Stamp 13.20.
commit : c8f198c3acb59ed858b5b9b88b4fbc55cece544e
author : Tom Lane <tgl@sss.pgh.pa.us>
date : Mon, 17 Feb 2025 16:17:13 -0500
committer: Tom Lane <tgl@sss.pgh.pa.us>
date : Mon, 17 Feb 2025 16:17:13 -0500 M configure
M configure.in
Translation updates
commit : a282099583039633a8aa83953a0c4e72fca95423
author : Álvaro Herrera <alvherre@alvh.no-ip.org>
date : Mon, 17 Feb 2025 17:51:30 +0100
committer: Álvaro Herrera <alvherre@alvh.no-ip.org>
date : Mon, 17 Feb 2025 17:51:30 +0100 Source-Git-URL: ssh://git@git.postgresql.org/pgtranslation/messages.git
Source-Git-Hash: 2bcd19355a18178dfe82bde9e98b9486fcd3143f M src/backend/po/es.po
M src/backend/po/sv.po
M src/bin/initdb/po/es.po
M src/bin/pg_archivecleanup/po/es.po
M src/bin/pg_basebackup/po/es.po
M src/bin/pg_checksums/po/es.po
M src/bin/pg_config/po/es.po
M src/bin/pg_controldata/po/es.po
M src/bin/pg_ctl/po/es.po
M src/bin/pg_dump/po/es.po
M src/bin/pg_resetwal/po/es.po
M src/bin/pg_rewind/po/es.po
M src/bin/pg_test_fsync/po/es.po
M src/bin/pg_test_timing/po/es.po
M src/bin/pg_upgrade/po/es.po
M src/bin/pg_verifybackup/po/es.po
M src/bin/pg_waldump/po/es.po
M src/bin/psql/po/es.po
M src/bin/psql/po/sv.po
M src/bin/scripts/po/es.po
M src/interfaces/ecpg/ecpglib/po/es.po
M src/interfaces/ecpg/preproc/po/es.po
M src/interfaces/libpq/po/es.po
M src/interfaces/libpq/po/fr.po
M src/interfaces/libpq/po/sv.po
M src/pl/plperl/po/es.po
M src/pl/plpgsql/src/po/es.po
M src/pl/plpython/po/es.po
M src/pl/tcl/po/es.po
Release notes for 17.4, 16.8, 15.12, 14.17, 13.20.
commit : e8f5b51ae052eb0b73c0eb211999f8c89f59ba43
author : Tom Lane <tgl@sss.pgh.pa.us>
date : Sun, 16 Feb 2025 14:20:33 -0500
committer: Tom Lane <tgl@sss.pgh.pa.us>
date : Sun, 16 Feb 2025 14:20:33 -0500 M doc/src/sgml/release-13.sgml
In fmtIdEnc(), handle failure of enlargePQExpBuffer().
commit : 9f052613e44606773aead07e2cd9e22710d7fbc5
author : Tom Lane <tgl@sss.pgh.pa.us>
date : Sun, 16 Feb 2025 12:46:35 -0500
committer: Tom Lane <tgl@sss.pgh.pa.us>
date : Sun, 16 Feb 2025 12:46:35 -0500 Coverity complained that we weren't doing that, and it's right.
This fix just makes fmtIdEnc() honor the general convention that OOM
causes a PQExpBuffer to become marked "broken", without any immediate
error. In the pretty-unlikely case that we actually did hit OOM here,
the end result would be to return an empty string to the caller,
probably resulting in invalid SQL syntax in an issued command (if
nothing else went wrong, which is even more unlikely). It's tempting
to throw an "out of memory" error if the buffer becomes broken, but
there's not a lot of point in doing that only here and not in hundreds
of other PQExpBuffer-using places in pg_dump and similar callers.
The whole issue could do with some non-time-crunched redesign, perhaps.
This is a followup to the fixes for CVE-2025-1094, and should be
included if cherry-picking those fixes. M src/fe_utils/string_utils.c
Make escaping functions retain trailing bytes of an invalid character.
commit : d6d29b2133f1c2a7d4f332bf68b2f40c8de3044c
author : Tom Lane <tgl@sss.pgh.pa.us>
date : Sat, 15 Feb 2025 16:20:21 -0500
committer: Tom Lane <tgl@sss.pgh.pa.us>
date : Sat, 15 Feb 2025 16:20:21 -0500 Instead of dropping the trailing byte(s) of an invalid or incomplete
multibyte character, replace only the first byte with a known-invalid
sequence, and process the rest normally. This seems less likely to
confuse incautious callers than the behavior adopted in 5dc1e42b4.
While we're at it, adjust PQescapeStringInternal to produce at most
one bleat about invalid multibyte characters per string. This
matches the behavior of PQescapeInternal, and avoids the risk of
producing tons of repetitive junk if a long string is simply given
in the wrong encoding.
This is a followup to the fixes for CVE-2025-1094, and should be
included if cherry-picking those fixes.
Author: Andres Freund <andres@anarazel.de>
Co-authored-by: Tom Lane <tgl@sss.pgh.pa.us>
Reported-by: Jeff Davis <pgsql@j-davis.com>
Discussion: https://postgr.es/m/20250215012712.45@rfd.leadboat.com
Backpatch-through: 13 M src/fe_utils/string_utils.c
M src/interfaces/libpq/fe-exec.c
Fix PQescapeLiteral()/PQescapeIdentifier() length handling
commit : 1f7a05324524f015a4a3a4a3fb921b11f8126051
author : Andres Freund <andres@anarazel.de>
date : Fri, 14 Feb 2025 17:44:28 -0500
committer: Andres Freund <andres@anarazel.de>
date : Fri, 14 Feb 2025 17:44:28 -0500 In 5dc1e42b4fa I fixed bugs in various escape functions, unfortunately as part
of that I introduced a new bug in PQescapeLiteral()/PQescapeIdentifier(). The
bug is that I made PQescapeInternal() just use strlen(), rather than taking
the specified input length into account.
That's bad, because it can lead to including input that wasn't intended to be
included (in case len is shorter than null termination of the string) and
because it can lead to reading invalid memory if the input string is not null
terminated.
Expand test_escape to this kind of bug:
a) for escape functions with length support, append data that should not be
escaped and check that it is not
b) add valgrind requests to detect access of bytes that should not be touched
Author: Tom Lane <tgl@sss.pgh.pa.us>
Author: Andres Freund <andres@anarazel.de
Reviewed-by: Tom Lane <tgl@sss.pgh.pa.us>
Reviewed-by: Noah Misch <noah@leadboat.com>
Discussion: https://postgr.es/m/Z64jD3u46gObCo1p@pryzbyj2023
Backpatch: 13 M src/interfaces/libpq/fe-exec.c
M src/test/modules/test_escape/test_escape.c
Fix assertion on dereferenced object
commit : 9fcd360498ee2205320336676b40bc7bc10f4c06
author : Daniel Gustafsson <dgustafsson@postgresql.org>
date : Fri, 14 Feb 2025 11:50:56 +0100
committer: Daniel Gustafsson <dgustafsson@postgresql.org>
date : Fri, 14 Feb 2025 11:50:56 +0100 Commit 27cc7cd2bc8a accidentally placed the assertion ensuring
that the pointer isn't NULL after it had already been accessed.
Fix by moving the pointer dereferencing to after the assertion.
Backpatch to all supported branches.
Author: Dmitry Koval <d.koval@postgrespro.ru>
Reviewed-by: Daniel Gustafsson <daniel@yesql.se>
Reviewed-by: Michael Paquier <michael@paquier.xyz>
Discussion: https://postgr.es/m/1618848d-cdc7-414b-9c03-08cf4bef4408@postgrespro.ru
Backpatch-through: 13 M src/backend/executor/execMain.c
Fix MakeTransitionCaptureState() to return a consistent result
commit : 5209058240f37cf794ccbe832f3de6c6e649a17d
author : Michael Paquier <michael@paquier.xyz>
date : Thu, 13 Feb 2025 16:31:12 +0900
committer: Michael Paquier <michael@paquier.xyz>
date : Thu, 13 Feb 2025 16:31:12 +0900 When an UPDATE trigger referencing a new table and a DELETE trigger
referencing an old table are both present, MakeTransitionCaptureState()
returns an inconsistent result for UPDATE commands in its set of flags
and tuplestores holding the TransitionCaptureState for transition
tables.
As proved by the test added here, this issue causes a crash in v14 and
earlier versions (down to 11, actually, older versions do not support
triggers on partitioned tables) during cross-partition updates on a
partitioned table. v15 and newer versions are safe thanks to
7103ebb7aae8.
This commit fixes the function so that it returns a consistent state
by using portions of the changes made in commit 7103ebb7aae8 for v13 and
v14. v15 and newer versions are slightly tweaked to match with the
older versions, mainly for consistency across branches.
Author: Kyotaro Horiguchi
Discussion: https://postgr.es/m/20250207.150238.968446820828052276.horikyota.ntt@gmail.com
Backpatch-through: 13 M src/backend/commands/trigger.c
M src/test/regress/expected/triggers.out
M src/test/regress/sql/triggers.sql
Doc: Fix punctuation errors
commit : 412047f19fcb978508a0e530acc23810db93de06
author : John Naylor <john.naylor@postgresql.org>
date : Wed, 12 Feb 2025 13:35:03 +0700
committer: John Naylor <john.naylor@postgresql.org>
date : Wed, 12 Feb 2025 13:35:03 +0700 Author: 斉藤登 <noborusai@gmail.com>
Reviewed-by: David G. Johnston <david.g.johnston@gmail.com>
Discussion: https://postgr.es/m/CAAM3qnL6i-BSu5rB2+KiHLjMCOXiQEiPMBvEj7F1CgUzZMooLA@mail.gmail.com
Backpatch-through: 13 M doc/src/sgml/config.sgml