SUSE-SU-2026:20983-1 Security update for postgresql16

This update for postgresql16 fixes the following issues: - Update to versio 16.13. bsc1258754 - CVE-2026-2003: Guard against unexpected dimensions of oidvector/int2vector bsc1258008 - CVE-2026-2004: Harden selectivity estimators against being attached to operators that accept unexpected data type...

Ubuntu 22.04 LTS / 24.04 LTS / 25.10 : PostgreSQL vulnerabilities (USN-8072-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8072-1 advisory. Altan Birler discovered that PostgreSQL incorrectly validated oidvector types. An attacker could possibly use this issue to obtain a...

USN-8072-1: PostgreSQL vulnerabilities

Altan Birler discovered that PostgreSQL incorrectly validated oidvector types. An attacker could possibly use this issue to obtain a few bytes of sensitive information. CVE-2026-2003 Daniel Firer discovered that PostgreSQL incorrectly validated input in the intarray extension. An attacker could...

USN-8072-1 postgresql-14, postgresql-16, postgresql-17 vulnerabilities

Altan Birler discovered that PostgreSQL incorrectly validated oidvector types. An attacker could possibly use this issue to obtain a few bytes of sensitive information. CVE-2026-2003 Daniel Firer discovered that PostgreSQL incorrectly validated input in the intarray extension. An attacker could...

SUSE-SU-2026:0586-1 Security update for postgresql17

This update for postgresql17 fixes the following issues: Update to version 17.8. Security issues fixed: - CVE-2026-2003: improper validation of type 'oidvector' may allow disclose a few bytes of server memory bsc1258008. - CVE-2026-2004: intarray missing validation of type of input to selectivity...