Ubuntu Security Notice 4194-2 - USN-4194-1 fixed a vulnerability in postgresql-common. This update provides the corresponding update for Ubuntu 14.04 ESM. Rich Mirch discovered that the postgresql-common pg_ctlcluster script incorrectly handled directory creation. A local attacker could possibly use this issue to escalate privileges. Various other issues were also addressed.
ac5e1cc73bc4af9f7be486a13b218331311753c1ebd481c5bf5f2f384f810a43
Debian Linux Security Advisory 4568-1 - Rich Mirch discovered that the pg_ctlcluster script didn't drop privileges when creating socket/statistics temporary directories, which could result in local privilege escalation.
b5b2dcccd4ee0a6aa05a18c307bcd6c98076fddc1eebb2a9e5e79f772a3b36fc
Ubuntu Security Notice 4194-1 - Rich Mirch discovered that the postgresql-common pg_ctlcluster script incorrectly handled directory creation. A local attacker could possibly use this issue to escalate privileges.
49e9162083c95fde49d6cabf5e1324a20ce51e5f237f4ac4b89994beb11fc306