[ubuntu/xenial-updates] postgresql-common 173ubuntu0.1 (Accepted)
Ubuntu Archive Robot
cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Thu Nov 9 21:58:10 UTC 2017
postgresql-common (173ubuntu0.1) xenial-security; urgency=medium
* SECURITY UPDATE: symlink attack vulnerability
- drop privileges when creating log file in pg_ctlcluster.
- c8989206ec360f199400c74f129f7b4cb878c1ee
- CVE-2016-1255
* SECURITY UPDATE: symlink attack vulnerability in init/helper scripts
(LP: #1727209)
- use lchown instead of chown in pg_createcluster, pg_ctlcluster,
pg_upgradecluster.
- 8b4d0a889a8287181c4bdf46462db9b737a6e25d
- No CVE number
Date: 2017-11-08 13:46:52.096053+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
https://launchpad.net/ubuntu/+source/postgresql-common/173ubuntu0.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Xenial-changes
mailing list