Log Message:
postgresql: updated to 13.4, 12.8, 11.13, 10.18, 9.6.23

PostgreSQL 13.4, 12.8, 11.13, 10.18, 9.6.23

Security Issues

CVE-2021-3677: Memory disclosure in certain queries

Versions Affected: 11 - 13.

A purpose-crafted query can read arbitrary bytes of server memory. In the \ 
default configuration, any authenticated database user can complete this attack \ 
at will. The attack does not require the ability to create objects. If server \ 
settings include max_worker_processes=0, the known versions of this attack are \ 
infeasible. However, undiscovered variants of the attack may be independent of \ 
that setting.

Bug Fixes and Improvements

This update also fixes over 75 bugs that were reported in the last several \ 
months. Some of these issues affect only version 13, but many affect all \ 
supported versions.

Some of these fixes include:

Completely disable TLS/SSL renegotiation. This was previously disabled, but the \ 
server would still execute a client-initiated renegotiation request.
Restore the Portal-level snapshot after COMMIT or ROLLBACK within a procedure. \ 
This change fixes cases where an attempt to fetch a toasted value immediately \ 
after COMMIT/ROLLBACK would fail with errors like "no known snapshots" \ 
or "missing chunk number 0 for toast value".
Avoid misbehavior when persisting the output of a cursor that's reading a \ 
volatile query.
Reject cases where a query in WITH rewrites to just NOTIFY, which would cause a \ 
crash.
Several corner-case fixes for numeric types.
ALTER EXTENSION now locks the extension when adding or removing a member object.
The "enabled" status is now copied when a partitioned table's triggers \ 
are cloned to a new partition.
Avoid alias conflicts in queries generated for REFRESH MATERIALIZED VIEW \ 
CONCURRENTLY. This command failed on materialized views containing columns with \ 
certain names, notably mv and newdata.
Disallow whole-row variables in GENERATED expressions.
Several fixes for DROP OWNED BY behavior in relation to row-level security (RLS) \ 
policies.
Re-allow old-style Windows locale names in CREATE COLLATION commands.
walsenders now show their latest replication command in pg_stat_activity, \ 
instead of just showing the latest SQL command.
pg_settings.pending_restart now shows as true when a pertinent entry in \ 
postgresql.conf is removed.
On 64-bit Windows, allow the effective value of work_mem * hash_mem_multiplier \ 
to exceed 2GB.
Update minimum recovery point when WAL replay of a transaction abort record \ 
causes file truncation.
Advance oldest-required-WAL-segment horizon properly after a replication slot is \ 
invalidated. This fixes an issue where the server's WAL storage could run out of \ 
space.
Improve progress reporting for the sort phase of a parallel B-tree index build.
Fix assorted crash cases in logical replication of partitioned-table updates and \ 
when firing AFTER triggers of partitioned tables.
Prevent infinite loops in SP-GiST index insertion.
Ensure that SP-GiST index insertion can be terminated by a query cancel request.
In psql and other client programs, avoid overrunning the ends of strings when \ 
dealing with invalidly-encoded data.
Fix pg_dump to correctly handle triggers on partitioned tables whose enabled \ 
status is different from their parent triggers' status.
Avoid "invalid creation date in header" warnings when running \ 
pg_restore on a file created in a different time zone.
pg_upgrade now carries forward the old installation's oldestXID value and no \ 
longer forces an anti-wraparound VACUUM."
Extend pg_upgrade to detect and warn about extensions that should be upgraded.
Fix contrib/postgres_fdw to better work with generated columns, so long as a \ 
generated column in a foreign table represents a generated column in the remote \ 
table.