ALSA-2026:0524 Moderate: postgresql:15 security update

PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: CREATE STATISTICS does not check for schema CREATE privilege CVE-2025-12817 postgresql: libpq undersizes allocations, via integer wraparound CVE-2025-12818 For more details about the security...

Advisory ROSA-SA-2025-3037

Software: postgresql14 14.18 OS: rosa-server79 unaffected versions = postgresql14-14.18-1PGDG.res7 affected versions postgresql14-14.18-1PGDG.res7 CVE-ID: CVE-2023-5869 BDU-ID: 2023-07840 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the arrayappend, arrayprepend, and arraysubscripthandler functio...

SUSE-SU-2025:01783-1 Security update for postgresql17

This update for postgresql17 fixes the following issues: Upgrade to 17.5: - CVE-2025-4207: Fixed PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation bsc1242931 Changelog: https://www.postgresql.org/docs/release/17.5/...

SUSE-SU-2025:01750-1 Security update for postgresql13

This update for postgresql13 fixes the following issues: Upgrade to 13.21: - CVE-2025-4207: Fixed PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation bsc1242931 Changelog: https://www.postgresql.org/docs/release/13.21/...

SUSE-SU-2025:01749-1 Security update for postgresql15

This update for postgresql15 fixes the following issues: Upgrade to 15.13: - CVE-2025-4207: Fixed PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation bsc1242931 Changelog: https://www.postgresql.org/docs/release/15.13/...

SUSE-SU-2025:01661-1 Security update for postgresql14

This update for postgresql14 fixes the following issues: Upgrade to 14.18: - CVE-2025-4207: Fixed PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation bsc1242931...

AlmaLinux 8 : postgresql:12 (ALSA-2025:3082)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:3082 advisory. postgresql: PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding validation CVE-2025-1094 Tenable has extracted the preceding...

Advisory ROSA-SA-2025-2788

Software: postgresql 9.2.24 OS: rosa-server79 packageevrstring: postgresql-9.2.24-9.0.4.res7 CVE-ID: CVE-2023-5869 BDU-ID: 2023-07840 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the arrayappend, arrayprepend, arraysubscripthandler functions of the PostgreSQL database management system is related...

AlmaLinux 8 : postgresql:16 (ALSA-2025:1740)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:1740 advisory. postgresql: PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding validation CVE-2025-1094 Tenable has extracted the preceding...

Important: Red Hat Security Advisory: libpq security update

An update for libpq is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

RHSA-2023:7884 Red Hat Security Advisory: postgresql:15 security update

Bulletin has no description...

RHSA-2015:0699 Red Hat Security Advisory: postgresql92-postgresql security update

Bulletin has no description...

Important: postgresql

Issue Overview: IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:...@ inside a quoting construct dollar quoting, '', or "". If an administrator has installed files of a vulnerable, trusted, non-bundled extension, an...

SUSE-SU-2020:3455-1 Security update for postgresql10

This update for postgresql10 fixes the following issues: - Upgrade to version 10.15: CVE-2020-25695, bsc1178666: Block DECLARE CURSOR ... WITH HOLD and firing of deferred triggers within index expressions and materialized view queries. CVE-2020-25694, bsc1178667: a Fix usage of complex...

RHEL 6 : postgresql (RHSA-2017:2860)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2017:2860 advisory. - postgresql: Empty password accepted in some authentication methods CVE-2017-7546 Note that Nessus has not tested for this issue but has instead...