Re: PG 12 draft release notes

Bruce Momjian <bruce@momjian.us>

From: Bruce Momjian <bruce@momjian.us>
To: Michael Paquier <michael@paquier.xyz>
Cc: Ian Barwick <ian.barwick@2ndquadrant.com>, PostgreSQL-development <pgsql-hackers@postgresql.org>
Date: 2019-06-13T13:12:58Z
Lists: pgsql-hackers

Commits

Same data as JSON: GET /api/v1/messages/:b64id/commits the thread's linked commits as JSON, with link sources. API reference →
  1. doc: PG 12 relnotes: update wording on truncate/vacuum item

  2. docs: PG 12 relnotes, update btree items

  3. doc: PG 12 relnotes, list added snowball/FTS languages

  4. doc: PG 12 relnotes, merge new SQL partition function items

  5. docs: PG 12 release notes, support functions

  6. docs: PG 12 relnote adjustments based on feedback from Tom Lane

  7. docs: adjust RECORD PG 12 relnote item

  8. doc: adjust PG 12 relnotes item on float digit adjustment

  9. doc: adjustments for PG 12 release notes

  10. docs: fix duplicate wording in PG 12 release notes

  11. doc: properly attibute PG 12 pgbench release note item

  12. doc: PG 12 release notes: normalize attribution names

  13. Refactor the fsync queue for wider use.

  14. Add "split after new tuple" nbtree optimization.

  15. Add nbtree high key "continuescan" optimization.

  16. Allow amcheck to re-find tuples using new search.

  17. Consider secondary factors during nbtree splits.

  18. Partial implementation of SQL/JSON path language

  19. Allow extensions to generate lossy index conditions.

  20. Make TupleTableSlots extensible, finish split of existing slot type.

  21. Reduce path length for locking leaf B-tree pages during insertion

On Thu, Jun 13, 2019 at 09:11:08AM -0400, Bruce Momjian wrote:
> On Thu, Jun 13, 2019 at 03:33:48PM +0900, Michael Paquier wrote:
> > On Wed, Jun 12, 2019 at 05:25:37PM -0400, Bruce Momjian wrote:
> > > Since we did not backpatch this fix, I am hesitant to spell out exactly
> > > how to exploit this DOS attack.  Yes, people can read it in the email
> > > archives, and commit messages, but I don't see the value in spelling it
> > > out the release notes too.
> > 
> > We could go for a more general version of that, for the reason that it
> > involves all relations, like:
> > "A caller of TRUNCATE or VACUUM could previously queue for an access
> > exclusive lock on a relation it may not have permission to truncate or
> > vacuum, leading to relations to be blocked from being accessed."
> 
> Uh, that still seems to suggest an attack and I am not sure that
> information is very useful to users.

I went with this wording:

        This prevents unauthorized locking, which could interfere with
        user queries.

-- 
  Bruce Momjian  <bruce@momjian.us>        http://momjian.us
  EnterpriseDB                             http://enterprisedb.com

+ As you are, so once was I.  As I am, so you will be. +
+                      Ancient Roman grave inscription +