This bug was fixed in the package postgresql-common - 173ubuntu0.1
--------------- postgresql-common (173ubuntu0.1) xenial-security; urgency=medium
* SECURITY UPDATE: symlink attack vulnerability - drop privileges when creating log file in pg_ctlcluster. - c8989206ec360f199400c74f129f7b4cb878c1ee - CVE-2016-1255 * SECURITY UPDATE: symlink attack vulnerability in init/helper scripts (LP: #1727209) - use lchown instead of chown in pg_createcluster, pg_ctlcluster, pg_upgradecluster. - 8b4d0a889a8287181c4bdf46462db9b737a6e25d - No CVE number
-- Marc Deslauriers <email address hidden> Wed, 08 Nov 2017 08:17:29 -0500
This bug was fixed in the package postgresql-common - 173ubuntu0.1
---------------
postgresql-common (173ubuntu0.1) xenial-security; urgency=medium
* SECURITY UPDATE: symlink attack vulnerability 99400c74f129f7b 4cb878c1ee upgradecluster. 81c4bdf46462db9 b737a6e25d
- drop privileges when creating log file in pg_ctlcluster.
- c8989206ec360f1
- CVE-2016-1255
* SECURITY UPDATE: symlink attack vulnerability in init/helper scripts
(LP: #1727209)
- use lchown instead of chown in pg_createcluster, pg_ctlcluster,
pg_
- 8b4d0a889a82871
- No CVE number
-- Marc Deslauriers <email address hidden> Wed, 08 Nov 2017 08:17:29 -0500