AVG-485

Package postgresql
Status Fixed
Severity Medium
Type multiple issues
Affected 10.0-1
Fixed 10.1-1
Current 11.2-1 [extra]
Ticket None
Created Fri Nov 10 11:34:36 2017
Issue Severity Remote Type Description
CVE-2017-15099 Medium Yes Access restriction bypass
An access restriction bypass vulnerability has been discovered in PostgreSQL, the "INSERT ... ON CONFLICT DO UPDATE" would not check to see if the executing...
CVE-2017-15098 Medium Yes Information disclosure
A denial of service and potential memory disclosure vulnerability has been discovered in PostgreSQL in the json_populate_recordset() and...
Date Advisory Package Description
10 Nov 2017 ASA-201711-17 postgresql multiple issues
References
https://www.postgresql.org/about/news/1801/