| Errata ID | 190 |
|---|---|
| Date | 2018-08-15 |
| Source package | postgresql-9.6 |
| Fixed in version | 9.6.10-0+deb9u1 |
| Description | This update addresses the following issues: * Uncontrolled search path element in pg_dump and other client applications (CVE-2018-1058) * Too-permissive access control list on function pg_logfile_rotate() (CVE-2018-1115) * Certain host connection parameters defeat client-side security defenses (CVE-2018-10915) * Missing authorization and memory disclosure in INSERT ... ON CONFLICT DO UPDATE statements (CVE-2018-10925) |
| Additional notes | |
| CVE ID | CVE-2018-1058 CVE-2018-1115 CVE-2018-10915 CVE-2018-10925 |
| UCS Bug number | #47482 |
