SUSE-SU-2025:03031-1 Security update for postgresql14

This update for postgresql14 fixes the following issues: Upgrade to 14.19: - CVE-2025-8713: optimizer statistics can expose sampled data within a view, partition, or child table bsc1248120. - CVE-2025-8714: untrusted data inclusion in pgdump lets superuser of origin server execute arbitrary code ...

SUSE-SU-2025:03030-1 Security update for postgresql15

This update for postgresql15 fixes the following issues: Upgrade to 15.14: - CVE-2025-8713: optimizer statistics can expose sampled data within a view, partition, or child table bsc1248120. - CVE-2025-8714: untrusted data inclusion in pgdump lets superuser of origin server execute arbitrary code ...

Security update for postgresql14

This update for postgresql14 fixes the following issues: Upgrade to 14.19: CVE-2025-8713: optimizer statistics can expose sampled data within a view, partition, or child table bsc1248120. CVE-2025-8714: untrusted data inclusion in pgdump lets superuser of origin server execute arbitrary code in...

postgresql security update

13.22-1 - Update to 13.22 13.18-1 - Update to 13.18...

Oracle Linux 9 : postgresql (ELSA-2025-14878)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-14878 advisory. 13.22-1 - Update to 13.22 13.18-1 - Update to 13.18 Tenable has extracted the preceding description block directly from the Oracle Linux security...

AlmaLinux 8 : postgresql:16 (ALSA-2025:14899)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:14899 advisory. postgresql: PostgreSQL executes arbitrary code in restore operation CVE-2025-8715 postgresql: PostgreSQL code execution in restore operation CVE-2025-871...

Overcoming TCP/IP Connection Limits with PgBouncer and PostgreSQL on Windows

Challenge When running PgBouncer and PostgreSQL on Windows, especially under high-load scenarios with frequent connect/disconnect cycles, you may encounter exhaustion of available TCP ports. This is due to many connections ending up in the TIMEWAIT state, preventing immediate reuse of those ports...

SUSE: Security Advisory (SUSE-SU-2025:02995-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2025:03004-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2025:03003-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2025:03005-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2025:02994-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

AlmaLinux 9 : postgresql (ALSA-2025:14878)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:14878 advisory. postgresql: PostgreSQL executes arbitrary code in restore operation CVE-2025-8715 postgresql: PostgreSQL code execution in restore operation CVE-2025-871...

Oracle Linux 8 : postgresql:16 (ELSA-2025-14899)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-14899 advisory. pgaudit 16.0-1 - Update to 16.0 - Support postgresql 16 - Initial import for PG 16 module - Resolves: RHEL-3636 pgrepack 1.5.1-1 - Update to 1.5.1...

AlmaLinux 9 : postgresql:16 (ALSA-2025:14827)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:14827 advisory. postgresql: PostgreSQL executes arbitrary code in restore operation CVE-2025-8715 postgresql: PostgreSQL code execution in restore operation CVE-2025-871...

Important: Red Hat Security Advisory: postgresql:16 security update

An update for the postgresql:16 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

postgresql: PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation

A flaw was found in PostgreSQL. A buffer over-read in PostgreSQL GB18030 encoding validation allows a database input provider to achieve temporary denial of service on platforms where a 1-byte over-read can lead to process termination...

postgresql: PostgreSQL code execution in restore operation

A flaw was found in PostgreSQL. This vulnerability allows a malicious superuser on a PostgreSQL server to inject arbitrary code into dump files created by pgdump, pgdumpall, and pgrestore, causing arbitrary code execution on the client machine when these dump files are restored by psql due to...

postgresql: PostgreSQL executes arbitrary code in restore operation

A flaw was found in PostgreSQL. This vulnerability allows a malicious user of the PostgreSQL server to inject arbitrary code in dump files created by pgdump, pgdumpall, pgrestore, and pgupgrade, causing arbitrary code execution on the client machine or SQL injection when these dump files are...

postgresql: PostgreSQL executes arbitrary code in restore operation

A flaw was found in PostgreSQL. This vulnerability allows a malicious user of the PostgreSQL server to inject arbitrary code in dump files created by pgdump, pgdumpall, pgrestore, and pgupgrade, causing arbitrary code execution on the client machine or SQL injection when these dump files are...