postgrespro
diff --git a/‎configure
Lines changed: 10 additions & 10 deletions b/‎configure
Lines changed: 10 additions & 10 deletions
diff --git a/‎configure.in
Lines changed: 2 additions & 2 deletions b/‎configure.in
Lines changed: 2 additions & 2 deletions
diff --git a/‎contrib/adminpack/Makefile
Lines changed: 1 addition & 1 deletion b/‎contrib/adminpack/Makefile
Lines changed: 1 addition & 1 deletion
diff --git a/‎contrib/adminpack/adminpack--1.0--1.1.sql
Lines changed: 6 additions & 0 deletions b/‎contrib/adminpack/adminpack--1.0--1.1.sql
Lines changed: 6 additions & 0 deletions
diff --git a/‎contrib/adminpack/adminpack.control
Lines changed: 1 addition & 1 deletion b/‎contrib/adminpack/adminpack.control
Lines changed: 1 addition & 1 deletion
diff --git a/‎doc/bug.template
Lines changed: 1 addition & 1 deletion b/‎doc/bug.template
Lines changed: 1 addition & 1 deletion
diff --git a/‎doc/src/sgml/release-10.sgml
Lines changed: 53 additions & 11 deletions b/‎doc/src/sgml/release-10.sgml
Lines changed: 53 additions & 11 deletions
diff --git a/‎doc/src/sgml/release-9.3.sgml
Lines changed: 6 additions & 4 deletions b/‎doc/src/sgml/release-9.3.sgml
Lines changed: 6 additions & 4 deletions
diff --git a/‎doc/src/sgml/release-9.4.sgml
Lines changed: 6 additions & 4 deletions b/‎doc/src/sgml/release-9.4.sgml
Lines changed: 6 additions & 4 deletions
diff --git a/‎doc/src/sgml/release-9.5.sgml
Lines changed: 6 additions & 4 deletions b/‎doc/src/sgml/release-9.5.sgml
Lines changed: 6 additions & 4 deletions
diff --git a/‎doc/src/sgml/release-9.6.sgml
Lines changed: 49 additions & 16 deletions b/‎doc/src/sgml/release-9.6.sgml
Lines changed: 49 additions & 16 deletions
diff --git a/‎src/backend/nls.mk
Lines changed: 1 addition & 1 deletion b/‎src/backend/nls.mk
Lines changed: 1 addition & 1 deletion
@@ -1,6 +1,6 @@
 #! /bin/sh
 # Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.69 for PostgreSQL 10.3.
+# Generated by GNU Autoconf 2.69 for PostgreSQL 10.4.
 #
 # Report bugs to <bugs@postgrespro.ru>.
 #
@@ -583,8 +583,8 @@ MAKEFLAGS=
 # Identity of this package.
 PACKAGE_NAME='PostgreSQL'
 PACKAGE_TARNAME='postgrespro'
-PACKAGE_VERSION='10.3'
-PACKAGE_STRING='PostgreSQL 10.3'
+PACKAGE_VERSION='10.4'
+PACKAGE_STRING='PostgreSQL 10.4'
 PACKAGE_BUGREPORT='bugs@postgrespro.ru'
 PACKAGE_URL=''
 
@@ -1427,7 +1427,7 @@ if test "$ac_init_help" = "long"; then
   # Omit some internal or obsolete options to make the list less imposing.
   # This message is too long to be a string in the A/UX 3.1 sh.
   cat <<_ACEOF
-\`configure' configures PostgreSQL 10.3 to adapt to many kinds of systems.
+\`configure' configures PostgreSQL 10.4 to adapt to many kinds of systems.
 
 Usage: $0 [OPTION]... [VAR=VALUE]...
 
@@ -1493,7 +1493,7 @@ fi
 
 if test -n "$ac_init_help"; then
   case $ac_init_help in
-     short | recursive ) echo "Configuration of PostgreSQL 10.3:";;
+     short | recursive ) echo "Configuration of PostgreSQL 10.4:";;
    esac
   cat <<\_ACEOF
 
@@ -1652,7 +1652,7 @@ fi
 test -n "$ac_init_help" && exit $ac_status
 if $ac_init_version; then
   cat <<\_ACEOF
-PostgreSQL configure 10.3
+PostgreSQL configure 10.4
 generated by GNU Autoconf 2.69
 
 Copyright (C) 2012 Free Software Foundation, Inc.
@@ -2364,7 +2364,7 @@ cat >config.log <<_ACEOF
 This file contains any messages produced by compilers while
 running configure, to aid debugging if configure makes a mistake.
 
-It was created by PostgreSQL $as_me 10.3, which was
+It was created by PostgreSQL $as_me 10.4, which was
 generated by GNU Autoconf 2.69.  Invocation command line was
 
   $ $0 $@
@@ -2782,7 +2782,7 @@ fi
 
 
 
-PGPRO_VERSION="$PACKAGE_VERSION.2"
+PGPRO_VERSION="$PACKAGE_VERSION.1"
 PGPRO_PACKAGE_NAME="PostgresPro"
 PGPRO_EDITION="standard"
 PGPRO_EDN="std"
@@ -17603,7 +17603,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
 # report actual input values of CONFIG_FILES etc. instead of their
 # values after options handling.
 ac_log="
-This file was extended by PostgreSQL $as_me 10.3, which was
+This file was extended by PostgreSQL $as_me 10.4, which was
 generated by GNU Autoconf 2.69.  Invocation command line was
 
   CONFIG_FILES    = $CONFIG_FILES
@@ -17673,7 +17673,7 @@ _ACEOF
 cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
 ac_cs_version="\\
-PostgreSQL config.status 10.3
+PostgreSQL config.status 10.4
 configured by $0, generated by GNU Autoconf 2.69,
   with options \\"\$ac_cs_config\\"
 
 
@@ -17,7 +17,7 @@ dnl Read the Autoconf manual for details.
 dnl
 m4_pattern_forbid(^PGAC_)dnl to catch undefined macros
 
-AC_INIT([PostgreSQL], [10.3], [bugs@postgrespro.ru], [postgrespro])
+AC_INIT([PostgreSQL], [10.4], [bugs@postgrespro.ru], [postgrespro])
 PACKAGE_TARNAME=postgrespro
 
 m4_if(m4_defn([m4_PACKAGE_VERSION]), [2.69], [], [m4_fatal([Autoconf version 2.69 is required.
@@ -39,7 +39,7 @@ PGAC_ARG_REQ(with, extra-version, [STRING], [append STRING to version],
              [PG_VERSION="$PACKAGE_VERSION$withval"],
              [PG_VERSION="$PACKAGE_VERSION"])
 
-PGPRO_VERSION="$PACKAGE_VERSION.2"
+PGPRO_VERSION="$PACKAGE_VERSION.1"
 PGPRO_PACKAGE_NAME="PostgresPro"
 PGPRO_EDITION="standard"
 PGPRO_EDN="std"
 
@@ -5,7 +5,7 @@ OBJS = adminpack.o $(WIN32RES)
 PG_CPPFLAGS = -I$(libpq_srcdir)
 
 EXTENSION = adminpack
-DATA = adminpack--1.0.sql
+DATA = adminpack--1.0.sql adminpack--1.0--1.1.sql
 PGFILEDESC = "adminpack - support functions for pgAdmin"
 
 ifdef USE_PGXS
 
@@ -0,0 +1,6 @@
+/* contrib/adminpack/adminpack--1.0--1.1.sql */
+
+-- complain if script is sourced in psql, rather than via ALTER EXTENSION
+\echo Use "ALTER EXTENSION adminpack UPDATE TO '1.1'" to load this file. \quit
+
+REVOKE EXECUTE ON FUNCTION pg_catalog.pg_logfile_rotate() FROM PUBLIC;
@@ -1,6 +1,6 @@
 # adminpack extension
 comment = 'administrative functions for PostgreSQL'
-default_version = '1.0'
+default_version = '1.1'
 module_pathname = '$libdir/adminpack'
 relocatable = false
 schema = pg_catalog
@@ -27,7 +27,7 @@ System Configuration:
 
   Operating System (example: Linux 2.4.18)	:
 
-  PostgreSQL version (example: PostgreSQL 10.3):  PostgreSQL 10.3
+  PostgreSQL version (example: PostgreSQL 10.4):  PostgreSQL 10.4
 
   Compiler used (example: gcc 3.3.5)		:
 
 
@@ -23,9 +23,14 @@
    </para>
 
    <para>
-    However, if the function marking mistakes mentioned in the first two
-    changelog entries below affect you, you will want to take steps to
-    correct your database catalogs.
+    However, if you use the <filename>adminpack</filename> extension,
+    you should update it as per the first changelog entry below.
+   </para>
+
+   <para>
+    Also, if the function marking mistakes mentioned in the second and
+    third changelog entries below affect you, you will want to take steps
+    to correct your database catalogs.
    </para>
 
    <para>
@@ -41,6 +46,39 @@
 
     <listitem>
 <!--
+Author: Stephen Frost <sfrost@snowman.net>
+Branch: master [7b347409f] 2018-05-07 10:10:33 -0400
+Branch: REL_10_STABLE [20f01fc45] 2018-05-07 10:10:41 -0400
+Branch: REL9_6_STABLE [53b79ab4f] 2018-05-07 10:10:45 -0400
+-->
+     <para>
+      Remove public execute privilege
+      from <filename>contrib/adminpack</filename>'s
+      <function>pg_logfile_rotate()</function> function (Stephen Frost)
+     </para>
+
+     <para>
+      <function>pg_logfile_rotate()</function> is a deprecated wrapper
+      for the core function <function>pg_rotate_logfile()</function>.
+      When that function was changed to rely on SQL privileges for access
+      control rather than a hard-coded superuser
+      check, <function>pg_logfile_rotate()</function> should have been
+      updated as well, but the need for this was missed.  Hence,
+      if <filename>adminpack</filename> is installed, any user could
+      request a logfile rotation, creating a minor security issue.
+     </para>
+
+     <para>
+      After installing this update, administrators should
+      update <filename>adminpack</filename> by performing
+      <literal>ALTER EXTENSION adminpack UPDATE</literal> in each
+      database in which <filename>adminpack</filename> is installed.
+      (CVE-2018-1115)
+     </para>
+    </listitem>
+
+    <listitem>
+<!--
 Author: Tom Lane <tgl@sss.pgh.pa.us>
 Branch: master [11002f8af] 2018-03-30 18:14:51 -0400
 Branch: REL_10_STABLE [283262cd9] 2018-03-30 18:14:51 -0400
@@ -68,10 +106,12 @@ Branch: REL9_3_STABLE [485857d44] 2018-03-30 18:14:51 -0400
       installations will continue to contain the incorrect markings.
       Practical use of these functions seems to pose little hazard, but in
       case of trouble, it can be fixed by manually updating these
-      functions' <structname>pg_proc</structname> entries.  (Note that that
-      will need to be done in each database of the installation.)  Another
-      option is to <application>pg_upgrade</application> the database to a
-      version containing the corrected initial data.
+      functions' <structname>pg_proc</structname> entries, for example
+      <literal>ALTER FUNCTION pg_catalog.query_to_xml(text, boolean,
+      boolean, text) VOLATILE</literal>.  (Note that that will need to be
+      done in each database of the installation.)  Another option is
+      to <application>pg_upgrade</application> the database to a version
+      containing the corrected initial data.
      </para>
     </listitem>
 
@@ -108,10 +148,12 @@ Branch: REL9_6_STABLE [91d82317d] 2018-03-30 18:14:51 -0400
       incorrect markings.  Practical use of these functions seems to pose
       little hazard unless <varname>force_parallel_mode</varname> is turned
       on.  In case of trouble, it can be fixed by manually updating these
-      functions' <structname>pg_proc</structname> entries.  (Note that that
-      will need to be done in each database of the installation.)  Another
-      option is to <application>pg_upgrade</application> the database to a
-      version containing the corrected initial data.
+      functions' <structname>pg_proc</structname> entries, for example
+      <literal>ALTER FUNCTION pg_catalog.brin_summarize_new_values(regclass)
+      PARALLEL UNSAFE</literal>.  (Note that that will need to be done in
+      each database of the installation.)  Another option is
+      to <application>pg_upgrade</application> the database to a version
+      containing the corrected initial data.
      </para>
     </listitem>
 
 
@@ -59,10 +59,12 @@
       installations will continue to contain the incorrect markings.
       Practical use of these functions seems to pose little hazard, but in
       case of trouble, it can be fixed by manually updating these
-      functions' <structname>pg_proc</structname> entries.  (Note that that
-      will need to be done in each database of the installation.)  Another
-      option is to <application>pg_upgrade</application> the database to a
-      version containing the corrected initial data.
+      functions' <structname>pg_proc</structname> entries, for example
+      <literal>ALTER FUNCTION pg_catalog.query_to_xml(text, boolean,
+      boolean, text) VOLATILE</literal>.  (Note that that will need to be
+      done in each database of the installation.)  Another option is
+      to <application>pg_upgrade</application> the database to a version
+      containing the corrected initial data.
      </para>
     </listitem>
 
 
@@ -59,10 +59,12 @@
       installations will continue to contain the incorrect markings.
       Practical use of these functions seems to pose little hazard, but in
       case of trouble, it can be fixed by manually updating these
-      functions' <structname>pg_proc</structname> entries.  (Note that that
-      will need to be done in each database of the installation.)  Another
-      option is to <application>pg_upgrade</application> the database to a
-      version containing the corrected initial data.
+      functions' <structname>pg_proc</structname> entries, for example
+      <literal>ALTER FUNCTION pg_catalog.query_to_xml(text, boolean,
+      boolean, text) VOLATILE</literal>.  (Note that that will need to be
+      done in each database of the installation.)  Another option is
+      to <application>pg_upgrade</application> the database to a version
+      containing the corrected initial data.
      </para>
     </listitem>
 
 
@@ -59,10 +59,12 @@
       installations will continue to contain the incorrect markings.
       Practical use of these functions seems to pose little hazard, but in
       case of trouble, it can be fixed by manually updating these
-      functions' <structname>pg_proc</structname> entries.  (Note that that
-      will need to be done in each database of the installation.)  Another
-      option is to <application>pg_upgrade</application> the database to a
-      version containing the corrected initial data.
+      functions' <structname>pg_proc</structname> entries, for example
+      <literal>ALTER FUNCTION pg_catalog.query_to_xml(text, boolean,
+      boolean, text) VOLATILE</literal>.  (Note that that will need to be
+      done in each database of the installation.)  Another option is
+      to <application>pg_upgrade</application> the database to a version
+      containing the corrected initial data.
      </para>
     </listitem>
 
 
@@ -23,9 +23,14 @@
    </para>
 
    <para>
-    However, if the function marking mistakes mentioned in the first two
-    changelog entries below affect you, you will want to take steps to
-    correct your database catalogs.
+    However, if you use the <filename>adminpack</filename> extension,
+    you should update it as per the first changelog entry below.
+   </para>
+
+   <para>
+    Also, if the function marking mistakes mentioned in the second and
+    third changelog entries below affect you, you will want to take steps
+    to correct your database catalogs.
    </para>
 
    <para>
@@ -39,6 +44,33 @@
 
    <itemizedlist>
 
+    <listitem>
+     <para>
+      Remove public execute privilege
+      from <filename>contrib/adminpack</filename>'s
+      <function>pg_logfile_rotate()</function> function (Stephen Frost)
+     </para>
+
+     <para>
+      <function>pg_logfile_rotate()</function> is a deprecated wrapper
+      for the core function <function>pg_rotate_logfile()</function>.
+      When that function was changed to rely on SQL privileges for access
+      control rather than a hard-coded superuser
+      check, <function>pg_logfile_rotate()</function> should have been
+      updated as well, but the need for this was missed.  Hence,
+      if <filename>adminpack</filename> is installed, any user could
+      request a logfile rotation, creating a minor security issue.
+     </para>
+
+     <para>
+      After installing this update, administrators should
+      update <filename>adminpack</filename> by performing
+      <literal>ALTER EXTENSION adminpack UPDATE</literal> in each
+      database in which <filename>adminpack</filename> is installed.
+      (CVE-2018-1115)
+     </para>
+    </listitem>
+
     <listitem>
      <para>
       Fix incorrect volatility markings on a few built-in functions
@@ -59,10 +91,12 @@
       installations will continue to contain the incorrect markings.
       Practical use of these functions seems to pose little hazard, but in
       case of trouble, it can be fixed by manually updating these
-      functions' <structname>pg_proc</structname> entries.  (Note that that
-      will need to be done in each database of the installation.)  Another
-      option is to <application>pg_upgrade</application> the database to a
-      version containing the corrected initial data.
+      functions' <structname>pg_proc</structname> entries, for example
+      <literal>ALTER FUNCTION pg_catalog.query_to_xml(text, boolean,
+      boolean, text) VOLATILE</literal>.  (Note that that will need to be
+      done in each database of the installation.)  Another option is
+      to <application>pg_upgrade</application> the database to a version
+      containing the corrected initial data.
      </para>
     </listitem>
 
@@ -75,15 +109,12 @@
      <para>
       The functions
       <function>brin_summarize_new_values</function>,
-      <function>brin_summarize_range</function>,
-      <function>brin_desummarize_range</function>,
       <function>gin_clean_pending_list</function>,
       <function>cursor_to_xml</function>,
       <function>cursor_to_xmlschema</function>,
       <function>ts_rewrite</function>,
-      <function>ts_stat</function>,
-      <function>binary_upgrade_create_empty_extension</function>, and
-      <function>pg_import_system_collations</function>
+      <function>ts_stat</function>, and
+      <function>binary_upgrade_create_empty_extension</function>
       should be marked parallel-unsafe; some because they perform database
       modifications directly, and others because they execute user-supplied
       queries that might do so.  They were marked parallel-restricted
@@ -93,10 +124,12 @@
       incorrect markings.  Practical use of these functions seems to pose
       little hazard unless <varname>force_parallel_mode</varname> is turned
       on.  In case of trouble, it can be fixed by manually updating these
-      functions' <structname>pg_proc</structname> entries.  (Note that that
-      will need to be done in each database of the installation.)  Another
-      option is to <application>pg_upgrade</application> the database to a
-      version containing the corrected initial data.
+      functions' <structname>pg_proc</structname> entries, for example
+      <literal>ALTER FUNCTION pg_catalog.brin_summarize_new_values(regclass)
+      PARALLEL UNSAFE</literal>.  (Note that that will need to be done in
+      each database of the installation.)  Another option is
+      to <application>pg_upgrade</application> the database to a version
+      containing the corrected initial data.
      </para>
     </listitem>
 
 
@@ -1,6 +1,6 @@
 # src/backend/nls.mk
 CATALOG_NAME     = postgres
-AVAIL_LANGUAGES  = de es fr it ko pl ru sv tr zh_CN
+AVAIL_LANGUAGES  = de es fr it ja ko pl ru sv tr zh_CN
 GETTEXT_FILES    = + gettext-files
 GETTEXT_TRIGGERS = $(BACKEND_COMMON_GETTEXT_TRIGGERS) \
     GUC_check_errmsg GUC_check_errdetail GUC_check_errhint \