Motivation
PostgreSQL has just detected to a really bad information disclosure bug, CVE-2017-7547.
Unfortunately upgrading to a fixed version (for Debian see their security-tracker on CVE-2017-7547) is not enough, existing installations need manual work, as described in PostgreSQL's own news article 1772 describes. That howto is not only less then optimal (first half of step 4 should happen before step 3 for easier scripting) there does not seem to be a script yet.
Therefore I decided to create the following scripts ...
Scripted Solution
pg_fix_usermappings.sql code
For manual here is what our full script (see below) puts in /tmp/pg_fix_user_mappings.sql
:
pg_fix_usermappings.sh code & download
If you are trustworthy, simply download it and execute it as psql, i.e. with {{sudo -u psql pg_fix_usermappings.sh}}.