cancel
Showing results for 
Search instead for 
Did you mean: 

Technical Update for EDB Postgres Advanced Server (Database Server 10.9.17)

Technical Alert/Update Information

Technical Alert Name
EDB Technical Update for Postgres Advanced Server (Database Server 10.9.17)
Product Type
Postgres Plus Advanced Server
Release Date
6/25/2019
Technical Alert Details
Technical Update
EDB Postgres Advanced Server (Database Server 10.9.17)

WHAT’S NEW
This update is notifying you of a new software release EDB Postgres™ Advanced Server 10.9.17. EDB Postgres Advanced Server 10 is built on the open source PostgreSQL 10, which introduces an impressive number of improvements that enable databases to scale up and scale out in more efficient ways. PostgreSQL 10 introduces Native Partitioning, Logical Replication, SCRAM Authentication, additional Parallel Query capabilities as well as a host of other new features and capabilities.

Highlights of 10.9.17 release include:
  • Merge with community release 10.9
  1. More information about this and other fixes in community PostgreSQL can be found https://www.postgresql.org/about/news/1949/and https://www.postgresql.org/docs/10/release-10-9.html  
  2. Enhancements implemented in clone schema 1.9  and parallel_clone 1.5.
  3. CVE-2019-10164 - Stack-based buffer overflow via setting a password
An authenticated user could create a stack-based buffer overflow by changing
their own password to a purpose-crafted value. In addition to the ability to
crash the PostgreSQL server, this could be further exploited to execute
arbitrary code as the PostgreSQL operating system account.

Additionally, a rogue server could send a specifically crafted message during
the SCRAM authentication process and cause a libpq-enabled client to either
crash or execute arbitrary code as the client's operating system account. This update contains the following fixes: 
  • RM43994 - SPL: Don't mark portal as FAILED when executing SPL ROLLBACK. [Support ticket #870716]
  • RM43959 - Fix "REASSIGN OWNED BY" for dbms_aq objects.
  • RM43689 - ecpg: Suppress line numbers (#line directive) with '-l' option.
  • RM43055 - Add missing sepgsql checks for namespace lookups
  • RM43938 - Throw a user-friendly error when package type has dropped attributes.
This update also contains a fix for Cloneschema component:
  • DI-166 - Cloneschema fails when applying FK constraints on the target if rows are constantly being inserted in the source. [Support Ticket #860472]
IS THIS FOR ME?
This announcement is for EDB customers who are using, or are interested in, EDB Postgres Advanced Server and have a database subscription purchased for:
  •  EDB Postgres Enterprise Edition
HOW TO GET THE SOFTWARE
This update is available from the EDB Postgres downloads website (https://www.enterprisedb.com/advanced-downloads) or via Stack Builder Plus.

This update is also available as an RPM package that can be downloaded from the yum.enterprisedb.com repository. To setup your credentials and gain access to the yum repository, please submit a request: https://www.enterprisedb.com/repository-access-request

Please review the Installation Guide for more details: TROUBLESHOOTING 
If you experience any problems installing the new software please contact Technical Support at:
Email:  support@enterprisedb.com
Phone: US: +1-732-331-1320 or 1-800-235-5891
UK: +44-2033719820
Brazil: +55-2139581371
India: +91-20-66449612
Version history
Revision #:
1 of 1
Last update:
a month ago
Updated by:
 
Contributors