This article was originally published on May 17, 2018
Technical AlertSEVERITY
Moderate
ALERT FOCUS
EPAS 10
RECOMMENDED ACTIONS
Status: Moderate
Recommended: This is a software update for the Database Server module shipped with the GA version of EDB Postgres Advanced Server 10.x. The update contains important fixes from the PostgreSQL community that could relate to possible data corruption and security. EDB urges users to apply this update at the next possible downtime.
WHAT IS IN THIS ALERT
Merge with community release 10.4
--------------------------------------------------
One security vulnerability is addressed in this release:
- CVE-2018-1115:postgresql: Too-permissive access control list on function pg_logfile_rotate()
More information about this and other fixes in community PostgreSQL can be found https://www.postgresql.org/about/news/1851/ and https://www.postgresql.org/docs/10/static/release-10-4.html
This software update contains the following fixes:
- RM43502 - Prevent unexpected NULL values from appearing in indexes. (Support Ticket #752396)
- RM43348 - ECPG: Support C-preprocessor directive #ident in ProC mode (Support Ticket #737843)
- RM43472 - edbldr: restrict insert of partition table through direct-load. (Support Ticket #748402)
- RM43485 - Fix old relfrozenxid and relminmxid for partition tables.
- RM43235 - Fix ALTER TABLE ... ADD PARTITION for declarative partition.
- RM43458 - utl_mail: Fix the data loss when passing multibyte characters through SEND method. (Support Ticket #736209)
- RM43406 - SPL: Mark Param in common parameter list read-only in assign_simple_var to avoid crash. (Support Ticket #742699)
This alert is for customers using:
- EDB Postgres Advanced Server version: 10.x.x
- Database Server
HOW TO GET THE UPDATE AND APPLY IT
This update is available through the EDB Postgres Advanced Server - StackBuilder Plus Module.
Please perform the following steps in order to update your Database Server for EDB Postgres Advanced Server. It is recommended that you backup your files before performing the upgrade.
1. Right-Click on the System tray icon (PostgreSQL Elephant) and select 'Install Components'. StackBuilder Plus will start and the available updates will be displayed in bold type in the component selection screen.
OR
Run StackBuilder Plus directly from the Application Menu. The update will automatically be selected and displayed in bold type.
2. Click Next and you will be asked to authenticate with EnterpriseDB.
3. Click Next and choose the download directory (where the update will be downloaded).
4. The installation program will start once the download is complete.
Notes:
a. The database server will be restarted as part of the upgrade process.
b. The data directory will not be affected by this upgrade.
This update is also available as an RPM package that can be downloaded from the EnterpriseDB yum.enterprisedb.com repository. You will need a username and password to access yum.enterprisedb.com, and you should contact your account manager or sales@enterprisedb.com if you do not have one.
Also, if you are upgrading from a version earlier than 10.4.x, please see technical alert for 10.3.x.
TROUBLESHOOTING
If you experience any problems applying the upgrade or restoring the old version after applying the upgrade, please contact Technical Support at:
Email: support@enterprisedb.com
Phone:
US: +1-732-331-1320 or 1-800-235-5891
UK: +44-2033719820
Brazil: +55-2139581371
India: +91-20-66449612