Log message:
postgresql: updated to 10.4, 9.6.9, 9.5.13, 9.4.18, 9.3.23

SECURITY ISSUES
One security vulnerability has been closed by this release:

CVE-2018-1115: Too-permissive access control list on function pg_logfile_rotate()
Please see the "Updating" section below for post-update steps.

BUG FIXES AND IMPROVEMENTS
This update also fixes over 50 bugs reported in the last several months. Some of \ 
these issues affect only version 10, but many affect all supported versions.

These fixes include:
Fix incorrect volatility and parallel-safety markings on several built-in \ 
functions to ensure correct query planning optimizations
Several fixes for partitioning, including potential crashes as well as allowing \ 
TRUE and FALSE to be used as partition bounds
Fix where a new TOAST value could be assigned to a dead-but-not-yet-vacuumed \ 
TOAST OID, which would result in an error similar to "unexpected chunk \ 
number 0 (expected 1) for toast value nnnnn"
Fix "CREATE TABLE ... LIKE" with bigint identity columns on 32-bit \ 
platforms
Fix memory leak within the runtime of a query that repeatedly executes hash joins
Several crash fixes around queries using GROUPING SET
Avoid failure if a query-cancel or session-termination interrupt occurs while \ 
committing a prepared transaction
Reduce locking during autovacuum worker scheduling, which prevents loss of \ 
potential worker concurrency
Fix possible slow execution of REFRESH MATERIALIZED VIEW CONCURRENTLY
Several fixes around query plans that use "index-only" scans
Avoid deadlocks in concurrent CREATE INDEX CONCURRENTLY commands that are run \ 
under SERIALIZABLE or REPEATABLE READ transaction isolation
Several fixes for SP-GiST indexes, including one collation-aware searches on \ 
text columns
Fixes related to counting the number of tuples in partial GiST, SP-GiST, and \ 
Bloom indexes
Several fixes for logical decoding and replication
Fix misquoting of values for list-valued GUC variables (e.g. \ 
local_preload_libraries, session_preload_libraries, shared_preload_libraries, \ 
temp_tablespaces) in dumps
Several fixes for pg_stat_activity
Several fixes for ecpg
Fix for pg_recvlogical to ensure compatibility with PostgreSQL versions released \ 
before 10
Several fixes for pg_rewind

Log message:
postgresqlNN: updated to 10.3, 9.6.8, 9.5.12, 9.4.17, 9.3.22

PostgreSQL 10.3, 9.6.8, 9.5.12, 9.4.17, and 9.3.22:
The purpose of this release is to address CVE-2018-1058, which describes how a \ 
user can create like-named objects in different schemas that can change the \ 
behavior of other users' queries and cause unexpected or malicious behavior, \ 
also known as a "trojan-horse" attack. Most of this release centers \ 
around added documentation that describes the issue and how to take steps to \ 
mitigate the impact on PostgreSQL databases.

Log message:
postgresql: updated to 10.2, 9.6.7, 9.5.11, 9.4.16, and 9.3.21

This release fixes two security issues. This release also fixes issues with \ 
VACUUM, GIN indexes, and hash indexes that could lead to data corruption, as \ 
well as fixes for using parallel queries and logical replication.

Security Issues
* CVE-2018-1052: Fix the processing of partition keys containing multiple expressions
* CVE-2018-1053: Ensure that all temporary files made with \ 
"pg_upgrade" are non-world-readable

Bug Fixes and Improvements
* Fix crash and potential disclosure of backend memory when processing partition \ 
keys containing multiple expressions
* Fix potential disclosure of temporary files containing database passwords \ 
created by pg_upgrade by not allowing these files to be world-accessible
* Fix cases where VACUUM would not remove dead rows if they were updated while \ 
"key-share" locked, leading to potential data corruption
* Fix for GIN indexes to prevent bloat by ensuring the pending-insertions list \ 
is cleaned up by VACUUM
* Fix potential index corruption with hash indexes due to failure to mark \ 
metapages as dirty
* Fix several potential crash scenarios for parallel queries, including when a \ 
bitmap heap scan cannot allocate memory
* Fix several potential hang-ups in parallel queries, including when a parallel \ 
worker fails to start
* Fix collection of EXPLAIN statistics from parallel workers
* Prevent fake deadlock failures when multiple sessions are running CREATE INDEX \ 
CONCURRENTLY
* Fix for trigger behavior when using logical replication
* Several fixes for "walsender" functionality to improve stability as \ 
well as visibility into the replication process
* Fix logical decoding to correctly clean up disk files for crashed transactions
* Several fixes for identity columns, including disallowing identity columns on \ 
tables derived from composite types and partitions
* Fix handling of list partitioning constraints for partition keys of boolean \ 
and array types
* Fix incorrectly generated plans for UPDATE and DELETE queries when a table has \ 
a mix of inherited regular and foreign child tables
* Fix incorrect query results from cases involving GROUPING SETS when used with \ 
flattened subqueries
* Fix UNION/INTERSECT/EXCEPT over zero columns, e.g. "SELECT UNION SELECT;"
* Several fixes for subqueries within a LATERAL subquery
* Several improvements for query planning estimation
* Allow a client that supports SCRAM channel binding, such as a future version \ 
of PostgreSQL or libpq, to connect to a PostgreSQL 10 server
* Fix sample INSTR() functions used to help transition from Oracle(r) PL/SQL to \ 
PostgreSQL PL/pgSQL to correctly match Oracle functional behavior
* Fix pg_dump to make permissions (ACL), security label, and comment entries \ 
reliably identifiable in archive outputs
* Modify behavior for contrib/cube's "cube ~> int" operator to make \ 
it compatible with KNN search. This is a backwards incompatible change and any \ 
expression indexes or materialized views using this operator will need to be \ 
reindexed and refreshed, respectively.
* Several fixes in contrib/postgres_fdw to prevent query planner errors
* Added modern examples of auto-start scripts for PostgreSQL on macOS in the \ 
contrib/start-scripts/macos directory
* Several fixes for Windows, including postmaster startup and compatibility with \ 
libperl
* Spinlock fixes and support for Motorola 68K and 88K architectures

Log message:
postgresql: updated to the latest

The PostgreSQL Global Development Group has released an update to all supported \ 
versions of our database system, including 10.1, 9.6.6, 9.5.10, 9.4.15, 9.3.20, \ 
and 9.2.24. This release fixes three security issues. This release also fixes \ 
issues found in BRIN indexing, logical replication and other bugs reported over \ 
the past three months.

All users using the affected versions of PostgreSQL should update as soon as \ 
possible. If you use BRIN indexes or contrib/start-scripts, please see the \ 
release notes for additional post-upgrade steps.

Security Issues

Three security vulnerabilities have been fixed by this release:

CVE-2017-12172: Start scripts permit database administrator to modify root-owned \ 
files
CVE-2017-15098: Memory disclosure in JSON functions
CVE-2017-15099: INSERT ... ON CONFLICT DO UPDATE fails to enforce SELECT privileges

Bug Fixes and Improvements

This update also fixes a number of bugs reported in the last few months. Some of \ 
these issues affect only version 10, but many affect all supported versions:

Fix a race condition in BRIN indexing that could cause some rows to not be \ 
included in the indexing.
Fix crash when logical decoding is invoked from a PL language function.
Several fixes for logical replication.
Restored behavior for CTEs attached to INSERT/UPDATE/DELETE statements to \ 
pre-version 10.
Prevent low-probability crash in processing of nested trigger firings.
Do not evaluate an aggregate function's argument expressions when the conditions \ 
in the FILTER clause evaluate to FALSE. This complies with SQL-standard \ 
behavior.
Fix incorrect query results when multiple GROUPING SETS columns contain the same \ 
simple variable.
Fix memory leak over the lifespan of a query when evaluating a set-returning \ 
function from the target list in a SELECT.
Several fixes for parallel query execution, including fixing a crash in the \ 
parallel execution of certain queries that contain a certain type of bitmap \ 
scan.
Fix json_build_array(), json_build_object(), jsonb_build_array(), and \ 
jsonb_build_object() to handle explicit VARIADIC arguments correctly.
Prevent infinite float values from being casted to the numeric type.
Fix autovacuum's “work item” logic to prevent possible crashes and silent \ 
loss of work items.
Several fixes for VIEWs around adding columns to the end of a view.
Fix for hashability detection of range data types that are created by a user.
Improvements on using extended statistics on columns for the purposes of query \ 
planning.
Prevent idle_in_transaction_session_timeout from being ignored when a \ 
statement_timeout occurred earlier.
Fix low-probability loss of NOTIFY messages due more than 2 billion transactions \ 
processing before any queries are executed in the session.
Several file system interaction fixes.
Correctly restore the umask setting when file creation fails in COPY or lo_export().
Fix pg_dump to ensure that it emits GRANT commands in a valid order.
Fix pg_basebackup's matching of tablespace paths to canonicalize both paths \ 
before comparing to help improve Windows compatibility.
Fix libpq to not require user's home directory to exist when trying to read the \ 
"~/.pgpass" file.
Several fixes for ecpg.

Log message:
postgresql10: added version 10.0

Major enhancements in PostgreSQL 10 include:

Logical replication using publish/subscribe
Declarative table partitioning
Improved query parallelism
Significant general performance improvements
Stronger password authentication based on SCRAM-SHA-256
Improved monitoring and control
The above items are explained in more detail in the sections below.