Jelenlegi hely

Hírolvasó

PHP 8.0.0 Release Candidate 4 available for testing

PHP.net - 2020, november 12 - 12:49
Kategóriák: Informatika

PostgreSQL 13.1, 12.5, 11.10, 10.15, 9.6.20, and 9.5.24 Released!

PostreSQL.org - 2020, november 12 - 01:00

The PostgreSQL Global Development Group has released an update to all supported versions of our database system, including 13.1, 12.5, 11.10, 10.15, 9.6.20, and 9.5.24. This release closes three security vulnerabilities and fixes over 65 bugs reported over the last three months.

Due to the nature of CVE-2020-25695, we advise you to update as soon as possible.

Additionally, this is the second-to-last release of PostgreSQL 9.5. If you are running PostgreSQL 9.5 in a production environment, we suggest that you make plans to upgrade.

For the full list of changes, please review the release notes.

Security Issues CVE-2020-25695: Multiple features escape "security restricted operation" sandbox

Versions Affected: 9.5 - 13. The security team typically does not test unsupported versions, but this problem is quite old.

An attacker having permission to create non-temporary objects in at least one schema can execute arbitrary SQL functions under the identity of a superuser.

While promptly updating PostgreSQL is the best remediation for most users, a user unable to do that can work around the vulnerability by disabling autovacuum and not manually running ANALYZE, CLUSTER, REINDEX, CREATE INDEX, VACUUM FULL, REFRESH MATERIALIZED VIEW, or a restore from output of the pg_dump command. Performance may degrade quickly under this workaround.

VACUUM without the FULL option is safe, and all commands are fine when a trusted user owns the target object.

The PostgreSQL project thanks Etienne Stalmans for reporting this problem.

CVE-2020-25694: Reconnection can downgrade connection security settings

Versions Affected: 9.5 - 13. The security team typically does not test unsupported versions, but this problem is quite old.

Many PostgreSQL-provided client applications have options that create additional database connections. Some of those applications reuse only the basic connection parameters (e.g. host, user, port), dropping others. If this drops a security-relevant parameter (e.g. channel_binding, sslmode, requirepeer, gssencmode), the attacker has an opportunity to complete a MITM attack or observe cleartext transmission.

Affected applications are clusterdb, pg_dump, pg_restore, psql, reindexdb, and vacuumdb. The vulnerability arises only if one invokes an affected client application with a connection string containing a security-relevant parameter.

This also fixes how the \connect command of psql reuses connection parameters, i.e. all non-overridden parameters from a previous connection string now re-used.

The PostgreSQL project thanks Peter Eisentraut for reporting this problem.

CVE-2020-25696: psql's \gset allows overwriting specially treated variables

Versions Affected: 9.5 - 13. The security team typically does not test unsupported versions, but this problem likely arrived with the feature's debut in version 9.3.

The \gset meta-command, which sets psql variables based on query results, does not distinguish variables that control psql behavior. If an interactive psql session uses \gset when querying a compromised server, the attacker can execute arbitrary code as the operating system account running psql. Using \gset with a prefix not found among specially treated variables, e.g. any lowercase string, precludes the attack in an unpatched psql.

The PostgreSQL project thanks Nick Cleaton for reporting this problem.

Bug Fixes and Improvements

This update also fixes over 65 bugs that were reported in the last several months. Some of these issues only affect version 13, but may also apply to other supported versions.

Some of these fixes include:

  • Fix a breakage in the replication protocol by ensuring that two "command completion" events are expected for START_REPLICATION.
  • Ensure fsync is called on the SLRU caches that PostgreSQL maintains. This prevents potential data loss due to an operating system crash.
  • Fix ALTER ROLE usage for users with the BYPASSRLS permission.
  • ALTER TABLE ONLY ... DROP EXPRESSION is disallowed on partitioned tables when there are child tables.
  • Ensure that ALTER TABLE ONLY ... ENABLE/DISABLE TRIGGER does not apply to child tables.
  • Fix for ALTER TABLE ... SET NOT NULL on partitioned tables to avoid a potential deadlock in parallel pg_restore.
  • Fix handling of expressions in CREATE TABLE LIKE with inheritance.
  • DROP INDEX CONCURRENTLY is disallowed on partitioned tables.
  • Allow LOCK TABLE to succeed on a self-referential view instead of throwing an error.
  • Several fixes around statistics collection and progress reporting for REINDEX CONCURRENTLY.
  • Ensure that GENERATED columns are updated when any columns they depend on are updated via a rule or an updatable view.
  • Support hash partitioning with text array columns as partition keys.
  • Allow the jsonpath .datetime() method to accept ISO 8601-format timestamps.
  • During a "smart" shutdown, ensure background processes are not terminated until all foreground client sessions are completed, fixing an issue that broke the processing of parallel queries.
  • Several fixes for the query planner and optimizer.
  • Ensure that data is de-toasted before being inserted into a BRIN index. This could manifest itself with errors like "missing chunk number 0 for toast value NNN". If you have seen a similar error in an existing BRIN index, you should be able to correct it by using REINDEX on the index.
  • Fix the output of EXPLAIN to have the correct XML tag nesting for incremental sort plans.
  • Several fixes for memory leaks, including ones involving RLS policies, using CALL with PL/pgSQL, SIGHUP processing a configuration parameter that cannot be applied without a restart, and an edge-case for index lookup for a partition.
  • libpq can now support arbitrary-length lines in the .pgpass file.
  • On Windows, psql now reads the output of a backtick command in text mode, not binary mode, so it can now properly handle newlines.
  • Fix how pg_dump, pg_restore, clusterdb, reindexdb, and vacuumdb use complex connection-string parameters.
  • When the \connect command of psql reuses connection parameters, ensure that all non-overridden parameters from a previous connection string are also re-used.
  • Ensure that pg_dump collects per-column information about extension configuration tables, avoiding crashes when specifying --inserts.
  • Ensure that parallel pg_restore processes foreign keys referencing partitioned tables in the correct order.
  • Several fixes for contrib/pgcrypto, including a memory leak fix.

This update also contains tzdata release 2020d for for DST law changes in Fiji, Morocco, Palestine, the Canadian Yukon, Macquarie Island, and Casey Station (Antarctica); plus historical corrections for France, Hungary, Monaco, and Palestine.

For the full list of changes available, please review the release notes.

PostgreSQL 9.5 EOL Notice

PostgreSQL 9.5 will stop receiving fixes on February 11, 2021. If you are running PostgreSQL 9.5 in a production environment, we suggest that you make plans to upgrade to a newer, supported version of PostgreSQL. Please see our versioning policy for more information.

Updating

All PostgreSQL update releases are cumulative. As with other minor releases, users are not required to dump and reload their database or use pg_upgrade in order to apply this update release; you may simply shutdown PostgreSQL and update its binaries.

Users who have skipped one or more update releases may need to run additional, post-update steps; please see the release notes for earlier versions for details.

For more details, please see the release notes.

NOTE: PostgreSQL 9.5 will stop receiving fixes on February 11, 2021. Please see our versioning policy for more information.

Links
Kategóriák: Informatika

[Video] Itt van az Apple új M1 chipje és arra épülő új MacBook-jai

HUP.hu - 2020, november 11 - 08:27

Kategóriák: Informatika

Call for New Member for the PostgreSQL Code of Conduct Committee

PostreSQL.org - 2020, november 11 - 01:00

This message is being sent from the PostgreSQL Code of Conduct Committee, with the approval of the Core Team.

The PostgreSQL Community Code of Conduct Committee is searching for a new member to fill a vacant seat.

The term runs through September 30, 2021.

We are seeking people who reflect the diversity of the PostgreSQL community, with the goal to have members from multiple countries and varied demographics.

You can view the current Committee members here:

https://www.postgresql.org/about/policies/coc_committee/

The time commitment for Committee involvement varies, based on internal administrative work and the number of active investigations. We estimate an average of 5 to 10 hours per month, but that could increase if there is an increase in the number of incident reports.

If you are interested, please complete the questionnaire below, and email your responses to the Committee at coc@postgresql.org no later than November 25, 2020, at 11:00 PM AOE. You can check your local time against AOE at https://time.is/Anywhere_on_Earth

The questionnaire:

  • Your name:
  • Current employer:
  • Current country of residence:

(We ask for employer and residence because one of the goals of the Committee is to have representation from a variety of geographical areas. We also want to avoid a concentration of members from one company.)

  1. What interests you about being on the CoC Committee?
  2. Have you been on another CoC Committee, or had a similar role at another organization? (Prior experience is not required, it's just helpful to know everyone's background.)
  3. Why do you think working on the CoC Committee would be a good experience?
  4. What else do you want to tell us about yourself that is helpful for us to know about your potential involvement with the CoC Committee?

Please be sure to send your reply to the CoC Committee email listed above. Thank you.

Kategóriák: Informatika

Az optimalizált töltésfunkció nálad be van kapcsolva?

HUP.hu - 2020, november 9 - 14:49
Az optimalizált töltésfunkció nálad be van kapcsolva? PDA, Mobil, Tablet carlcolt 2020. 11. 09., h - 14:49

iOS 13+ és Android:

A koncepció: ne legyen hajnal 2 és 7 közt végig 100%-on az aksi, csak 90% körül, hogy hosszabb legyen az élettartama. iOS 13-tól felfele alapbeállítás.

Nálad ki van kapcsolva, vagy be van kapcsolva? Mennyire volt tudatos ez a döntésed?

Kategóriák: Informatika

A OnePlus véletlenül stable frissítést tolt ki néhány OnePlus 8 béta usernek, ami adatvesztést okozott

HUP.hu - 2020, november 9 - 13:20
A OnePlus véletlenül stable frissítést tolt ki néhány OnePlus 8 béta usernek, ami adatvesztést okozott Android trey 2020. 11. 09., h - 13:20

OnePlus accidentally pushed a stable update to some OnePlus 8 series beta users, causing data wipes https://t.co/ruMZMDLkIO

— XDA (@xdadevelopers) November 9, 2020

A OnePlus 8 és OnePlus 8 Pro userek nemrég megkapták az OxygenOS 11.0.1.1 frissítést a stable csatornában. Nem sokkal ezután a OnePlus véletlenül kitolta ezt a stable frissítést a béta csatornában levő, OnePlus 8 sorozatú készülékekkel rendelkező tesztereknek is, de nem volt benne köszönet, ugyanis a frissítési folyamat során a frissítés teljesen letörölte az érintett eszközöket.

Kategóriák: Informatika

Trixie lesz a Debian 13 kódneve

HUP.hu - 2020, november 9 - 13:03
Trixie lesz a Debian 13 kódneve Debian trey 2020. 11. 09., h - 13:03

Debian 13 will be codenamed trixie. Visit for the names of the past and future Debian releases, and prepare yourself for bullseye, we're freezing soon! https://t.co/zALKEW0mW1

— The Debian Project (@debian) November 9, 2020

Természetesen, ahogy az elődjeinek, ennek is egy Toy Story karakter kölcsönözte a nevet:

Kategóriák: Informatika

Gyakrabban köhögsz mostanában?

HUP.hu - 2020, november 9 - 12:12
Gyakrabban köhögsz mostanában? Egyéb Oregon 2020. 11. 09., h - 12:12

Csak a kedves hup olvasó egészsége érdekelne.

Kategóriák: Informatika

Linus Torvalds: Linux 5.10-rc3

HUP.hu - 2020, november 9 - 08:15
Linus Torvalds: Linux 5.10-rc3 Kernel trey 2020. 11. 09., h - 08:15

5.10-rc3: mainline Version: 5.10-rc3 (mainline) Released: 2020-11-09 Source: linux-5.10-rc3.tar.gz Patch: full ( incremental ) https://t.co/92ScQXt9Ou #linux #kernel

— Linux Kernel Releases (@LinuxKReleases) November 9, 2020

Linus kiadta az 5.10-es kernel harmadik prepatchét. "Things look normal." - fűzte hozzá, vagyis ebben a fejlesztési ciklusban eddig minden a kedve szerint halad. Részletek a bejelentésben.

Kategóriák: Informatika

Megérkezett a hivatalos LineageOS 17.1 támogatás a OnePlus 5 és 5T készülékekhez

HUP.hu - 2020, november 9 - 08:02
Megérkezett a hivatalos LineageOS 17.1 támogatás a OnePlus 5 és 5T készülékekhez Android trey 2020. 11. 09., h - 08:02

LineageOS 17.1 adds support for the OnePlus 5/5T, Samsung Galaxy Tab S5e LTE, and Fairphone 3 https://t.co/eWTOYXrQYE

— XDA (@xdadevelopers) November 9, 2020

Ebben a körben az alábbi eszközök lettek támogatottak:

Kategóriák: Informatika

PostgreSQL Weekly News - November 8, 2020

PostreSQL.org - 2020, november 9 - 01:00
PostgreSQL Weekly News - November 8, 2020

Congratulations to new core team members Andres Freund and Jonathan Katz! https://www.postgresql.org/developer/core/

Person of the week: https://postgresql.life/post/elein_mustain/

PostgreSQL Product News

phpPgAdmin 7.13.1, a web-based administration tool for PostgreSQL, released. https://xzilla.net//blog/2020/Nov/phpPgAdmin-7-13-1-released.html

Ajqvue Version 3.3, a java-based UI which supports PostgreSQL, released. http://ajqvue.com

pg_statement_rollback, an extension that adds server side transaction with rollback at statement level, released. https://github.com/lzlabs/pg_statement_rollback/releases/

PostgreSQL Jobs for November

http://archives.postgresql.org/pgsql-jobs/2020-11/

PostgreSQL in the News

Planet PostgreSQL: http://planet.postgresql.org/

PostgreSQL Weekly News is brought to you this week by David Fetter

Submit news and announcements by Sunday at 3:00pm PST8PDT to david@fetter.org.

Applied Patches

Tom Lane pushed:

  • Fix two issues in TOAST decompression. pglz_maximum_compressed_size() potentially underestimated the amount of compressed data required to produce N bytes of decompressed data; this is a fault in commit 11a078cf8. Separately from that, pglz_decompress() failed to protect itself against corrupt compressed data, particularly off == 0 in a match tag. Commit c60e520f6 turned such a situation into an infinite loop, where before it'd just have resulted in garbage output. The combination of these two bugs seems like it may explain bug #16694 from Tom Vijlbrief, though it's impossible to be quite sure without direct inspection of the failing session. (One needs to assume that the pglz_maximum_compressed_size() bug caused us to fail to fetch the second byte of a match tag, and what happened to be there instead was a zero. The reported infinite loop is hard to explain without off == 0, though.) Aside from fixing the bugs, rewrite associated comments for more clarity. Back-patch to v13 where both these commits landed. Discussion: https://postgr.es/m/16694-f107871e499ec114@postgresql.org https://git.postgresql.org/pg/commitdiff/dfc797730fc7a07c0e6bd636ad1a564aecab3161

  • Second thoughts on TOAST decompression. On detecting a corrupted match tag, pglz_decompress() should just summarily return -1. Breaking out of the loop, as I did in dfc797730, doesn't quite guarantee that will happen. Also, we can use unlikely() on that check, just in case it helps. Backpatch to v13, like the previous patch. https://git.postgresql.org/pg/commitdiff/fd2997565c6f66837440dd57f5e52b56aa964d14

  • Rethink the generation rule for fmgroids.h macros. Traditionally, the names of fmgroids.h macros for pg_proc OIDs have been constructed from the prosrc field. But sometimes the same C function underlies multiple pg_proc entries, forcing us to make an arbitrary choice of which OID to reference; the other entries are then not namable via fmgroids.h. Moreover, we could not have macros at all for pg_proc entries that aren't for C-coded functions. Instead, use the proname field, and append the proargtypes field (replacing inter-argument spaces with underscores) if proname is not unique. Special-casing unique entries such as F_OIDEQ removes the need to change a lot of code. Indeed, I can only find two places in the tree that need to be adjusted; while this changes quite a few existing entries in fmgroids.h, few of them are referenced from C code. With this patch, all entries in pg_proc.dat have macros in fmgroids.h. Discussion: https://postgr.es/m/472274.1604258384@sss.pgh.pa.us https://git.postgresql.org/pg/commitdiff/8e1f37c07aafd4bb7aa6e1e1982010af11f8b5c7

  • Remove special checks for pg_rewrite.ev_qual and ev_action being NULL. make_ruledef() and make_viewdef() were coded to cope with possible null-ness of these columns, but they've been marked BKI_FORCE_NOT_NULL for some time. So there's not really any need to do more than what we do for the other columns of pg_rewrite, i.e. just Assert that we got non-null results. (There is a school of thought that says Asserts aren't the thing to do to check for corrupt data, but surely here is not the place to start if we want such a policy.) Also, remove long-dead-if-indeed-it-ever-wasn't-dead handling of an empty actions list in make_ruledef(). That's an error case and should be treated as such. (DO INSTEAD NOTHING is represented by a CMD_NOTHING Query, not an empty list; cf transformRuleStmt.) Kyotaro Horiguchi, some changes by me Discussion: https://postgr.es/m/CAEudQApoA=tMTic6xEPYP_hsNZ8XtToVThK_0x7D_aFQYowq3w@mail.gmail.com https://git.postgresql.org/pg/commitdiff/e1339bfc7a2fd4629e1c3f8f919ddd05b4745e13

  • Fix unportable use of getnameinfo() in pg_hba_file_rules view. fill_hba_line() thought it could get away with passing sizeof(struct sockaddr_storage) rather than the actual addrlen previously returned by getaddrinfo(). While that appears to work on many platforms, it does not work on FreeBSD 11: you get back a failure, which leads to the view showing NULL for the address and netmask columns in all rows. The POSIX spec for getnameinfo() is pretty clearly on FreeBSD's side here: you should pass the actual address length. So it seems plausible that there are other platforms where this coding also fails, and we just hadn't noticed. Also, IMO the fact that getnameinfo() failure leads to a NULL output is pretty bogus in itself. Our pg_getnameinfo_all() wrapper is careful to emit "???" on failure, and we should use that in such cases. NULL should only be emitted in rows that don't have IP addresses. Per bug #16695 from Peter Vandivier. Back-patch to v10 where this code was added. Discussion: https://postgr.es/m/16695-a665558e2f630be7@postgresql.org https://git.postgresql.org/pg/commitdiff/0a4b34031279d938c2e59df8df7159d6c11e39b5

  • Allow users with BYPASSRLS to alter their own passwords. The intention in commit 491c029db was to require superuserness to change the BYPASSRLS property, but the actual effect of the coding in AlterRole() was to require superuserness to change anything at all about a BYPASSRLS role. Other properties of a BYPASSRLS role should be changeable under the same rules as for a normal role, though. Fix that, and also take care of some documentation omissions related to BYPASSRLS and REPLICATION role properties. Tom Lane and Stephen Frost, per bug report from Wolfgang Walther. Back-patch to all supported branches. Discussion: https://postgr.es/m/a5548a9f-89ee-3167-129d-162b5985fcf8@technowledgy.de https://git.postgresql.org/pg/commitdiff/d907bd0543aa63e59653d7345840bed0f8b3a83b

  • Improve error messages around REPLICATION and BYPASSRLS properties. Clarify wording as per suggestion from Wolfgang Walther. No back-patch; this doesn't seem worth thrashing translatable strings in the back branches. Tom Lane and Stephen Frost Discussion: https://postgr.es/m/a5548a9f-89ee-3167-129d-162b5985fcf8@technowledgy.de https://git.postgresql.org/pg/commitdiff/17fb60387ce3fdc2bbb13d9b67bed0e4da77e173

  • Guard against core dump from uninitialized subplan. If the planner erroneously puts a non-parallel-safe SubPlan into a parallelized portion of the query tree, nodeSubplan.c will fail in the worker processes because it finds a null in es_subplanstates, which it's unable to cope with. It seems worth a test-and-elog to make that an error case rather than a core dump case. This probably should have been included in commit 16ebab688, which was responsible for allowing nulls to appear in es_subplanstates to begin with. So, back-patch to v10 where that came in. Discussion: https://postgr.es/m/924226.1604422326@sss.pgh.pa.us https://git.postgresql.org/pg/commitdiff/92f87182f2c617fd420832972b6d0ae4527301c8

  • Remove useless entries for aggregate functions from fmgrtab.c. Gen_fmgrtab.pl treated aggregate functions the same as other built-in functions, which is wasteful because there is no real need to have entries for them in the fmgr_builtins[] table. Suppressing those entries saves about 3KB in the compiled table on my machine; which is not a lot but it's not nothing either, considering that that table is pretty "hot". The only outside code change needed is that ExecInitWindowAgg() can't be allowed to call fmgr_info_cxt() on a plain aggregate function. But that saves a few cycles anyway. Having done that, the aggregate_dummy() function is unreferenced and might as well be dropped. Using "aggregate_dummy" as the prosrc value for an aggregate is now just a documentation convention not something that matters. There was some discussion of using NULL instead to save a few bytes in pg_proc, but we'd have to remove prosrc's BKI_FORCE_NOT_NULL marking which doesn't seem a great idea. Anyway, it's possible there's client-side code that expects to see "aggregate_dummy" there, so I'm loath to change it without a strong reason. Discussion: https://postgr.es/m/533989.1604263665@sss.pgh.pa.us https://git.postgresql.org/pg/commitdiff/f21636e5d5b8394ed076e18ddc5f4ba710c69c99

  • Improve our ability to regurgitate SQL-syntax function calls. The SQL spec calls out nonstandard syntax for certain function calls, for example substring() with numeric position info is supposed to be spelled "SUBSTRING(string FROM start FOR count)". We accept many of these things, but up to now would not print them in the same format, instead simplifying down to "substring"(string, start, count). That's long annoyed me because it creates an interoperability problem: we're gratuitously injecting Postgres-specific syntax into what might otherwise be a perfectly spec-compliant view definition. However, the real reason for addressing it right now is to support a planned change in the semantics of EXTRACT() a/k/a date_part(). When we switch that to returning numeric, we'll have the parser translate EXTRACT() to some new function name (might as well be "extract" if you ask me) and then teach ruleutils.c to reverse-list that per SQL spec. In this way existing calls to date_part() will continue to have the old semantics. To implement this, invent a new CoercionForm value COERCE_SQL_SYNTAX, and make the parser insert that rather than COERCE_EXPLICIT_CALL when the input has SQL-spec decoration. (But if the input has the form of a plain function call, continue to mark it COERCE_EXPLICIT_CALL, even if it's calling one of these functions.) Then ruleutils.c recognizes COERCE_SQL_SYNTAX as a cue to emit SQL call syntax. It can know which decoration to emit using hard-wired knowledge about the functions that could be called this way. (While this solution isn't extensible without manual additions, neither is the grammar, so this doesn't seem unmaintainable.) Notice that this solution will reverse-list a function call with SQL decoration only if it was entered that way; so dump-and-reload will not by itself produce any changes in the appearance of views. This requires adding a CoercionForm field to struct FuncCall. (I couldn't resist the temptation to rearrange that struct's field order a tad while I was at it.) FuncCall doesn't appear in stored rules, so that change isn't a reason for a catversion bump, but I did one anyway because the new enum value for CoercionForm fields could confuse old backend code. Possible future work: * Perhaps CoercionForm should now be renamed to DisplayForm, or something like that, to reflect its more general meaning. This'd require touching a couple hundred places, so it's not clear it's worth the code churn. * The SQLValueFunction node type, which was invented partly for the same goal of improving SQL-compatibility of view output, could perhaps be replaced with regular function calls marked with COERCE_SQL_SYNTAX. It's unclear if this would be a net code savings, however. Discussion: https://postgr.es/m/42b73d2d-da12-ba9f-570a-420e0cce19d9@phystech.edu https://git.postgresql.org/pg/commitdiff/40c24bfef92530bd846e111c1742c2a54441c62c

  • Declare lead() and lag() using anycompatible not anyelement. This allows use of a "default" expression that doesn't slavishly match the data column's type. Formerly you got something like "function lag(numeric, integer, integer) does not exist", which is not just unhelpful but actively misleading. The SQL spec suggests that the default should be coerced to the data column's type, but this implementation instead chooses the common supertype, which seems at least as reasonable. (Note: I took the opportunity to run "make reformat-dat-files" on pg_proc.dat, so this commit includes some cosmetic changes to recently-added entries that aren't related to lead/lag.) Vik Fearing Discussion: https://postgr.es/m/77675130-89da-dab1-51dd-492c93dcf5d1@postgresfriends.org https://git.postgresql.org/pg/commitdiff/5c292e6b90433c760a3e15027646c7b94afd0cdd

  • Declare assorted array functions using anycompatible not anyelement. Convert array_append, array_prepend, array_cat, array_position, array_positions, array_remove, array_replace, and width_bucket to use anycompatiblearray. This is a simple extension of commit 5c292e6b9 to hit some other places where there's a pretty obvious gain in usability from doing so. Ideally we'd also modify other functions taking multiple old-style polymorphic arguments. But most of the remainder are tied into one or more operator classes, making any such change a much larger can of worms than I desire to open right now. Discussion: https://postgr.es/m/77675130-89da-dab1-51dd-492c93dcf5d1@postgresfriends.org https://git.postgresql.org/pg/commitdiff/9e38c2bb5093ceb0c04d6315ccd8975bd17add66

  • Remove underflow error in float division with infinite divisor. float4_div and float8_div correctly produced zero for zero divided by infinity, but threw an underflow error for nonzero finite values divided by infinity. This seems wrong; at the very least it's inconsistent with the behavior recently implemented for numeric infinities. Remove the error and allow zero to be returned. This patch also removes a useless isinf() test from the overflow checks in these functions (non-Inf divided by Inf can't produce Inf). Extracted from a larger patch; this seems significant outside the context of geometric operators, so it deserves its own commit. Kyotaro Horiguchi Discussion: https://postgr.es/m/CAGf+fX70rWFOk5cd00uMfa__0yP+vtQg5ck7c2Onb-Yczp0URA@mail.gmail.com https://git.postgresql.org/pg/commitdiff/fac83dbd6fe1ac3d4125bfa39f287f95bffe6cda

  • Don't throw an error for LOCK TABLE on a self-referential view. LOCK TABLE has complained about "infinite recursion" when applied to a self-referential view, ever since we made it recurse into views in v11. However, that breaks pg_dump's new assumption that it's okay to lock every relation. There doesn't seem to be any good reason to throw an error: if we just abandon the recursion, we've still satisfied the requirement of locking every referenced relation. Per bug #16703 from Andrew Bille (via Alexander Lakhin). Discussion: https://postgr.es/m/16703-e348f58aab3cf6cc@postgresql.org https://git.postgresql.org/pg/commitdiff/5b7bfc39726ff9f6c52dd73e337c34e74e0d1f39

  • Revert "pg_dump: Lock all relations, not just plain tables". Revert 403a3d91c, as well as the followup fix 7f4235032, in all branches. We need to think a bit harder about what the behavior of LOCK TABLE on views should be, and there's no time for that before next week's releases. We'll take another crack at this later. Discussion: https://postgr.es/m/16703-e348f58aab3cf6cc@postgresql.org https://git.postgresql.org/pg/commitdiff/d3adaabaf7d555ec8bb1d83c43f72e79f1bf0b7d

  • Revert "Accept relations of any kind in LOCK TABLE". Revert 59ab4ac32, as well as the followup fix 33862cb9c, in all branches. We need to think a bit harder about what the behavior of LOCK TABLE on views should be, and there's no time for that before next week's releases. We'll take another crack at this later. Discussion: https://postgr.es/m/16703-e348f58aab3cf6cc@postgresql.org https://git.postgresql.org/pg/commitdiff/eeda7f6338095701cfe1ba3da37070508efe019e

  • Fix ecpg's mishandling of B'...' and X'...' literals. These were broken in multiple ways: * The xbstart and xhstart lexer actions neglected to set "state_before_str_start" before transitioning to the xb/xh states, thus possibly resulting in "internal error: unreachable state" later. * The test for valid string contents at the end of xb state was flat out wrong, as it accounted incorrectly for the "b" prefix that the xbstart action had injected. Meanwhile, the xh state had no such check at all. * The generated literal value failed to include any quote marks. * The grammar did the wrong thing anyway, typically ignoring the literal value and emitting something else, since BCONST and XCONST tokens were handled randomly differently from SCONST tokens. The first of these problems is evidently an oversight in commit 7f380c59f, but the others seem to be very ancient. The lack of complaints shows that ECPG users aren't using these syntaxes much (although I do vaguely remember one previous complaint). As written, this patch is dependent on 7f380c59f, so it can't go back further than v13. Given the shortage of complaints, I'm not excited about adapting the patch to prior branches. Report and patch by Shenhao Wang (test case adjusted by me) Discussion: https://postgr.es/m/d6402f1bacb74ecba22ef715dbba17fd@G08CNEXMBPEKD06.g08.fujitsu.local https://git.postgresql.org/pg/commitdiff/1e3868ab3bef5cfa0f4d44a6937a880be7a3a482

  • Avoid re-using output variables in new ecpg test case. The buildfarm thinks this leads to memory stomps, though annoyingly I can't duplicate that here. The existing code in strings.pgc is doing something that doesn't seem to be sanctioned at all really by the documentation, but I'm disinclined to try to make that nicer right now. Let's just declare some more output variables in hopes of working around it. https://git.postgresql.org/pg/commitdiff/eed4356fad84b0fd6e3caa49c7006f401159ac9a

David Rowley pushed:

  • Allow run-time pruning on nested Append/MergeAppend nodes. Previously we only tagged on the required information to allow the executor to perform run-time partition pruning for Append/MergeAppend nodes belonging to base relations. It was thought that nested Append/MergeAppend nodes were just about always pulled up into the top-level Append/MergeAppend and that making the run-time pruning info for any sub Append/MergeAppend nodes was a waste of time. However, that was likely badly thought through. Some examples of cases we're unable to pullup nested Append/MergeAppends are: 1) Parallel Append nodes with a mix of parallel and non-parallel paths into a Parallel Append. 2) When planning an ordered Append scan a sub-partition which is unordered may require a nested MergeAppend path to ensure sub-partitions don't mix up the order of tuples being fed into the top-level Append. Unfortunately, it was not just as simple as removing the lines in createplan.c which were purposefully not building the run-time pruning info for anything but RELOPT_BASEREL relations. The code in add_paths_to_append_rel() was far too sloppy about which partitioned_rels it included for the Append/MergeAppend paths. The original code there would always assume accumulate_append_subpath() would pull each sub-Append and sub-MergeAppend path into the top-level path. While it does not appear that there were any actual bugs caused by having the additional partitioned table RT indexes recorded, what it did mean is that later in planning, when we built the run-time pruning info that we wasted effort and built PartitionedRelPruneInfos for partitioned tables that we had no subpaths for the executor to run-time prune. Here we tighten that up so that partitioned_rels only ever contains the RT index for partitioned tables which actually have subpaths in the given Append/MergeAppend. We can now Assert that every PartitionedRelPruneInfo has a non-empty present_parts. That should allow us to catch any weird corner cases that have been missed. In passing, it seems there is no longer a good reason to have the AppendPath and MergeAppendPath's partitioned_rel fields a List of IntList. We can simply have a List of Relids instead. This is more compact in memory and faster to add new members to. We still know which is the root level partition as these always have a lower relid than their children. Previously this field was used for more things, but run-time partition pruning now remains the only user of it and it has no need for a List of IntLists. Here we also get rid of the RelOptInfo partitioned_child_rels field. This is what was previously used to (sometimes incorrectly) set the Append/MergeAppend path's partitioned_rels field. That was the only usage of that field, so we can happily just remove it. I also couldn't resist changing some nearby code to make use of the newly added for_each_from macro so we can skip the first element in the list without checking if the current item was the first one on each iteration. A bug report from Andreas Kretschmer prompted all this work, however, after some consideration, I'm not personally classing this as a bug fix. So no backpatch. In Andreas' test case, it just wasn't that clear that there was a nested Append since the top-level Append just had a single sub-path which was pulled up a level, per 8edd0e794. Author: David Rowley Reviewed-by: Amit Langote Discussion: https://postgr.es/m/flat/CAApHDvqSchs%2BubdybcfFaSPB%2B%2BEA7kqMaoqajtP0GtZvzOOR3g%40mail.gmail.com https://git.postgresql.org/pg/commitdiff/a929e17e5a8c9b751b66002c8a89fdebdacfe194

  • Fix unstable partition_prune regression tests. This was broken recently by a929e17e5. I'd failed to remember that parallel tests should have their EXPLAIN output run through the explain_parallel_append function so that the output is stable when parallel workers fail to start. fairywren was first to notice. Reported-by: Michael Paquier Discussion: https://postgr.es/m/20201102062951.GB15770@paquier.xyz https://git.postgresql.org/pg/commitdiff/90d8f1b1826ce076a502a43fe7c88423b46c6349

Amit Kapila pushed:

Michaël Paquier pushed:

Heikki Linnakangas pushed:

Thomas Munro pushed:

Magnus Hagander pushed:

Peter Eisentraut pushed:

Tomáš Vondra pushed:

Fujii Masao pushed:

Peter Geoghegan pushed:

  • Fix nbtree cleanup-only VACUUM stats inaccuracies. Logic for counting heap TIDs from posting list tuples (added by commit 0d861bbb) was faulty. It didn't count any TIDs/index tuples in the event of no callback being set. This meant that we incorrectly counted no index tuples in clean-up only VACUUMs, which could lead to pg_class.reltuples being spuriously set to 0 in affected indexes. To fix, go back to counting items from the page in cases where there is no callback. This approach isn't very accurate, but it works well enough in practice while avoiding the expense of accessing every index tuple during cleanup-only VACUUMs. Author: Peter Geoghegan pg [AT] bowt.ie Reported-By: Jehan-Guillaume de Rorthais jgdr [AT] dalibo.com https://postgr.es/m/20201023174451.69e358f1@firost Backpatch: 13-, where nbtree deduplication was introduced https://git.postgresql.org/pg/commitdiff/48e1291342dd7771cf8c67aa1d7ec1f394b95dd8

  • Fix wal_consistency_checking nbtree bug. wal_consistency_checking indicated an inconsistency in certain cases involving nbtree page deletion. The underlying issue is that there was a minor difference between the page image produced after a REDO routine ran and the corresponding page image following original execution. This harmless inconsistency has been around forever. We more or less expect total consistency among even deleted nbtree pages these days, though, so this won't do anymore. To fix, tweak the REDO routine to match original execution. Oversight in commit f47b5e13. https://git.postgresql.org/pg/commitdiff/efc5dcfd8ad4e1df633025d8a91b64cd44d93f42

  • Improve nbtree README's LP_DEAD section. The description of how LP_DEAD bit setting by index scans works following commit 2ed5b87f was rather unclear. Clean that up a bit. Also refer to LP_DEAD bit setting within _bt_check_unique() at the start of the same section. This mechanism may actually be more important than the generic kill_prior_tuple mechanism that the section focuses on, so it at least deserves to be mentioned in passing. https://git.postgresql.org/pg/commitdiff/5a2f154a2ecaf545000a3ff3cdbadc76ae1df30a

Álvaro Herrera pushed:

Pending Patches

Nikhil Benesch sent in a patch to support negative indexes in the split_part() function, those counting from the end of the array instead of the start.

Justin Pryzby sent in another revision of a patch to refactor CIC to rely on REINDEX CONCURRENTLY, refactor same to allow reindexing all index partitions at once, and make ReindexPartitions() set indisvalid so things that come by later can see they're ready to go.

Magnus Hagander sent in another revision of a patch to remove the obsolete analyze_new_cluster.sh script and things that know about it from pg_upgrade.

Anastasia Lubennikova sent in another revision of a patch to teach COPY FREEZE to set PD_ALL_VISIBLE and visibility map bits.

David G. Johnston sent in another revision of a patch to clarify the fact that signal functions have no feedback.

Heikki Linnakangas sent in four revisions of a patch to split copy.c into copyto.c and copyfrom.c, and further split copyfrom.c into copyfrom.c and copyfromparse.c. This will make working on the usually independent functionalities of the split files more convenient and easier to read.

Álvaro Herrera sent in another revision of a patch to add batch/pipelining support to libpq.

Pavel Stěhule sent in a patch to reduce overhead of execution of CALL statement in no atomic mode from PL/pgSQL.

Magnus Hagander sent in two revisions of a patch to remove the obsolete -O switch for postgres, which once allowed passing options to each server process.

Kyotaro HORIGUCHI sent in two more revisions of a patch to fix a dereference before NULL check in src/backend/storage/ipc/latch.c.

David Rowley sent in two revisions of a patch to reduce the number of special cases to build contrib modules on windows.

Konstantin Knizhnik sent in three more revisions of a patch to add custom compression to libpq.

Fabien COELHO sent in another revision of a patch to pgbench to add an option which delays queries until connections are established.

Thomas Munro and David Rowley traded patches to implement collation versioning.

Jinbao Chen sent in a patch to add a new table am 'tid_visible' to test the visibility of a tid.

Peter Geoghegan sent in another revision of a patch to add delete deduplication to nbtree.

Stephen Frost sent in two more revisions of a patch to use pre-fetching for ANALYZE.

Tomáš Vondra sent in another revision of a patch to use INT64_FORMAT to print int64 variables in sort debug.

Bharath Rupireddy sent in another revision of a patch to use multi Inserts in Create Table As.

Amit Langote sent in another revision of a patch to call BeginDirectModify from ExecInitModifyTable, and initialize result relation information lazily. This work builds infrastructure that will later be used to make writes on foreign tables more efficient.

Vigneshwaran C sent in two more revisions of a patch to improve the connection authorization message for GSS authenticated/encrypted connections by adding a log message to include GSS authentication, encryption, and principal information. This message will help the user to know whether GSS authentication or encryption was used and which GSS principal was used.

Tomáš Vondra sent in three more revisions of a patch to implement BRIN multi-range indexes.

Álvaro Herrera sent in another revision of a patch to implement ALTER TABLE ... DETACH CONCURRENTLY.

Tsutomu Yamada sent in another revision of a patch to add \dX, which lists extended statistics, to psql.

Pavel Borisov sent in two more revisions of a patch to deprecate and replace <^ and >^ operators for points.

Melanie Plageman sent in another revision of a patch to support parallel FULL JOIN and RIGHT JOIN.

Kyotaro HORIGUCHI sent in two more revisions of a patch to use shared memory instead of files for storage in the stats collector.

Ajin Cherian and Peter Smith traded patches to add logical decoding of two-phase transactions.

Kirk Jamison sent in another revision of a patch to make DropRelFileNodeBuffers() more efficient during recovery by avoiding scanning the whole buffer pool when the relation is small enough, or the the total number of blocks to be invalidated is below the threshold of full scanning.

Daniel Gustafsson sent in two more revisions of a patch to support NSS as a TLS backend for libpq.

Takamichi Osumi sent in three more revisions of a patch to implement CREATE OR REPLACE TRIGGER.

Fujii Masao sent in another revision of a patch to use standard SIGHUP and SIGTERM handlers in the autoprewarm process.

Justin Pryzby sent in another revision of a patch to Implement CLUSTER of partitioned table. This requires either specification of a partitioned index on which to cluster, or that an partitioned index was previously set clustered.

Kyotaro HORIGUCHI sent in another revision of a patch to fix NaN handling in some geometric operators and functions.

Michaël Paquier sent in another revision of a patch to rework the SHA2 APIs, switch sha2_openssl.c to use EVP, and make pgcrypto use the in-core resowner facility for EVP.

Yuzuko Hosoya sent in another revision of a patch to fix some infelicities between autovacuum and partitioned tables.

Justin Pryzby sent in another revision of a patch to make pg_ls_* show directories and shared filesets.

Seino Yuki sent in another revision of a patch to enable pg_stat_statements to track rows processed by REFRESH MATERIALIZED VIEW.

Kyotaro HORIGUCHI sent in two more revisions of a patch to implement CatCache expiration.

David Pirotte sent in another revision of a patch to add logical decoding messages to pgoutput.

Masahiko Sawada sent in two more revisions of a patch to implement a transaction manager for foreign transactions.

Masahiro Ikeda sent in another revision of a patch to add statistics to the pg_stat_wal view.

Justin Pryzby sent in a patch atop the one for incremental view maintenance patch which fixes some documentation.

Michaël Paquier sent in a patch to refactor the MD5 implementations to be just one, and switch to EVP for OpenSSL.

Justin Pryzby sent in another revision of a patch to clarify the computation of min/max IO and specifically the double use and effect of correlation, avoid re-using the "pages_fetched" variable, and use the correlation statistic in costing bitmap scans as for an index scan.

Sergei Kornilov sent in another revision of a patch to allow some recovery parameters to be changed with reload.

Marina Polyakova sent in two revisions of a patch to fix a bug that manifested as pgbench no longer supporting a large number of client connections on Windows.

Andrey Borodin sent in another revision of a patch to add Sortsupport for sorting GiST build for gist_btree types.

Jürgen Purtz and Erik Rijkers traded patches to add an architecture chapter to the tutorial.

Dilip Kumar sent in another revision of a patch to implement custom table compression methods.

Tomáš Vondra sent in a patch to remove some duplicate code from brin_memtuple_initialize.

Kategóriák: Informatika

phpPgAdmin 7.13.0 Now Available!

PostreSQL.org - 2020, november 9 - 01:00

I’m pleased to announce the latest release of phpPgAdmin, version 7.13.0.

This release incorporates the following changes:

  • Add support for Postgres 13
  • Add provisional support for Postgres 14
  • Upgrade Jquery library to 3.4.1 (Nirgal)
  • Allow users to see group owned databases when using “owned only”
  • Fix bug where sorting on selects dumped you to the table screen (MichaMEG)

Note this release drops support for PHP 7.1, and will be the last release to support PHP 7.2. For complete details of changes, please see the HISTORY file and/or commit logs. We hope you find this new release helpful!

phpPgAdmin is a mature web-based administration tool for PostgreSQL, for more information on phpPgAdmin, check out our project page at https://github.com/phppgadmin/phppgadmin/

You can download the release at https://github.com/phppgadmin/phppgadmin/releases/tag/REL_7-13-0

Package checksums:

  • MD5 (phpPgAdmin-7.13.0.tar.bz2) = f4e5e567fb8fae7193fb265b9c7f5b7a
  • MD5 (phpPgAdmin-7.13.0.tar.gz) = 8a38dca6bd0bcdc9481c88f1ac0c0f80
  • MD5 (phpPgAdmin-7.13.0.zip) = 46074830709655d1852c3886017ee58c

shasum 6.01:

  • 165caaf0725563b5b98dce6191e55bfdcb1a8c9f phpPgAdmin-7.13.0.tar.bz2
  • 47620834a8bb169c043f47a3eef6029b4f7169af phpPgAdmin-7.13.0.tar.gz
  • 12f4dfbaa0f866c6e48e1231f44210a0e6f2907f phpPgAdmin-7.13.0.zip
Kategóriák: Informatika

Évtizedes bugokat találtak az iOS-ben; az iOS 14.2 is érintett

HUP.hu - 2020, november 8 - 09:15
Évtizedes bugokat találtak az iOS-ben; az iOS 14.2 is érintett Apple trey 2020. 11. 08., v - 09:15

One bug was introduced by iOS 6. Another one was introduced by iOS 3. That is, this grandpa bug also affects the very first generation of iPhone. It has survived more than 10 years. Honestly I don’t believe that I’m the first one who found this.

— Zhi (@CodeColorist) November 8, 2020

Az egyik bug az iOS 3-mal (2009), a másik az iOS 6-tal (2012) mutatkozott be. A felfedezőjük nem hisz abban, hogy ő találta volna meg ezeket a bugokat elsőként. A bugok távoli kódfuttatásra adnak lehetőséget Pointer Authentication Code (PAC) & APRR biztonsági védelmi mechanizmusok kijátszása mellett.

Ahogy azt a felfedező ironikusan megjegyzi, manapság egy bug nem bug, ha nincs hivatalos weboldala, készített hozzá egy kis reklámot a szórakoz(tat)ás kedvéért:

Kategóriák: Informatika

Mutt 2.0

HUP.hu - 2020, november 8 - 08:53
Mutt 2.0 Szerszám trey 2020. 11. 08., v - 08:53

Mutt 2.0 - https://t.co/FFuj56wDov pic.twitter.com/rIbox7ueG9

— HUP (@huphu) November 8, 2020 #onhup

Megjelent az idén 25 éves, text-alapú e-mail kliens, a Mutt 2.0-s kiadása. Eredetileg Michael Elkins írta, majd adta ki 1995-ben GPLv2 alatt. A Mutt szlogenje: All mail clients suck. This one just sucks less.

A 2.0-s verzióra ugrást nem a nagy változtatások száma, hanem inkább egyes, visszafelé NEM kompatibilis változtatások indokolták. Részletek a kiadási megjegyzésekben,  valamint az UPDATING dokumentumban.

Kategóriák: Informatika

A VMware Tools mostantól önálló, külön letöltendő termék

HUP.hu - 2020, november 7 - 11:18
A VMware Tools mostantól önálló, külön letöltendő termék Virtualizáció trey 2020. 11. 07., szo - 11:18

#VMmware Tools Is Now Its Own Product - https://t.co/cSWmRWvYZQ

— HUP (@huphu) November 7, 2020
Productizing VMware Tools. Yes, you heard it right. Now VMware Tools are independently available and can be downloaded as a separate product from my.vmware.com portal. This essentially means that VMware Tools will also feature in VMware Lifecycle Product Matrix, giving customers full visibility about VMware Tools lifecycle.

A VMware vSphere csapat blogján jelentette be, hogy az eddig a vSphere csomaggal együtt érkezett és abban telepíthető VMware Tools mostantól önálló, a my.vmware.com oldalról letölthető, függetlenül elérhető termék lesz. Részletek itt.

Kategóriák: Informatika

Rendeltetés szerinti használat mellett volt már problémád eredeti Apple kábelekkel?

HUP.hu - 2020, november 6 - 15:55
Rendeltetés szerinti használat mellett volt már problémád eredeti Apple kábelekkel? Apple Gyuszk 2020. 11. 06., p - 15:55

Szakadás, sárgulás, kontakt hiba. Rendeltetés szerinti használat alatt a hétköznapi használatot értjük, azaz nem rángatjuk, rágjuk, sodorgatjuk, gyűrjük a kábelt.

Beleértendő az iPhone dobozában talált töltőkábel és a MacBook dobozában talált töltőkábel is.

Kategóriák: Informatika

drupal 9.1.0-beta1

Drupal.org - 2020, november 6 - 15:14

This is a beta release for the next minor version (feature release) of Drupal 9. Betas are good testing targets for developers and site builders who are comfortable reporting (and where possible, fixing) their own bugs. Beta releases are not recommended for non-technical users, nor for production websites. More information on beta releases.

This minor release provides new improvements and functionality without breaking backward compatibility (BC) for public APIs. Note that there may be changes in internal APIs and experimental modules that require updates to contributed and custom modules and themes per Drupal core's backwards compatibility and experimental module policies.

Drupal 9.1.x contains new features, and should be the target for new site development. Drupal 8.9.x will continue to have security support until November 2021. Drupal 9.0.x will continue to have security support until June 2021.

Regardless of which version you choose now, features will only be added to Drupal 9 minor releases, so plan to adopt Drupal 9 this year so that you can easily update to Drupal 9.2 and later.

Important update information and changes since 9.1.0-alpha1

If you are updating from 9.0.x or earlier, also read the 9.1.0-alpha1 update information.

Updating from Drupal 8

For information on updating from Drupal 8 to Drupal 9, see Upgrading a Drupal 8 site to Drupal 9.

Sites on 8.7 or earlier must update to either 8.8 or 8.9 before updating to Drupal 9 as all Drupal 8 update functions from before Drupal 8.8.0-rc1 were removed from Drupal 9. We recommend updating to 8.9.x, as well as updating all contributed modules, before updating to any Drupal 9 release.

Note: The migration paths from Drupal 6 and Drupal 7 to Drupal 9 will remain supported throughout Drupal 9's release cycle.

Note for users of the Experimental Workspaces module

Existing Drupal 8 sites using the experimental Workspaces module must update to at least Drupal 8.8.2 before updating to Drupal 9. (This is due to a required data integrity fix.) Remember that Workspaces is currently in beta status and is not intended for production.

Upgrading from Drupal 7

Drupal 7 users can continue to migrate to Drupal 8.8 or 8.9, or migrate to 9.0 or 9.1 directly. The upgrade path for multilingual sites is stable in Drupal 8.8, 8.9, 9.0 and 9.1!

PHP 8 compatibility

Drupal 9.1 core has made numerous internal changes in order to be compatible with PHP 8.0, which is due to be released in November. However, full compatibility with PHP 8 is currently blocked by upstream dependencies that do not have PHP 8 versions available yet.

There are two remaining dependency updates required to support PHP 8. These dependencies may still be updated prior to 9.1.0-rc1 and could include disruptive changes:

Dependency updates since 9.1.0-alpha1
  • In order to support PHP 8, Drupal core is now using composer/semver version 3, and the tests are now using composer/composer version 2 internally. For more information, see the change record on Drupal 9.1's internal composer requirements. Note: These are only internal dependencies. Site owners may use either Composer 1 or Composer 2 on the command line to manage their Drupal 8.8, 8.9, 9.0, and 9.1 sites. Drush users must update to the latest dev version for compatibility with this change in Drupal 9.1.

  • The locked version of the fabpot/goutte development dependency has been updated to 3.3.1 for PHP 8 compatibility.

  • doctrine/annotations has been updated from 1.10.4 to 1.11.1, and doctrine/reflection has been updated from 1.2.1 to 1.2.2 .

  • Symfony packages have been updated from 4.4.15 to 4.4.16, and several Symfony polyfill libraries have been updated from 1.18.1 to 1.20.0.

  • symfony/mime, symfony/var-dumper, and symfony/phpunit-bridge have been updated from 5.1.7 to 5.1.8. Note that these packages may be further updated to 5.2.0 prior to 9.1.0-rc1.

  • Twig has been updated from 2.13.1 to 2.14.1.

  • squizlabs/php_codesniffer has been updated from 3.5.6 to 3.5.8.

Critical issues resolved since 9.1.0-alpha1 Known issues

Search the issue queue for known issues.

Changes since 9.1.0-alpha1:
  • #1538118 by dww, swentel, dawehner, pwolanin, sanduhrs, alexpott, ayushmishra206, Wim Leers, yogeshmpawar, mgifford, cilefen, David_Rothstein, drumm, larowlan, Heine, colan, tedbow, benjifisher, klausi, borisson_, quietone: Update status does not verify the identity or authenticity of the release history URL
  • #3164686 by mondrake, longwave, ridhimaabrol24, alexpott, larowlan: WebAssert::addressEquals() and AssertLegacyTrait::assertUrl() fail to check the querystring
  • #3151118 by alexpott, Beakerboy, kapilkumar0324, anmolgoyal74, jungle, heddn, Mile23, andypost, daffie: Include bootstrap.inc using composer
  • #3175666 by paulocs, shetpooja04, Lendude, anmolgoyal74, jijojoseph_zyxware, sanjayk, catch, kapilkumar0324: Remove unused $admin_user variable in FieldEntityOperationsTest.php, views module
  • #3014969 by TR, longwave, Abhijith S, joachim, shimpy: Unescaped "@" in ContextProviderInterface doc comment
  • #2736777 by alexpott, mondrake, Charlie ChX Negyesi, catch, Mile23, andypost: MySQL on PHP 8 now errors when committing or rolling back when there is no active transaction
  • #3179768 by bnjmnm, DyanneNova: Fix Claro details caret
  • #3062751 by katherined, bnjmnm, boulaffasae, HOG, joseph.olstad, kapilkumar0324, Vidushi Mehta, shimpy, phenaproxima, antonellasevero, lauriii, KondratievaS, SharmaAnmol, ckrina: Media and media library
  • #3061042 by DyanneNova, komalkolekar, anmolgoyal74, bnjmnm, katherined, ranjith_kumar_k_u, lauriii, L2G2, ckrina, antonellasev: Status Report Page Update
  • #3180092 by Gábor Hojtsy: Update fabpot/goutte to 3.3.1 for PHP 8 compatibility
  • #3176910 by kishor_kolekar, anmolgoyal74, hansa11, kostyashupenko, mherchel: Move Olivero's preload.twig documentation to @file and include variables passed for the template
  • #3156260 by anmolgoyal74, Abhijith S, bandanasharma, ranjith_kumar_k_u, andrewmacpherson: Undocumented title variable in feed-icon.html.twig
  • #3174928 by alexpott, andypost: Improve the stability of core JS testing and prepare for update of MinkSelenium2Driver
  • #3177318 by mherchel, proeung, kostyashupenko, jwitkowski79: Identify and add maintainers for Olivero theme to MAINTAINERS.txt and other respective places
  • #3173018 by kostyashupenko, Pooja Ganjage, proeung, mherchel: [Code Review] Remove .form-type as this prefix block element doesn't exist
  • #3178806 by kishor_kolekar, mherchel, larowlan, kostyashupenko, ayushmishra206: Node teaser should not hard-code the text-content CSS class in template
  • #3179157 by komalkolekar, mherchel: Small variant of select form element doesn't look correct in RTL
  • #3156887 by andypost, mondrake, ayushmishra206, alexpott, Ayesh, longwave: \Drupal\system\Plugin\ImageToolkit\GDToolkit needs to support \GdImage objects for PHP 8 compatibility
  • #3132426 by alexpott, dww, GuyPaddock, catch, VladimirAus: Notice: Undefined index: title in Drupal\update\ProjectSecurityRequirement
  • #3179318 by dww: Always use HTTPS for fetching translations
  • #3177541 by alexpott, andypost: stream_open() needs to cope with a failure in \Drupal\Core\StreamWrapper\LocalStream::getLocalPath() better
  • #3179284 by alexpott, longwave, andypost: Update dependencies for Drupal 9.1 and 9.2
  • #3178998 by alexpott, andypost: Update error types and messages for PHP 8
  • #3128631 by andypost, longwave, hussainweb, ayushmishra206, greg.1.anderson, xjm, catch, Mixologic, jungle, Gábor Hojtsy: Update dependencies composer/composer ^2 and composer/semver to ^3
  • #3179013 by alexpott, andypost: EntityRouteEnhancerTest has a meaningless assertion that breaks in PHP 8
  • #3177377 by ranjith_kumar_k_u, kapilkumar0324, paulocs, longwave: Remove unused variable $charcodes and $node2
  • #3173004 by beram: Incorrect typehint documentation for FieldItemInterface::view() and FieldItemListInterface::view(): $display_options could also be a string
  • #3173891 by shetpooja04, meena.bisht: Remove unused variable $assert_session in UpdateScriptTest.php, system module
  • #3177557 by alexpott, andypost, dawehner: \Drupal\error_test\Controller\ErrorTestController::generateWarnings() notice is not a notice in PHP 8
  • #3176908 by kostyashupenko, mherchel: Add variables to Olivero's fieldset.html.twig documentation
  • #3157308 by hansa11, kishor_kolekar, riccardoR, steinmb, mherchel: Classy stylesheet attached from Olivero twig template for node
  • #3177545 by alexpott, andypost: \Drupal\field\Entity\FieldStorageConfig::getCardinality() needs to be more type safe
  • #3173905 by nod_, ravi.shankar, kostyashupenko, mherchel: Olivero: node.classList.remove() only supports one argument
  • #2918149 by harpreet16, tim.plunkett, raman.b, anil.gangwal, dalin, grndlvl, nikunjkotecha, kalyansamanta, paulocs, ranjith_kumar_k_u, froboy: "This block is broken or missing..." should only be shown to users that have access to do something about it
  • #3177590 by alexpott, longwave, hussainweb: ViewsFormBase::getForm() re-uses $key and relies on odd PHP 7 behaviour
  • #3177546 by alexpott: \Drupal\views\Plugin\views\PluginBase::listLanguages() incorrectly uses in_array() resulting in listing additional languages
  • #3173595 by shetpooja04, meena.bisht, Pooja Ganjage, quietone, longwave: Remove only Unused variable $email in SearchBlockTest.php, search module
  • #3156542 by alexpott, voleger, andypost, Charlie ChX Negyesi, Gábor Hojtsy, longwave: \ReflectionParameter::getClass() is deprecated in PHP 8.0
  • #3178039 by anmolgoyal74, Matroskeen, xjm, Kristen Pol, alvar0hurtad0: Correct typo "is has" in a few code comments and tests in core
  • #3178338 by jonathan1055: Fix coding standard fail committed to core 9.1 and 9.2
  • #3095113 by gapple, longwave, ravi.shankar, Deepak Goyal, anmolgoyal74, Sahana _N, geek-merlin, catch, lauriii, Meenakshi.g: Deprecate IE conditional comments support
  • #3178273 by longwave: BasicAuthTestTrait::basicAuthPostForm() does not work
  • #2607116 by rajeshwari10, rakesh.gectcr, andypost, mayurjadhav, ZeiP, alexpott, xjm: Unused variable in token.api.php
  • #3069026 by anmolgoyal74, Pooja Ganjage, mikelutz, longwave, alexpott, xjm: Fix Call to deprecated method addAutowiringType() of class Symfony\Component\DependencyInjection\Definition in YamlFileLoader
  • #3178037 by xjm, Kristen Pol: Fix typo "is has" in SimpleTest deprecation warning
  • #3037436 by alexpott, jonathan1055, Wim Leers, catch, tedbow, longwave: [random test failure] Make QuickEditIntegrationTest more robust and fail proof
Release type: Bug fixesNew features
Kategóriák: Informatika

iOS 14.2

HUP.hu - 2020, november 6 - 12:59
iOS 14.2 Apple trey 2020. 11. 06., p - 12:59

WARNING: Update your iOS devices now!

Apple releases emergency #iOS update to patch 3 actively exploited 0-day vulnerabilities.

Read details: https://t.co/wVz3Szucsx

✅ CVE-2020-27930
✅ CVE-2020-27932
✅ CVE-2020-27950

— The Hacker News (@TheHackersNews) November 6, 2020

Érdemes mielőbb frissíteni, számos egyéb biztonsági hiba mellett aktívan kihasznált sebezhetőségeket is javít.

Kategóriák: Informatika

Ajqvue Version 3.3 Released

PostreSQL.org - 2020, november 6 - 01:00

The Ajqvue project is pleased to release v3.3 to the public. The
release brings updates to the included File/Memory database
libraries. Modifications to image saves for sizing. Added was
support for PostgreSQL 13 along with data types money,
smallserial, macaddr8, line, and uuid. Precision is now supported
for time and timestamp types for those databases that support it.

Convert database queries to a local file/memory H2, HSQL, Derby
or SQLite database with the DB To File/Memory DB plugin.
Github DB To File/Memory DB Plugin

Dana M. Proctor
Ajqvue Project Manager

Ajqvue Website
Ajqvue Github

Ajqvue is an open source Java GUI build for users in accessing,
plotting, and analyzing data in several mainstream databases.
The application is built with a included plugin framework for
adding functionality, quickly.

Kategóriák: Informatika

drupal 8.9.8

Drupal.org - 2020, november 5 - 17:45

This is a patch (bugfix) release of Drupal 8 and is ready for use on production sites. Learn more about Drupal 8.

Drupal 8.9 is the final minor release of the 8.x series. It is a long-term support (LTS) version, and will receive security coverage until November 2021. It provides the same public API as Drupal 9.0 aside from deprecated code and dependency changes. (Learn more about Drupal 9.)

If you are upgrading to this release from 8.8.x, read the Drupal 8.9.0 release notes before you upgrade.

Known issues

Search the issue queue for known issues.

Changes since 8.9.7:
  • #3014969 by TR, longwave, Abhijith S, joachim, shimpy: Unescaped "@" in ContextProviderInterface doc comment
  • #3179318 by dww: Always use HTTPS for fetching translations
  • #3132426 by alexpott, dww, GuyPaddock, catch, VladimirAus: Notice: Undefined index: title in Drupal\update\ProjectSecurityRequirement
  • #3173004 by beram: Incorrect typehint documentation for FieldItemInterface::view() and FieldItemListInterface::view(): $display_options could also be a string
  • #2716115 by LittleCoding, gapple, gnuget, jungle, alexpott, mrinalini9, tatarbj, erlendoos, sandeep_jangra, ksemihin, markcarver, NickDickinsonWilde, catch, cayriawill, geek-merlin: [backport] Allow attributes passed with CSS in libraries (SRI)
  • #3178039 by anmolgoyal74, Matroskeen, xjm, Kristen Pol, alvar0hurtad0: Correct typo "is has" in a few code comments and tests in core
  • #2937844 by andypost, ravi.shankar, Spokje, mrinalini9, Deepak Goyal, RoSk0, daffie, borisson_, xjm, tstoeckler: [8.9/9.0 backport] Fix 'Squiz.PHP.NonExecutableCode' coding standard
  • #3040274 by sarvjeetsingh, ayushmishra206, rishabhthakur, alexpott, theotherlondon, kkalaskar, longwave, kiamlaluno, amarphule, ravi.shankar, gringoinc, quietone, larowlan, davidhernandez, tim.plunkett: [backport] Fix grammar, spelling, and style of the code comments in FormBuilder::prepareForm()
  • #3178273 by longwave: BasicAuthTestTrait::basicAuthPostForm() does not work
  • #3177765 by klausi: ListInterface::first() return value is documented wrong
  • #3157963 by shailja179, ravi.shankar, kiamlaluno, davidhernandez, joachim: The link given in FormState::setRedirect() for the page explaining what values are available for $options param takes to a class documentation page
  • #3177477 by Gábor Hojtsy, pameeela, Dries: Promote pameeela to non-provisional committer facilitator
  • #3176036 by paulocs, raman.b, longwave: Replace "does" to "do" in ProfileFieldCheckRequirementsTest.php
  • #3174190 by anmolgoyal74: Repetive 'using' word in DbImportCommand.php
  • #3040181 by paulocs, quietone, snehalgaikwad, ravi.shankar, acbramley, alexpott, mindbet, ultrabob, bthompson1, Lendude, lapaev, pameeela, catch: Unpublished books appear in the list of books at /book
  • #3175395 by NitinLama: Remove unused #html property from DateTimeFormatterBase::buildDateWithIsoAttribute
  • #3175112 follow-up by andypost, TR: hold_test module creates files in incorrect place leading to possible random errors
  • #3175112 by alexpott, longwave: hold_test module creates files in incorrect place leading to possible random errors
Release type: Bug fixes
Kategóriák: Informatika

Oldalak

Theme by me