CVE-2017-7485 log

Severity High
Remote Yes
Type Man-in-the-middle
A security issue has been found in the libpq component of PostgreSQL < 9.6.3, where the PGREQUIRESSL was no longer enforcing a SSL/TLS connection to a PostgreSQL server. An active Man-in-the-Middle attacker could use this flaw to strip the SSL/TLS protection from a connection between a client and a server.
Group Package Affected Fixed Severity Status Ticket
AVG-280 postgresql-libs 9.6.2-1 9.6.3-1 High Fixed
Date Advisory Group Package Severity Type
30 May 2017 ASA-201705-24 AVG-280 postgresql-libs High man-in-the-middle