USN-7741-1: PostgreSQL vulnerabilities

Dean Rasheed discovered that PostgreSQL incorrectly handled access control lists. An attacker could possibly use this issue to obtain sensitive information. CVE-2025-8713 Martin Rakhmanov, Matthieu Denais, and RyotaK discovered that the PostgreSQL pgdump utility allowed untrusted data inclusion. ...

Amazon Linux 2023 : postgresql17, postgresql17-contrib, postgresql17-llvmjit (ALAS2023-2025-1158)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1158 advisory. PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access. Separately, statistics allow a user to read sampled data that a row security policy...

OESA-2025-2144 postgresql security update

PostgreSQL is an advanced Object-Relational database management system DBMS. The base postgresql package contains the client programs that you'll need to access a PostgreSQL DBMS server, as well as HTML documentation for the whole system. These client programs can be located on the same machine a...

OESA-2025-2138 libpq security update

PostgreSQL is a powerful, open source object-relational database system that uses and extends the SQL language combined with many features that safely store and scale the most complicated data workloads. This package provides the essential shared library for any PostgreSQL client program or...

Important: postgresql

Issue Overview: PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access. Separately, statistics allow a user to read sampled data that a row security policy intended to hide. PostgreSQL maintains statistics for tables by sampling data available ...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : postgresql17 (SUSE-SU-2025:02986-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02986-1 advisory. Updated to 17.6: CVE-2025-8713: Fixed optimizer statistics exposing sampled data within a view,...

SUSE SLES12 Security Update : postgresql16 (SUSE-SU-2025:02980-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02980-1 advisory. Upgraded to 16.10: CVE-2025-8713: Fixed optimizer statistics exposing sampled data within a view, partition, or child table bsc1248120...

SUSE SLES15 Security Update : postgresql16 (SUSE-SU-2025:02981-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02981-1 advisory. Upgraded to 16.10: CVE-2025-8713: Fixed optimizer statistics exposing sampled data within a view, partition, or child table...

SUSE-SU-2025:02981-1 Security update for postgresql16

This update for postgresql16 fixes the following issues: Upgraded to 16.10: CVE-2025-8713: Fixed optimizer statistics exposing sampled data within a view, partition, or child table bsc1248120 CVE-2025-8714: Fixed untrusted data inclusion in pgdump allows superuser of origin server to execute...