Corrective updates are available for all supported PostgreSQL branches: 10.1, 9.6.6, 9.5.10, 9.4.15, 9.3.20 and 9.2.24, which contain a batch of bug fixes, including fixes for problems that could lead to data corruption.
The release of updates for the 9.3 branch will last until September 2018, 9.4 until December 2019, 9.5 until January 2021, 9.6 until September 2021, and 10 until October 2020. PostgreSQL version 9.2 is now End-of-Life (EOL).
From the fixes, we can highlight serious problems with BRIN indexes (some rows to not be included in the indexing), several fixes for logical replication and crash when logical decoding is invoked from a PL language function, low-probability crash in processing of nested trigger firings, fixes for parallel query execution and fix some json(b) functions.
In addition to fixing errors in new releases, three security vulnerabilities have also been fixed:
- CVE-2017-12172: Start scripts permit database administrator to modify root-owned files
- CVE-2017-15098: Memory disclosure in JSON functions
- CVE-2017-15099: INSERT … ON CONFLICT DO UPDATE fails to enforce SELECT privileges