Changelog:
Enhancements
* Add new configuration option ssl_prefer_server_ciphers. (Muhammad Usama)
Add the new setting ssl_prefer_server_ciphers to let users configure if they want client's or server's cipher order to take preference.
The default for this parameter is off, which prioritize the client's cipher order as usual. However this is just for keeping backward compatibility, and it is possible that a malicious client uses weak ciphers. For this reason we recommend to set this parameter to on at all times.
* Allow to set a client cipher list. (Tatsuo Ishii)
For this purpose new parameter ssl_ciphers, which specifies the cipher list to be accepted by Pgpool-II, is added. This is already implemented in PostgreSQL and useful to enhance security when SSL is enabled.
Bug fixes
* Fix unnecessary fsync() to pgpool_status file. (Tatsuo Ishii)
Whenever new connections are created to PostgreSQL backend, fsync() was issued to pgpool_status file, which could generate excessive I/O in certain conditions. So reduce the chance of issuing fsync() so that it is issued only when backend status is changed.
Changelog taken from: http://www.pgpool.net/docs/latest/en/html/release-3-5-20.html
MFH: 2019Q2
Changelog:
- Test: Fix old JDBC functions and typos in regression test 068.memqcache_bug.
- Doc: Fix configuration change timing regarding memory_cache_enabled.
- Fix online recovery failed due to client_idle_limit_in_recovery in certain cases. (bug 431)
- Fix corner case bug when strip_quote() handle a empty query string. (bug 458)
- Fix Pgpool child segfault if failover occurs when trying to establish a connection.
- Fix Pgpool-II hang if a client sends a extended query message such as close after sync message but before next simple query.
- Fix Pgpool-II hang when idle_in_transaction_session_timeout = on. (bug 448)
Changelog taken from: http://www.pgpool.net/docs/latest/en/html/release-3-5-19.html
MFH: 2019Q1
defined via Mk/bsd.default-versions.mk which has moved from GCC 7.4 t
GCC 8.2 under most circumstances.
This includes ports
- with USE_GCC=yes or USE_GCC=any,
- with USES=fortran,
- using Mk/bsd.octave.mk which in turn features USES=fortran, and
- with USES=compiler specifying openmp, nestedfct, c11, c++0x, c++11-lang,
c++11-lib, c++14-lang, c++17-lang, or gcc-c++11-lib
plus, as a double check, everything INDEX-11 showed depending on lang/gcc7.
PR: 231590
