Severity Medium
Remote Yes
Type Access restriction bypass
An access restriction bypass vulnerability has been discovered in PostgreSQL, the "INSERT ... ON CONFLICT DO UPDATE" would not check to see if the executing user had permission to perform a "SELECT" on the index performing the conflicting check. Additionally, in a table with row-level security enabled, the "INSERT ... ON CONFLICT DO UPDATE" would not check the SELECT policies for that table before performing the update.
The fix ensures that "INSERT ... ON CONFLICT DO UPDATE" checks against table permissions and RLS policies before executing.
Group Package Affected Fixed Severity Status Ticket
AVG-486 postgresql-old-upgrade 9.6.5-1 9.6.6-1 Medium Fixed
AVG-485 postgresql 10.0-1 10.1-1 Medium Fixed
Date Advisory Group Package Severity Description
10 Nov 2017 ASA-201711-18 AVG-486 postgresql-old-upgrade Medium multiple issues
10 Nov 2017 ASA-201711-17 AVG-485 postgresql Medium multiple issues