Package "postgresql-common"

Name:	postgresql-common
Description:	PostgreSQL database-cluster manager
Latest version:	173ubuntu0.3
Release:	xenial (16.04)
Level:	security
Repository:	main

Links

Raw Package Information

All versions of this package

Bug fixes

List of files in package

Repository home page

Download "postgresql-common"

All arch deb package

APT INSTALL

Other versions of "postgresql-common" in Xenial

Repository	Area	Version
base	main	173
base	universe	173
security	universe	173ubuntu0.3
updates	universe	173ubuntu0.3
updates	main	173ubuntu0.3
PPA: Postgresql		168~176.git088fff1.pgdg10.4+1
PPA: Postgresql		182.pgdg12.4+1
PPA: Postgresql		201.pgdg14.04+1
PPA: Postgresql		226.pgdg16.04+1
PPA: Postgresql		259.pgdg20.04+1
PPA: Postgresql		259.pgdg22.04+1
PPA: Postgresql		250.pgdg18.04+1

Packages in group

Deleted packages are displayed in grey.

Changelog

Version: 173ubuntu0.3 2019-11-14 20:07:11 UTC

Version: 173ubuntu0.3	2019-11-14 20:07:11 UTC
postgresql-common (173ubuntu0.3) xenial-security; urgency=medium * SECURITY UPDATE: Privilege Escalation via Arbitrary Directory Creation - pg_ctlcluster: Drop privileges before creating socket and stats temp directories outside /var/run/postgresql. The default configuration is not affected by this change. Users with directories on volatile storage (tmpfs) in other locations have to make sure the parent directory is writable for the cluster owner. - Thanks to Rich Mirch and Christoph Berg. - CVE-2019-3466 -- Marc Deslauriers <email address hidden> Wed, 13 Nov 2019 10:31:07 -0500
Source diff to previous version

postgresql-common (173ubuntu0.3) xenial-security; urgency=medium * SECURITY UPDATE: Privilege Escalation via Arbitrary Directory Creation - pg_ctlcluster: Drop privileges before creating socket and stats temp directories outside /var/run/postgresql. The default configuration is not affected by this change. Users with directories on volatile storage (tmpfs) in other locations have to make sure the parent directory is writable for the cluster owner. - Thanks to Rich Mirch and Christoph Berg. - CVE-2019-3466 -- Marc Deslauriers <email address hidden> Wed, 13 Nov 2019 10:31:07 -0500

Source diff to previous version

Version: 173ubuntu0.1 2017-11-09 22:06:24 UTC

postgresql-common (173ubuntu0.1) xenial-security; urgency=medium * SECURITY UPDATE: symlink attack vulnerability - drop privileges when creating log file in pg_ctlcluster. - c8989206ec360f199400c74f129f7b4cb878c1ee - CVE-2016-1255 * SECURITY UPDATE: symlink attack vulnerability in init/helper scripts (LP: #1727209) - use lchown instead of chown in pg_createcluster, pg_ctlcluster, pg_upgradecluster. - 8b4d0a889a8287181c4bdf46462db9b737a6e25d - No CVE number -- Marc Deslauriers <email address hidden> Wed, 08 Nov 2017 08:17:29 -0500

CVE-2016-1255

privilege escalation from postgresql user to root

About - Send Feedback to @ubuntu_updates

Package "postgresql-common"

Links

Download "postgresql-common"

Other versions of "postgresql-common" in Xenial

Packages in group

Changelog

Share this page

Bookmarks

Latest updates

updates

proposed

base

PPA updates