Ubuntu Security Notice 3476-2 - USN-3476-1 fixed two vulnerabilities in postgresql-common. This update provides the corresponding update for Ubuntu 12.04 ESM. Dawid Golunski discovered that the postgresql-common pg_ctlcluster script incorrectly handled symlinks. A local attacker could possibly use this issue to escalate privileges. Various other issues were also addressed.
334649fe863d6da15bfb22775417958a6004976a01d7fb36d76466fbe9a48233
Debian Linux Security Advisory 4029-1 - It was discovered that the pg_ctlcluster, pg_createcluster and pg_upgradecluster commands handled symbolic links insecurely which could result in local denial of service by overwriting arbitrary files.
0c8bf318ea5d93760e0b25517974026286500b75c5b08afc1ea8612291b3ef43
Ubuntu Security Notice 3476-1 - Dawid Golunski discovered that the postgresql-common pg_ctlcluster script incorrectly handled symlinks. A local attacker could possibly use this issue to escalate privileges. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. It was discovered that the postgresql-common helper scripts incorrectly handled symlinks. A local attacker could possibly use this issue to escalate privileges. Various other issues were also addressed.
1f64f6e986ef746cfcbf94327427993a8098519a1c04876116d873fcc13c80ac