Publishing details

• Published on 2017-12-09

Changelog

postgresql-common (165+deb8u3) jessie-security; urgency=medium

  * pg_ctlcluster, pg_createcluster, pg_upgradecluster: Use lchown instead
    of chown to mitigate privilege escalation via symlinks. (CVE-2017-8806.
    Related to CVE-2017-12172 in PostgreSQL; extends our earlier fix for
    CVE-2016-1255.)

 -- Christoph Berg <email address hidden>  Tue, 07 Nov 2017 20:54:52 +0100

Builds

Package files

• postgresql-common_165+deb8u3.dsc (2.2 KiB)
• postgresql-common_165+deb8u3.tar.xz (183.4 KiB)