This release makes binary-only changes. Once installed, any existing use of pg_clickhouse v0.1 will get its benefits on reload without needing to ALTER EXTENSION UPDATE.
🚨 Security Fixes
- Changed the http driver connection function to raise an error if the database name contains line ending characters to prevent HTTP header injection.
- Fixed an SQL injection vulnerability in parsing of parameters to the
engine 'CollapsingMergeTree($sign)option toCREATE FOREIGN TABLE.
🪲 Bug Fixes
- Fixed a crash due to an unexpected EOF while the http driver parses a response. Thanks to @serprex for the fix (#153)
- Fixed a crash due to an unchecked memory allocation while the http driver reads a response. Thanks to @serprex for the fix (#154).
🆚 For more detail compare changes since v0.1.4.