OVAL Reference oval:com.ubuntu.trusty:def:201715099000

Oval Definition:

oval:com.ubuntu.trusty:def:201715099000

Revision Date:	2017-11-22	Version:	1
Title:	CVE-2017-15099 on Ubuntu 14.04 LTS (trusty) - medium.
Description:	INSERT ... ON CONFLICT DO UPDATE commands in PostgreSQL 10.x before 10.1, 9.6.x before 9.6.6, and 9.5.x before 9.5.10 disclose table contents that the invoker lacks privilege to read. These exploits affect only tables where the attacker lacks full read access but has both INSERT and UPDATE privileges. Exploits bypass row level security policies and lack of SELECT privilege.
Family:	unix	Class:	vulnerability
Status:		Reference(s):	CVE-2017-15099
Platform(s):	Ubuntu 14.04 LTS	Product(s):
Definition Synopsis
Ubuntu 14.04 LTS (trusty) is installed. AND Package Information NOT While related to the CVE in some way, the 'postgresql-9.1' package in trusty is not affected. OR NOT While related to the CVE in some way, the 'postgresql-9.3' package in trusty is not affected.