Security update for postgresql17, postgresql18

This update for postgresql17, postgresql18 fixes the following issues: Changes in postgresql18: Fix build with uring for post SLE15 code streams. Update to 18.1: https://www.postgresql.org/about/news/p-3171/ https://www.postgresql.org/docs/release/18.1/ bsc1253332, CVE-2025-12817: Missing check f...

SUSE-SU-2025:4364-1 Security update for postgresql17, postgresql18

This update for postgresql17, postgresql18 fixes the following issues: Changes in postgresql18: - Fix build with uring for post SLE15 code streams. Update to 18.1: https://www.postgresql.org/about/news/p-3171/ https://www.postgresql.org/docs/release/18.1/ bsc1253332, CVE-2025-12817: Missing check...

Security update for postgresql17, postgresql18

This update for postgresql17, postgresql18 fixes the following issues: Changes in postgresql18: Fix build with uring for post SLE15 code streams. Update to 18.1: https://www.postgresql.org/about/news/p-3171/ https://www.postgresql.org/docs/release/18.1/ bsc1253332, CVE-2025-12817: Missing check f...

SUSE-SU-2025:4363-1 Security update for postgresql17, postgresql18

This update for postgresql17, postgresql18 fixes the following issues: Changes in postgresql18: - Fix build with uring for post SLE15 code streams. Update to 18.1: https://www.postgresql.org/about/news/p-3171/ https://www.postgresql.org/docs/release/18.1/ bsc1253332, CVE-2025-12817: Missing check...

RHSA-2025:23022 Red Hat Security Advisory: postgresql:15 security update

Bulletin has no description...

RHEL 9 : libpq (RHSA-2025:23124)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:23124 advisory. The libpq package provides the PostgreSQL client library, which allows client programs to connect to PostgreSQL servers. Security Fixes: postgresql:...

SUSE: Security Advisory (SUSE-SU-2025:4334-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Advisory (SUSE-SU-2025:4325-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHSA-2025:23023 Red Hat Security Advisory: postgresql:15 security update

Bulletin has no description...

postgresql: libpq: libpq undersizes allocations, via integer wraparound

A vulnerability has been identified in PostgreSQL’s libpq client library, where integer wraparound in several allocation-size calculations allows a peer or input provider to cause an undersized buffer and then write out-of-bounds by hundreds of megabytes. This can lead to a client application...

postgresql: CREATE STATISTICS does not check for schema CREATE privilege

A vulnerability has been identified in PostgreSQL’s CREATE STATISTICS command where the database does not check that the user has the required schema CREATE privilege. A table owner user could create a statistics object in any schema, blocking other users who legitimately hold CREATE STATISTICS...

Moderate: Red Hat Security Advisory: postgresql:15 security update

An update for the postgresql:15 module is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

postgresql: CREATE STATISTICS does not check for schema CREATE privilege

A vulnerability has been identified in PostgreSQL’s CREATE STATISTICS command where the database does not check that the user has the required schema CREATE privilege. A table owner user could create a statistics object in any schema, blocking other users who legitimately hold CREATE STATISTICS...

postgresql: libpq: libpq undersizes allocations, via integer wraparound

A vulnerability has been identified in PostgreSQL’s libpq client library, where integer wraparound in several allocation-size calculations allows a peer or input provider to cause an undersized buffer and then write out-of-bounds by hundreds of megabytes. This can lead to a client application...

Moderate: Red Hat Security Advisory: postgresql:15 security update

An update for the postgresql:15 module is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severit...

📄 Redash Authenticated Remote Command Execution

Redash’s default setup uses PostgreSQL superuser credentials for its primary data source. Because users can run SQL through Redash, any authenticated account gains excessive control over the database. This allows executing system commands on the database server through PostgreSQL’s COPY FROM...

RHEL 9 : postgresql:15 (RHSA-2025:23023)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:23023 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: CREATE STATISTICS does not check f...

openSUSE 15 Security Update : postgresql13 (SUSE-SU-2025:4325-1)

The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4325-1 advisory. Upgraded to 13.23: - CVE-2025-12817: Fixed missing check for CREATE privileges on the schema in CREATE STATISTICS bsc1253332 - CVE-2025-12818: Fixed...

RHEL 9 : postgresql:15 (RHSA-2025:23022)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:23022 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: CREATE STATISTICS does not check f...

SUSE SLES12 Security Update : postgresql13 (SUSE-SU-2025:4334-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4334-1 advisory. Upgraded to 13.23: - CVE-2025-12817: Fixed missing check for CREATE privileges on the schema in CREATE STATISTICS bsc1253332 - CVE-2025-12818:...