AVG-486 log
| Package | postgresql-old-upgrade |
| Status | Fixed |
| Severity | Medium |
| Type | multiple issues |
| Affected | 9.6.5-1 |
| Fixed | 9.6.6-1 |
| Current | 15.7-3 [extra] |
| Ticket | None |
| Created | Fri Nov 10 11:35:43 2017 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2017-15099 | Medium | Yes | Access restriction bypass | An access restriction bypass vulnerability has been discovered in PostgreSQL, the "INSERT ... ON CONFLICT DO UPDATE" would not check to see if the executing... |
| CVE-2017-15098 | Medium | Yes | Information disclosure | A denial of service and potential memory disclosure vulnerability has been discovered in PostgreSQL in the json_populate_recordset() and... |
| Date | Advisory | Package | Type |
|---|---|---|---|
| 10 Nov 2017 | ASA-201711-18 | postgresql-old-upgrade | multiple issues |
| References |
|---|
https://www.postgresql.org/about/news/1801/ |