AVG-485 log
| Package | postgresql |
| Status | Fixed |
| Severity | Medium |
| Type | multiple issues |
| Affected | 10.0-1 |
| Fixed | 10.1-1 |
| Current | 16.3-4 [extra] |
| Ticket | None |
| Created | Fri Nov 10 11:34:36 2017 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2017-15099 | Medium | Yes | Access restriction bypass | An access restriction bypass vulnerability has been discovered in PostgreSQL, the "INSERT ... ON CONFLICT DO UPDATE" would not check to see if the executing... |
| CVE-2017-15098 | Medium | Yes | Information disclosure | A denial of service and potential memory disclosure vulnerability has been discovered in PostgreSQL in the json_populate_recordset() and... |
| Date | Advisory | Package | Type |
|---|---|---|---|
| 10 Nov 2017 | ASA-201711-17 | postgresql | multiple issues |
| References |
|---|
https://www.postgresql.org/about/news/1801/ |