AVG-487 log
| Package | postgresql |
| Status | Not affected |
| Severity | High |
| Type | privilege escalation |
| Affected | 10.0-1 |
| Fixed | 10.1-1 |
| Current |
16.2-2 [extra-testing] 16.2-1 [extra] |
| Ticket | None |
| Created | Fri Nov 10 12:27:04 2017 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2017-12172 | High | No | Privilege escalation | A vulnerability has been discovered in PostgreSQL when the startup log file for the postmaster (in newer releases, "postgres") process was opened while the... |
| References |
|---|
https://www.postgresql.org/about/news/1801/ |
| Notes |
|---|
Arch Linux is not using the vulnerable upstream startup script or any other setup mechanism that is suffering from the mentioned issue. |