FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

PostgreSQL vulnerabilities

Affected packages
9.2.0	<=	postgresql92-server	<	9.2.24
9.3.0	<=	postgresql93-server	<	9.3.20
9.4.0	<=	postgresql94-server	<	9.4.15
9.5.0	<=	postgresql95-server	<	9.5.10
9.6.0	<=	postgresql96-server	<	9.6.6
10.0	<=	postgresql10-server	<	10.1

Details

VuXML ID	1f02af5d-c566-11e7-a12d-6cc21735f730
Discovery	2017-10-10
Entry	2017-11-09

The PostgreSQL project reports:

CVE-2017-15098: Memory disclosure in JSON functions

CVE-2017-15099: INSERT ... ON CONFLICT DO UPDATE fails to enforce SELECT privileges

[source]

References

CVE Name	CVE-2017-15098
CVE Name	CVE-2017-15099

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.