Alerts This Week
Warning Icon 1 758
Alerts This Week
Warning Icon 1 758

Ubuntu 19.10: 4194-1 Moderate: Postgresql-Common Directory Issue

ubuntu
Calendar Grey November 14, 2019
Dist Ubuntu Esm H88
Uncover the sqlite3 security flaw in Debian highlighted by DSA-4518-1 and understand how to fortify your environment.
postgresql-common could be made to create arbitrary directories.

Summary

postgresql-common could be made to create arbitrary directories.

Software Description:

- postgresql-common: PostgreSQL database-cluster manager

Details:

Rich Mirch discovered that the postgresql-common pg_ctlcluster script

incorrectly handled directory creation. A local attacker could possibly use

this issue to escalate privileges.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 19.10:
  postgresql-common               204ubuntu0.1

Ubuntu 19.04:
  postgresql-common               199ubuntu0.1

Ubuntu 18.04 LTS:
  postgresql-common               190ubuntu0.1

Ubuntu 16.04 LTS:
  postgresql-common               173ubuntu0.3

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-4194-1

CVE-2019-3466

November 14, 2019

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here