Debian Postgresql-Common vulnerabilities

CVE-2019-3466 [HIGH] CVE-2019-3466: postgresql-common - The pg_ctlcluster script in postgresql-common in versions prior to 210 didn't dr... The pg_ctlcluster script in postgresql-common in versions prior to 210 didn't drop privileges when creating socket/statistics temporary directories, which could result in local privilege escalation. Scope: local bookworm: resolved (fixed in 210) bullseye: resolved (fixed in 210) forky: resolved (fixed in 210) sid: resolved (fixed in 210) trixie: resolved (fi

CVE-2016-1255 [HIGH] CWE-59 CVE-2016-1255: The pg_ctlcluster script in postgresql-common package in Debian wheezy before 134wheezy5, in Debian The pg_ctlcluster script in postgresql-common package in Debian wheezy before 134wheezy5, in Debian jessie before 165+deb8u2, in Debian unstable before 178, in Ubuntu 12.04 LTS before 129ubuntu1.2, in Ubuntu 14.04 LTS before 154ubuntu1.1, in Ubuntu 16.04 LTS before 173ubuntu0.1, in Ubuntu 17.04 before 179ubuntu0.1, and in Ubuntu 17.10 before 184ubuntu1.1

CVE-2017-8806 [MEDIUM] CVE-2017-8806: postgresql-common - The Debian pg_ctlcluster, pg_createcluster, and pg_upgradecluster scripts, as di... The Debian pg_ctlcluster, pg_createcluster, and pg_upgradecluster scripts, as distributed in the Debian postgresql-common package before 181+deb9u1 for PostgreSQL (and other packages related to Debian and Ubuntu), handled symbolic links insecurely, which could result in local denial of service by overwriting arbitrary files. Scope: local bookworm: resolved