ASA-201803-9 log generated external raw

[ASA-201803-9] postgresql: privilege escalation
Arch Linux Security Advisory ASA-201803-9 ========================================= Severity: High Date : 2018-03-11 CVE-ID : CVE-2018-1058 Package : postgresql Type : privilege escalation Remote : Yes Link : Summary ======= The package postgresql before version 10.3-1 is vulnerable to privilege escalation. Resolution ========== Upgrade to 10.3-1. # pacman -Syu "postgresql>=10.3-1" The problem has been fixed upstream in version 10.3. Workaround ========== None. Description =========== A flaw was found in the way Postgresql allowed a user to modify the behavior of a query for other users. An attacker with a user account could use this flaw to execute code with the permissions of superuser in the database. Versions 9.3 through 10 are affected. Impact ====== A remote attacker with a valid user account is able to execute code with permissions of a superuser of the database. References ==========