to read and write both
+      files and URLs through stylesheet commands, thus allowing
+      unprivileged database users to both read and write data with the
+      privileges of the database server.  Disable that through proper use
+      of <application>libxslt</>'s security options.  (CVE-2012-3488)
+     </para>
+
+     <para>
+      Also, remove <function>xslt_process()</>'s ability to fetch documents
+      and stylesheets from external files/URLs.  While this was a
+      documented <quote>feature</>, it was long regarded as a bad idea.
+      The fix for CVE-2012-3489 broke that capability, and rather than
+      expend effort on trying to fix it, we're just going to summarily
+      remove it.
+     </para>
+    </listitem>
+
+    <listitem>
+     <para>
+      Prevent too-early recycling of btree index pages (Noah Misch)
+     </para>
+
+     <para>
+      When we allowed read-only transactions to skip assigning XIDs, we
+      introduced the possibility that a deleted btree page could be
+      recycled while a read-only transaction was still in flight to it.
+      This would result in incorrect index search results.  The probability
+      of such an error occurring in the field seems very low because of the
+      timing requirements, but nonetheless it should be fixed.
+     </para>
+    </listitem>
+
+    <listitem>
+     <para>
+      Fix crash-safety bug with newly-created-or-reset sequences (Tom Lane)
+     </para>
+
+     <para>
+      If <command>ALTER SEQUENCE</> was executed on a freshly created or
+      reset sequence, and then precisely one <function>nextval()</> call
+      was made on it, and then the server crashed, WAL replay would restore
+      the sequence to a state in which it appeared that no
+      <function>nextval()</> had been done, thus allowing the first
+      sequence value to be returned again by the next
+      <function>nextval()</> call.  In particular this could manifest for
+      <type>serial</> columns, since creation of a serial column's sequence
+      includes an <command>ALTER SEQUENCE OWNED BY</> step.
+     </para>
+    </listitem>
+
+    <listitem>
+     <para>
+      Fix race condition in <literal>enum</>-type value comparisons (Robert
+      Haas, Tom Lane)
+     </para>
+
+     <para>
+      Comparisons could fail when encountering an enum value added since
+      the current query started.
+     </para>
+    </listitem>
+
+    <listitem>
+     <para>
+      Fix <function>txid_current()</> to report the correct epoch when not
+      in hot standby (Heikki Linnakangas)
+     </para>
+
+     <para>
+      This fixes a regression introduced in the previous minor release.
+     </para>
+    </listitem>
+
+    <listitem>
+     <para>
+      Prevent selection of unsuitable replication connections as
+      the synchronous standby (Fujii Masao)
+     </para>
+
+     <para>
+      The master might improperly choose pseudo-servers such as
+      <application>pg_receivexlog</> or <application>pg_basebackup</>
+      as the synchronous standby, and then wait indefinitely for them.
+     </para>
+    </listitem>
+
+    <listitem>
+     <para>
+      Fix bug in startup of Hot Standby when a master transaction has many
+      subtransactions (Andres Freund)
+     </para>
+
+     <para>
+      This mistake led to failures reported as <quote>out-of-order XID
+      insertion in KnownAssignedXids</>.
+     </para>
+    </listitem>
+
+    <listitem>
+     <para>
+      Ensure the <filename>backup_label</> file is fsync'd after
+      <function>pg_start_backup()</> (Dave Kerr)
+     </para>
+    </listitem>
+
+    <listitem>
+     <para>
+      Fix timeout handling in walsender processes (Tom Lane)
+     </para>
+
+     <para>
+      WAL sender background processes neglected to establish a
+      <systemitem>SIGALRM</> handler, meaning they would wait forever in
+      some corner cases where a timeout ought to happen.
+     </para>
+    </listitem>
+
+    <listitem>
+     <para>
+      Wake walsenders after each background flush by walwriter (Andres
+      Freund, Simon Riggs)
+     </para>
+
+     <para>
+      This greatly reduces replication delay when the workload contains
+      only asynchronously-committed transactions.
+     </para>
+    </listitem>
+
+    <listitem>
+     <para>
+      Fix <literal>LISTEN</>/<literal>NOTIFY</> to cope better with I/O
+      problems, such as out of disk space (Tom Lane)
+     </para>
+
+     <para>
+      After a write failure, all subsequent attempts to send more
+      <literal>NOTIFY</> messages would fail with messages like
+      <quote>Could not read from file "pg_notify/<replaceable>nnnn</>" at
+      offset <replaceable>nnnnn</>: Success</quote>.
+     </para>
+    </listitem>
+
+    <listitem>
+     <para>
+      Only allow autovacuum to be auto-canceled by a directly blocked
+      process (Tom Lane)
+     </para>
+
+     <para>
+      The original coding could allow inconsistent behavior in some cases;
+      in particular, an autovacuum could get canceled after less than
+      <literal>deadlock_timeout</> grace period.
+     </para>
+    </listitem>
+
+    <listitem>
+     <para>
+      Improve logging of autovacuum cancels (Robert Haas)
+     </para>
+    </listitem>
+
+    <listitem>
+     <para>
+      Fix log collector so that <literal>log_truncate_on_rotation</> works
+      during the very first log rotation after server start (Tom Lane)
+     </para>
+    </listitem>
+
+    <listitem>
+     <para>
+      Fix <literal>WITH</> attached to a nested set operation
+      (<literal>UNION</>/<literal>INTERSECT</>/<literal>EXCEPT</>)
+      (Tom Lane)
+     </para>
+    </listitem>
+
+    <listitem>
+     <para>
+      Ensure that a whole-row reference to a subquery doesn't include any
+      extra <literal>GROUP BY</> or <literal>ORDER BY</> columns (Tom Lane)
+     </para>
+    </listitem>
+
+    <listitem>
+     <para>
+      Fix dependencies generated during <literal>ALTER TABLE ... ADD
+      CONSTRAINT USING INDEX</> (Tom Lane)
+     </para>
+
+     <para>
+      This command left behind a redundant <structname>pg_depend</> entry
+      for the index, which could confuse later operations, notably
+      <literal>ALTER TABLE ... ALTER COLUMN TYPE</> on one of the indexed
+      columns.
+     </para>
+    </listitem>
+
+    <listitem>
+     <para>
+      Fix <command>REASSIGN OWNED</> to work on extensions (Alvaro Herrera)
+     </para>
+    </listitem>
+
+    <listitem>
+     <para>
+      Disallow copying whole-row references in <literal>CHECK</>
+      constraints and index definitions during <command>CREATE TABLE</>
+      (Tom Lane)
+     </para>
+
+     <para>
+      This situation can arise in <command>CREATE TABLE</> with
+      <literal>LIKE</> or <literal>INHERITS</>.  The copied whole-row
+      variable was incorrectly labeled with the row type of the original
+      table not the new one.  Rejecting the case seems reasonable for
+      <literal>LIKE</>, since the row types might well diverge later.  For
+      <literal>INHERITS</> we should ideally allow it, with an implicit
+      coercion to the parent table's row type; but that will require more
+      work than seems safe to back-patch.
+     </para>
+    </listitem>
+
+    <listitem>
+     <para>
+      Fix memory leak in <literal>ARRAY(SELECT ...)</> subqueries (Heikki
+      Linnakangas, Tom Lane)
+     </para>
+    </listitem>
+
+    <listitem>
+     <para>
+      Fix planner to pass correct collation to operator selectivity
+      estimators (Tom Lane)
+     </para>
+
+     <para>
+      This was not previously required by any core selectivity estimation
+      function, but third-party code might need it.
+     </para>
+    </listitem>
+
+    <listitem>
+     <para>
+      Fix extraction of common prefixes from regular expressions (Tom Lane)
+     </para>
+
+     <para>
+      The code could get confused by quantified parenthesized
+      subexpressions, such as <literal>^(foo)?bar</>.  This would lead to
+      incorrect index optimization of searches for such patterns.
+     </para>
+    </listitem>
+
+    <listitem>
+     <para>
+      Fix bugs with parsing signed
+      <replaceable>hh</><literal>:</><replaceable>mm</> and
+      <replaceable>hh</><literal>:</><replaceable>mm</><literal>:</><replaceable>ss</>
+      fields in <type>interval</> constants (Amit Kapila, Tom Lane)
+     </para>
+    </listitem>
+
+    <listitem>
+     <para>
+      Fix <application>pg_dump</> to better handle views containing partial
+      <literal>GROUP BY</> lists (Tom Lane)
+     </para>
+
+     <para>
+      A view that lists only a primary key column in <literal>GROUP BY</>,
+      but uses other table columns as if they were grouped, gets marked as
+      depending on the primary key.  Improper handling of such primary key
+      dependencies in <application>pg_dump</> resulted in poorly-ordered
+      dumps, which at best would be inefficient to restore and at worst
+      could result in outright failure of a parallel
+      <application>pg_restore</> run.
+     </para>
+    </listitem>
+
+    <listitem>
+     <para>
+      In PL/Perl, avoid setting UTF8 flag when in SQL_ASCII encoding
+      (Alex Hunsaker, Kyotaro Horiguchi, Alvaro Herrera)
+     </para>
+    </listitem>
+
+    <listitem>
+     <para>
+      Use Postgres' encoding conversion functions, not Python's, when
+      converting a Python Unicode string to the server encoding in
+      PL/Python (Jan Urbanski)
+     </para>
+
+     <para>
+      This avoids some corner-case problems, notably that Python doesn't
+      support all the encodings Postgres does.  A notable functional change
+      is that if the server encoding is SQL_ASCII, you will get the UTF-8
+      representation of the string; formerly, any non-ASCII characters in
+      the string would result in an error.
+     </para>
+    </listitem>
+
+    <listitem>
+     <para>
+      Fix mapping of PostgreSQL encodings to Python encodings in PL/Python
+      (Jan Urbanski)
+     </para>
+    </listitem>
+
+    <listitem>
+     <para>
+      Report errors properly in <filename>contrib/xml2</>'s
+      <function>xslt_process()</> (Tom Lane)
+     </para>
+    </listitem>
+
+    <listitem>
+     <para>
+      Update time zone data files to <application>tzdata</> release 2012e
+      for DST law changes in Morocco and Tokelau
+     </para>
+    </listitem>
+
+   </itemizedlist>
+
+  </sect2>
+ </sect1>
+
  <sect1 id="release-9-1-4">
   <title>Release 9.1.4</title>