CVE-2017-7485 log

Source
Severity High
Remote Yes
Type Man-in-the-middle
Description
A security issue has been found in the libpq component of PostgreSQL < 9.6.3, where the PGREQUIRESSL was no longer enforcing a SSL/TLS connection to a PostgreSQL server. An active Man-in-the-Middle attacker could use this flaw to strip the SSL/TLS protection from a connection between a client and a server.
Group Package Affected Fixed Severity Status Ticket
AVG-280 postgresql-libs 9.6.2-1 9.6.3-1 High Fixed
Date Advisory Group Package Severity Description
30 May 2017 ASA-201705-24 AVG-280 postgresql-libs High man-in-the-middle
References
https://www.postgresql.org/about/news/1746/