Mageia 9: PostgreSQL Important Exec Code Threat MGASA-2025-0230
mageia
September 8, 2025
MGASA-2025-0230 - Updated postgresql15 & postgresql13 packages fix security vulnerabilities
Summary
Description:
PostgreSQL optimizer statistics can expose sampled data within a view,
partition, or child table. (CVE-2025-8713)
PostgreSQL pg_dump lets superuser of origin server execute arbitrary
code in psql client. (CVE-2025-8714)
PostgreSQL pg_dump newline in object name executes arbitrary code in
psql client and in restore target server. (CVE-2025-8715)
References
- https://bugs.mageia.org/show_bug.cgi?id=34608
- https://www.postgresql.org/about/news/postgresql-176-1610-1514-1419-1322-and-18-beta-3-released-3118/
- https://www.cve.org/CVERecord?id=CVE-2025-8713
- https://www.cve.org/CVERecord?id=CVE-2025-8714
- https://www.cve.org/CVERecord?id=CVE-2025-8715
Topics Covered
Resolution
SRPMS
- 9/core/postgresql15-15.14-1.mga9
- 9/core/postgresql13-13.22-1.mga9
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Publication date: 08 Sep 2025
URL: https://advisories.mageia.org/MGASA-2025-0230.html
Type: security
CVE: CVE-2025-8713,
CVE-2025-8714,
CVE-2025-8715
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!