Upgrade bundled PostgreSQL to 9.6.3
https://www.postgresql.org/about/news/1746/
This is a security release. Not sure how high a priority we want to give this. The fixes are:
| CVE | Description |
|---|---|
| CVE-2017-7484 | This is a privilege escalation, it requires already having access to the server. This is also present in 9.2.18
|
| CVE-2017-7485 | None of our recommended configurations use SSL so they should not be vulnerable to this. |
| CVE-2017-7486 | None of our recommended configurations use foreign servers. This is also present in 9.2.18
|
So I don't think anything glaring that needs immediate release, but it probably should go out. 9.6.3 should be a drop in replacement for 9.6.1.
I don't think we should upgrade our shipped 9.2.18 to 9.2.21. We should recommend users upgrade to 9.6.x.