From dd2358a704fc27c3f20b252e1354740086a7b6f3 Mon Sep 17 00:00:00 2001 From: Tom Lane Date: Sat, 5 Aug 2017 15:55:23 -0400 Subject: [PATCH] Doc: update v10 release notes through today. --- doc/src/sgml/release-10.sgml | 57 ++++++++++++++++++++++-------------- 1 file changed, 35 insertions(+), 22 deletions(-) diff --git a/doc/src/sgml/release-10.sgml b/doc/src/sgml/release-10.sgml index 8e5cb54931..269f1aac86 100644 --- a/doc/src/sgml/release-10.sgml +++ b/doc/src/sgml/release-10.sgml @@ -6,7 +6,7 @@ Release date: - 2017-??-?? (current as of 2017-07-09, commit 3381898f9) + 2017-??-?? (current as of 2017-08-05, commit eccead9ed) @@ -412,13 +412,14 @@ --> Add configuration option to - specify filename for custom OpenSSL DH parameters (Heikki Linnakangas) + specify file name for custom OpenSSL DH parameters (Heikki Linnakangas) - This replaces the hardcoded, undocumented dh1024.pem - filename. Note that dh1024.pem is no longer used by default; - you must set the option to use custom DH parameters. + This replaces the hardcoded, undocumented file + name dh1024.pem. Note that dh1024.pem is + no longer examined by default; you must set this option to use custom + DH parameters. @@ -427,19 +428,30 @@ 2017-07-31 [c0a15e07c] Always use 2048 bit DH parameters for OpenSSL ephemeral --> - Increase the size of DH parameters used for OpenSSL ephemeral DH ciphers - to 2048 bits (Heikki Linnakangas) + Increase the size of the default DH parameters used for OpenSSL + ephemeral DH ciphers to 2048 bits (Heikki Linnakangas) - The size of the compiled-in DH parameters has been increased from 1024 - to 2048 bits, making DH key exchange more resistent to a brute-force - attack. However, some old SSL implementations, notably some revisions of - Java Runtime Environment version 6, will not accept DH parameters longer - than 1024 bits, and will not be able to connect over SSL. As a - work-around, you can use custom 1024-bit DH parameters, instead of the - compiled-in defaults. See for - information on using custom DH parameters. + The size of the compiled-in DH parameters has been increased from + 1024 to 2048 bits, making DH key exchange more resistant to + brute-force attacks. However, some old SSL implementations, notably + some revisions of Java Runtime Environment version 6, will not accept + DH parameters longer than 1024 bits, and hence will not be able to + connect over SSL. If it's necessary to support such old clients, you + can use custom 1024-bit DH parameters instead of the compiled-in + defaults. See . + + + + + + + When ALTER TABLE ... ADD PRIMARY KEY marks + columns NOT NULL, that change now propagates to + inheritance child tables as well (Michael Paquier) @@ -454,7 +466,7 @@ This module provided compatibility with the version of full text search that shipped in pre-8.3 PostgreSQL releases. - + @@ -887,10 +899,11 @@ - Reduce expression evaluation overhead during query execution (Andres - Freund) + Reduce expression evaluation overhead during query execution, + as well as plan node calling overhead (Andres Freund) @@ -2109,12 +2122,12 @@ - Allow specification of multiple host names in libpq - connection strings and URIs - (Robert Haas) + Allow specification of multiple + host names or addresses in libpq connection strings and URIs + (Robert Haas, Heikki Linnakangas) -- 2.40.0