Jump to:
Remove public execute privilege from contrib/adminpack's pg_logfile_rotate() function (Stephen Frost)
pg_logfile_rotate() is a deprecated wrapper for the core function pg_rotate_logfile(). When that function was changed to rely on SQL privileges for access control rather than a hard-coded superuser check, pg_logfile_rotate() should have been updated as well, but the need for this was missed. Hence, if adminpack is installed, any user could request a logfile rotation, creating a minor security issue.
After installing this update, administrators should update adminpack by performing ALTER EXTENSION adminpack UPDATE in each database in which adminpack is installed. (CVE-2018-1115)
⇑ Upgrade to 9.1 released on 2011-09-12 - docs
Add XML
functions xml_is_well_formed(),
xml_is_well_formed_document(),
xml_is_well_formed_content() (Mike
Fowler)
These check whether the input is properly-formed
XML. They provide
functionality that was previously available only in
the deprecated contrib/xml2 module.
Mark createlang and droplang as deprecated now that they just invoke extension commands (Tom Lane)
⇑ Upgrade to 9.1.3 released on 2012-02-27 - docs
Use __sync_lock_test_and_set() for
spinlocks on ARM, if available (Martin Pitt)
This function replaces our previous use of the
SWPB instruction, which is
deprecated and not available on ARMv6 and later. Reports
suggest that the old code doesn't fail in an obvious way
on recent ARM boards, but simply doesn't interlock
concurrent accesses, leading to bizarre failures in
multiprocess operation.
⇑ Upgrade to 9.3.3 released on 2014-02-20 - docs
Avoid using the deprecated dllwrap tool in Cygwin builds (Marco
Atzeri)
⇑ Upgrade to 9.4 released on 2014-12-18 - docs
Remove native support for Kerberos authentication (--with-krb5, etc) (Magnus Hagander)
The supported way to use Kerberos authentication is with GSSAPI. The native code has been deprecated since PostgreSQL 8.3.
⇑ Upgrade to 9.5 released on 2016-01-07 - docs
Decommission server configuration parameter ssl_renegotiation_limit, which was deprecated in earlier releases (Andres Freund)
While SSL renegotiation is a good idea in theory, it has caused enough bugs to be considered a net negative in practice, and it is due to be removed from future versions of the relevant standards. We have therefore removed support for it from PostgreSQL. The ssl_renegotiation_limit parameter still exists, but cannot be set to anything but zero (disabled). It's not documented anymore, either.
Remove server configuration parameter autocommit, which was already deprecated and non-operational (Tom Lane)
Add libpq functions to return SSL information in an implementation-independent way (Heikki Linnakangas)
While PQgetssl() can still be used to call OpenSSL functions, it is now considered deprecated because future versions of libpq might support other SSL implementations. When possible, use the new functions PQsslAttribute(), PQsslAttributeNames(), and PQsslInUse() to obtain SSL information in an SSL-implementation-independent way.
⇑ Upgrade to 9.6 released on 2016-09-29 - docs
Remove the long-deprecated CREATEUSER/NOCREATEUSER options from CREATE ROLE and allied commands (Tom Lane)
CREATEUSER actually meant SUPERUSER, for ancient backwards-compatibility reasons. This has been a constant source of confusion for people who (reasonably) expect it to mean CREATEROLE. It has been deprecated for ten years now, so fix the problem by removing it.
Add macros to make AllocSetContextCreate() calls simpler and safer (Tom Lane)
Writing out the individual sizing parameters for a memory context is now deprecated in favor of using one of the new macros ALLOCSET_DEFAULT_SIZES, ALLOCSET_SMALL_SIZES, or ALLOCSET_START_SMALL_SIZES. Existing code continues to work, however.
Add configuration parameter pg_trgm.similarity_threshold for contrib/pg_trgm's similarity threshold (Artur Zakirov)
This threshold has always been configurable, but formerly it was controlled by special-purpose functions set_limit() and show_limit(). Those are now deprecated.
⇑ Upgrade to 10 released on 2017-10-05 - docs
Remove createlang and droplang command-line applications (Peter Eisentraut)
These had been deprecated since PostgreSQL 9.1. Instead, use CREATE EXTENSION and DROP EXTENSION directly.
Remove support for version-0 function calling conventions (Andres Freund)
Extensions providing C-coded functions must now conform to version 1 calling conventions. Version 0 has been deprecated since 2001.
⇑ Upgrade to 10.2 released on 2018-02-08 - docs
Provide modern examples of how to auto-start Postgres on macOS (Tom Lane)
The scripts in contrib/start-scripts/osx use infrastructure that's been deprecated for over a decade, and which no longer works at all in macOS releases of the last couple of years. Add a new subdirectory contrib/start-scripts/macos containing scripts that use the newer launchd infrastructure.
⇑ Upgrade to 10.4 released on 2018-05-10 - docs
Remove public execute privilege from contrib/adminpack's pg_logfile_rotate() function (Stephen Frost)
pg_logfile_rotate() is a deprecated wrapper for the core function pg_rotate_logfile(). When that function was changed to rely on SQL privileges for access control rather than a hard-coded superuser check, pg_logfile_rotate() should have been updated as well, but the need for this was missed. Hence, if adminpack is installed, any user could request a logfile rotation, creating a minor security issue.
After installing this update, administrators should update adminpack by performing ALTER EXTENSION adminpack UPDATE in each database in which adminpack is installed. (CVE-2018-1115)
⇑ Upgrade to 11 released on 2018-10-18 - docs
Remove deprecated adminpack functions pg_file_read(), pg_file_length(), and pg_logfile_rotate() (Stephen Frost)
Equivalent functionality is now present in the core backend. Existing adminpack installs will continue to have access to these functions until they are updated via ALTER EXTENSION ... UPDATE.