关键漏洞信息 CVE-2015-5288: Certain invalid salt arguments could crash the server or disclose a few bytes of server memory. While the possibility of attacks exploiting these leaked bytes is considered unlikely, the issue was addressed. Subtransaction Cleanup Issue: A function executed in an outer subtransaction cursor could cause an assertion failure or crash by referencing a relation created within an inner subtransaction. Memory Leaks and Memory Failures: Various fixes were implemented to address low-probability memory leaks and low-memory failures during various operations like lock cleanup and regular expression execution. Regular Expression Matching Vulnerabilities: Added recursion depth protections to regular expression matching to prevent stack overruns. Fixed SSL Renegotiation by Default: Disabled SSL renegotiation by default due to seen bugs in practice. Postmaster Handling in Crash Recovery: Fixed the postmaster's handling of a startup-process crash during crash recovery to prevent infinite loops. ``` 以上是从PostgreSQL 9.0.23发布说明中总结的关键漏洞修复信息。值得注意的是此版本是9.0.x系列的最后一个版本,用户被鼓励尽快升级到更新的版本分支。