diff --git a/doc/src/sgml/release-10.sgml b/doc/src/sgml/release-10.sgml
index 8e5cb54931..269f1aac86 100644
--- a/doc/src/sgml/release-10.sgml
+++ b/doc/src/sgml/release-10.sgml
@@ -6,7 +6,7 @@
Release date:
- 2017-??-?? (current as of 2017-07-09, commit 3381898f9)
+ 2017-??-?? (current as of 2017-08-05, commit eccead9ed)
@@ -412,13 +412,14 @@
-->
Add configuration option to
- specify filename for custom OpenSSL DH parameters (Heikki Linnakangas)
+ specify file name for custom OpenSSL DH parameters (Heikki Linnakangas)
- This replaces the hardcoded, undocumented dh1024.pem
- filename. Note that dh1024.pem is no longer used by default;
- you must set the option to use custom DH parameters.
+ This replaces the hardcoded, undocumented file
+ name dh1024.pem. Note that dh1024.pem is
+ no longer examined by default; you must set this option to use custom
+ DH parameters.
@@ -427,19 +428,30 @@
2017-07-31 [c0a15e07c] Always use 2048 bit DH parameters for OpenSSL ephemeral
-->
- Increase the size of DH parameters used for OpenSSL ephemeral DH ciphers
- to 2048 bits (Heikki Linnakangas)
+ Increase the size of the default DH parameters used for OpenSSL
+ ephemeral DH ciphers to 2048 bits (Heikki Linnakangas)
- The size of the compiled-in DH parameters has been increased from 1024
- to 2048 bits, making DH key exchange more resistent to a brute-force
- attack. However, some old SSL implementations, notably some revisions of
- Java Runtime Environment version 6, will not accept DH parameters longer
- than 1024 bits, and will not be able to connect over SSL. As a
- work-around, you can use custom 1024-bit DH parameters, instead of the
- compiled-in defaults. See for
- information on using custom DH parameters.
+ The size of the compiled-in DH parameters has been increased from
+ 1024 to 2048 bits, making DH key exchange more resistant to
+ brute-force attacks. However, some old SSL implementations, notably
+ some revisions of Java Runtime Environment version 6, will not accept
+ DH parameters longer than 1024 bits, and hence will not be able to
+ connect over SSL. If it's necessary to support such old clients, you
+ can use custom 1024-bit DH parameters instead of the compiled-in
+ defaults. See .
+
+
+
+
+
+
+ When ALTER TABLE ... ADD PRIMARY KEY marks
+ columns NOT NULL, that change now propagates to
+ inheritance child tables as well (Michael Paquier)
@@ -454,7 +466,7 @@
This module provided compatibility with the version of full text
search that shipped in pre-8.3 PostgreSQL releases.
-
+
@@ -887,10 +899,11 @@
- Reduce expression evaluation overhead during query execution (Andres
- Freund)
+ Reduce expression evaluation overhead during query execution,
+ as well as plan node calling overhead (Andres Freund)
@@ -2109,12 +2122,12 @@
- Allow specification of multiple host names in libpq
- connection strings and URIs
- (Robert Haas)
+ Allow specification of multiple
+ host names or addresses in libpq connection strings and URIs
+ (Robert Haas, Heikki Linnakangas)