This article was originally published on June 25, 2019
Technical UpdateEDB Postgres Advanced Server (Database Server 10.9.17)
WHAT’S NEW
This update is notifying you of a new software release EDB Postgres™ Advanced Server 10.9.17. EDB Postgres Advanced Server 10 is built on the open source PostgreSQL 10, which introduces an impressive number of improvements that enable databases to scale up and scale out in more efficient ways. PostgreSQL 10 introduces Native Partitioning, Logical Replication, SCRAM Authentication, additional Parallel Query capabilities as well as a host of other new features and capabilities.
Highlights of 10.9.17 release include:
- Merge with community release 10.9
- More information about this and other fixes in community PostgreSQL can be found https://www.postgresql.org/about/news/1949/and https://www.postgresql.org/docs/10/release-10-9.html
- Enhancements implemented in clone schema 1.9 and parallel_clone 1.5.
- CVE-2019-10164 - Stack-based buffer overflow via setting a password
their own password to a purpose-crafted value. In addition to the ability to
crash the PostgreSQL server, this could be further exploited to execute
arbitrary code as the PostgreSQL operating system account.
Additionally, a rogue server could send a specifically crafted message during
the SCRAM authentication process and cause a libpq-enabled client to either
crash or execute arbitrary code as the client's operating system account.
- Merge OpenSSL 1.0.2s library to address the items identified in Security Advisory 28-May-2019 - https://www.openssl.org/news/cl102.txt
- RM43994 - SPL: Don't mark portal as FAILED when executing SPL ROLLBACK. [Support ticket #870716]
- RM43959 - Fix "REASSIGN OWNED BY" for dbms_aq objects.
- RM43689 - ecpg: Suppress line numbers (#line directive) with '-l' option.
- RM43055 - Add missing sepgsql checks for namespace lookups
- RM43938 - Throw a user-friendly error when package type has dropped attributes.
- DI-166 - Cloneschema fails when applying FK constraints on the target if rows are constantly being inserted in the source. [Support Ticket #860472]
This announcement is for EDB customers who are using, or are interested in, EDB Postgres Advanced Server and have a database subscription purchased for:
- EDB Postgres Enterprise Edition
This update is available from the EDB Postgres downloads website (https://www.enterprisedb.com/advanced-downloads) or via Stack Builder Plus.
This update is also available as an RPM package that can be downloaded from the yum.enterprisedb.com repository. To setup your credentials and gain access to the yum repository, please submit a request: https://www.enterprisedb.com/repository-access-request
Please review the Installation Guide for more details:
- HTML: https://www.enterprisedb.com/docs/en/10.0/EPAS_Inst_Guide_v10/toc.html
- PDF: https://get.enterprisedb.com/docs/EDB_Postgres_Advanced_Server_Installation_Guide_v10.pdf
If you experience any problems installing the new software please contact Technical Support at:
Email: support@enterprisedb.com
Phone: US: +1-732-331-1320 or 1-800-235-5891
UK: +44-2033719820
Brazil: +55-2139581371
India: +91-20-66449612