Jump to:
Fix usage of complex connection-string parameters in pg_dump, pg_restore, clusterdb, reindexdb, and vacuumdb (Tom Lane)
The -d parameter of pg_dump and pg_restore, or the --maintenance-db parameter of the other programs mentioned, can be a “connection string” containing multiple connection parameters rather than just a database name. In cases where these programs need to initiate additional connections, such as parallel processing or processing of multiple databases, the connection string was forgotten and just the basic connection parameters (database name, host, port, and username) were used for the additional connections. This could lead to connection failures if the connection string included any other essential information, such as non-default SSL or GSS parameters. Worse, the connection might succeed but not be encrypted as intended, or be vulnerable to man-in-the-middle attacks that the intended connection parameters would have prevented. (CVE-2020-25694)
Fix permissions checks in CREATE INDEX (Nathan Bossart, Noah Misch)
The fix for CVE-2022-1552 caused CREATE INDEX to apply the table owner's permissions while performing lookups of operator classes and other objects, where formerly the calling user's permissions were used. This broke dump/restore scenarios, because pg_dump issues CREATE INDEX before re-granting permissions.
| Config parameter: | Default value: |
|---|---|
| force_parallel_mode | off |
| operator_precedence_warning | off |
| promote_trigger_file | |
| stats_temp_directory | pg_stat_tmp |
| vacuum_cleanup_index_scale_factor | 0.1 |
| vacuum_defer_cleanup_age | 0 |
| wal_keep_segments | 0 |
| Config parameter: | Default value in Pg 12: | Default value in Pg 16.2: |
|---|---|---|
| checkpoint_completion_target | 0.5 | 0.9 |
| log_autovacuum_min_duration | -1 | 600000 |
| log_checkpoints | off | on |
| password_encryption | md5 | scram-sha-256 |
| ssl_min_protocol_version | TLSv1 | TLSv1.2 |
| vacuum_cost_page_miss | 10 | 2 |
⇑ Upgrade to 12.1 released on 2019-11-14 - docs
Fix scheduling of parallel restore of a foreign key constraint on a partitioned table (Álvaro Herrera)
pg_dump failed to emit full dependency information for partitioned tables' foreign keys. This could allow parallel pg_restore to try to recreate a foreign key constraint too soon.
⇑ Upgrade to 12.2 released on 2020-02-13 - docs
Fix parallel pg_dump/pg_restore to more gracefully handle failure to create worker processes (Tom Lane)
⇑ Upgrade to 12.3 released on 2020-05-14 - docs
Fix pg_dump to dump comments on RLS policy objects (Tom Lane)
⇑ Upgrade to 12.4 released on 2020-08-13 - docs
Make pg_restore cope with data-offset-less custom-format archive files when it needs to restore data items out of order (David Gilman, Tom Lane)
pg_dump will produce such files if it cannot seek its output (for example, if the output is piped to something). This fix primarily improves the ability to do a parallel restore from such a file.
Fix parallel restore of tables having both table-level privileges and per-column privileges (Tom Lane)
The table-level privilege grants have to be applied first, but a parallel restore did not reliably order them that way; this could lead to “tuple concurrently updated” errors, or to disappearance of some per-column privilege grants. The fix for this is to include dependency links between such entries in the archive file, meaning that a new dump has to be taken with a corrected pg_dump to ensure that the problem will not recur.
⇑ Upgrade to 13.1 released on 2020-11-12 - docs
Fix usage of complex connection-string parameters in pg_dump, pg_restore, clusterdb, reindexdb, and vacuumdb (Tom Lane)
The -d parameter of pg_dump and pg_restore, or the --maintenance-db parameter of the other programs mentioned, can be a “connection string” containing multiple connection parameters rather than just a database name. In cases where these programs need to initiate additional connections, such as parallel processing or processing of multiple databases, the connection string was forgotten and just the basic connection parameters (database name, host, port, and username) were used for the additional connections. This could lead to connection failures if the connection string included any other essential information, such as non-default SSL or GSS parameters. Worse, the connection might succeed but not be encrypted as intended, or be vulnerable to man-in-the-middle attacks that the intended connection parameters would have prevented. (CVE-2020-25694)
⇑ Upgrade to 13.2 released on 2021-02-11 - docs
Fix pg_dump's dumping of inherited generated columns (Peter Eisentraut)
The previous behavior resulted in (harmless) errors during restore.
Fix pg_dump to handle WITH GRANT OPTION in an extension's initial privileges (Noah Misch)
If an extension's script creates an object and grants privileges on it with grant option, then later the user revokes such privileges, pg_dump would generate incorrect SQL for reproducing the situation. (Few if any extensions do this today.)
⇑ Upgrade to 13.3 released on 2021-05-13 - docs
Fix pg_dump's dumping of generated columns in partitioned tables (Peter Eisentraut)
A fix introduced in the previous minor release should not be applied to partitioned tables, only traditionally-inherited tables.
⇑ Upgrade to 13.4 released on 2021-08-12 - docs
Fix pg_dump to correctly handle triggers on partitioned tables whose enabled status is different from their parent triggers' status (Justin Pryzby, Álvaro Herrera)
⇑ Upgrade to 14.1 released on 2021-11-11 - docs
Fix pg_dump to dump non-global default privileges correctly (Neil Chen, Masahiko Sawada)
If a global (unrestricted) ALTER DEFAULT PRIVILEGES command revoked some present-by-default privilege, for example EXECUTE for functions, and then a restricted ALTER DEFAULT PRIVILEGES command granted that privilege again for a selected role or schema, pg_dump failed to dump the restricted privilege grant correctly.
Fix crash in pg_dump when attempting to dump trigger definitions from a pre-8.3 server (Tom Lane)
⇑ Upgrade to 14.2 released on 2022-02-10 - docs
Fix pg_dump's dump ordering for user-defined casts (Tom Lane)
In rare cases, the output script might refer to a user-defined cast before it had been created.
Fix pg_dump's --inserts and --column-inserts modes to handle tables containing both generated columns and dropped columns (Tom Lane)
Fix possible mis-reporting of errors in pg_dump and pg_basebackup (Tom Lane)
The previous code failed to check for errors from some kernel calls, and could report the wrong errno values in other cases.
⇑ Upgrade to 14.5 released on 2022-08-11 - docs
Fix permissions checks in CREATE INDEX (Nathan Bossart, Noah Misch)
The fix for CVE-2022-1552 caused CREATE INDEX to apply the table owner's permissions while performing lookups of operator classes and other objects, where formerly the calling user's permissions were used. This broke dump/restore scenarios, because pg_dump issues CREATE INDEX before re-granting permissions.
⇑ Upgrade to 15.1 released on 2022-11-10 - docs
Fix pg_dump's failure to dump comments attached to some CHECK constraints (Tom Lane)
⇑ Upgrade to 15.3 released on 2023-05-11 - docs
Fix pg_dump so that partitioned tables that are hash-partitioned on an enum-type column can be restored successfully (Tom Lane)
Since the hash codes for enum values depend on the OIDs assigned to the enum, they are typically different after a dump and restore, meaning that rows often need to go into a different partition than they were in originally. Users can work around that by specifying the --load-via-partition-root option; but since there is very little chance of success without that, teach pg_dump to apply it automatically to such tables.
Also, fix pg_restore to not try to TRUNCATE target tables before restoring into them when --load-via-partition-root mode is used. This avoids a hazard of deadlocks and lost data.
⇑ Upgrade to 15.4 released on 2023-08-10 - docs
Fix pg_dump to correctly handle new-style SQL-language functions whose bodies require parse-time dependencies on unique indexes (Tom Lane)
Such cases can arise from GROUP BY and ON CONFLICT clauses, for example. The function must then be postponed until after the unique index in the dump output, but pg_dump did not do that and instead printed a warning about “could not resolve dependency loop”.
⇑ Upgrade to 16.1 released on 2023-11-09 - docs
Fix pg_dump to dump the new run_as_owner option of subscriptions (Philip Warner)
Due to this oversight, subscriptions would always be restored with run_as_owner set to false, which is not equivalent to their behavior in pre-v16 releases.