Important: Red Hat Security Advisory: postgresql:12 security update

An update for the postgresql:12 module is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...

Security update for postgresql15

This update for postgresql15 fixes the following issues: Upgrade to 15.12: CVE-2025-1094: Harden PQescapeString and allied functions against invalidly-encoded input strings bsc1237093. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

SUSE-SU-2025:00614-1 Security update for postgresql15

This update for postgresql15 fixes the following issues: Upgrade to 15.12: - CVE-2025-1094: Harden PQescapeString and allied functions against invalidly-encoded input strings bsc1237093...

August Linux Patch Wednesday

AugustLinux Patch Wednesday. I’m late with this LPW since I was improving the generation of LPW bulletin lists and the operation of Vulristics. In August, Linux vendors addressed 867 vulnerabilities, nearly twice July’s total, including 455 in the Linux Kernel. One vulnerability is confirmed...

USN-7648-3 php7.0, php7.2, php7.4 regression

USN-7648-2 fixed vulnerabilities in PHP. The patch for CVE-2025-1735 caused a regression in php7.0, php7.2 and php7.4. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that PHP incorrectly handled certain hostnames containing null...

PostgreSQL pg_dump newline in object name executes arbitrary code in psql client and in restore target server

...

PostgreSQL pg_dump lets superuser of origin server execute arbitrary code in psql client

...

PostgreSQL optimizer statistics can expose sampled data within a view, partition, or child table

...

SUSE SLES15 Security Update : postgresql15 (SUSE-SU-2025:03018-2)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03018-2 advisory. Upgrade to 15.14: - CVE-2025-8713: optimizer statistics can expose sampled data within a view, partition, or child table bsc124812...

Oracle Linux 8 : postgresql:12 (ELSA-2025-15115)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-15115 advisory. pgaudit pgrepack postgres-decoderbufs postgresql 12.22-5 - Fix previous Backport 12.22-4 - Backport CVE-2025-8715 Tenable has extracted the preceding...

Security update for postgresql15

This update for postgresql15 fixes the following issues: Upgrade to 15.14: CVE-2025-8713: optimizer statistics can expose sampled data within a view, partition, or child table bsc1248120. CVE-2025-8714: untrusted data inclusion in pgdump lets superuser of origin server execute arbitrary code in...

SUSE-SU-2025:03018-2 Security update for postgresql15

This update for postgresql15 fixes the following issues: Upgrade to 15.14: - CVE-2025-8713: optimizer statistics can expose sampled data within a view, partition, or child table bsc1248120. - CVE-2025-8714: untrusted data inclusion in pgdump lets superuser of origin server execute arbitrary code ...

RHSA-2025:15114 Red Hat Security Advisory: postgresql security update

Bulletin has no description...

RHSA-2025:15115 Red Hat Security Advisory: postgresql:12 security update

Bulletin has no description...

RHSA-2025:15062 Red Hat Security Advisory: postgresql:15 security update

Bulletin has no description...

RHSA-2025:15057 Red Hat Security Advisory: postgresql:13 security update

Bulletin has no description...

postgresql: PostgreSQL code execution in restore operation

A flaw was found in PostgreSQL. This vulnerability allows a malicious superuser on a PostgreSQL server to inject arbitrary code into dump files created by pgdump, pgdumpall, and pgrestore, causing arbitrary code execution on the client machine when these dump files are restored by psql due to...

postgresql: PostgreSQL executes arbitrary code in restore operation

A flaw was found in PostgreSQL. This vulnerability allows a malicious user of the PostgreSQL server to inject arbitrary code in dump files created by pgdump, pgdumpall, pgrestore, and pgupgrade, causing arbitrary code execution on the client machine or SQL injection when these dump files are...

Important: Red Hat Security Advisory: postgresql:12 security update

An update for the postgresql:12 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

postgresql: PostgreSQL optimizer statistics can expose sampled data within a view, partition, or child table

An access control bypass flaw has been discovered in PostgreSQL. The PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access. Separately, statistics allow a user to read sampled data that a row security policy intended to hide...