postgresql-old-upgrade

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description PostgreSQL build for migrating between major versions with pg_upgrade
Version 10.6-1 [extra]

Resolved

Group Affected Fixed Severity Status Ticket
AVG-488 9.6.5-1 9.6.6-1 High Not affected
AVG-486 9.6.5-1 9.6.6-1 Medium Fixed
Issue Group Severity Remote Type Description
CVE-2017-15099 AVG-486 Medium Yes Access restriction bypass
An access restriction bypass vulnerability has been discovered in PostgreSQL, the "INSERT ... ON CONFLICT DO UPDATE" would not check to see if the executing...
CVE-2017-15098 AVG-486 Medium Yes Information disclosure
A denial of service and potential memory disclosure vulnerability has been discovered in PostgreSQL in the json_populate_recordset() and...
CVE-2017-12172 AVG-488 High No Privilege escalation
A vulnerability has been discovered in PostgreSQL when the startup log file for the postmaster (in newer releases, "postgres") process was opened while the...

Advisories

Date Advisory Group Severity Description
10 Nov 2017 ASA-201711-18 AVG-486 Medium multiple issues