Explore top 10 tips to secure your open-source projects now. Read More
×
This update for postgresql16 fixes the following issues:
- Update to versio 16.13. (bsc#1258754)
- CVE-2026-2003: Guard against unexpected dimensions of oidvector/int2vector (bsc#1258008)
- CVE-2026-2004: Harden selectivity estimators against being attached to operators that accept unexpected data types. (bsc#1258009)
- CVE-2026-2005: Fix buffer overrun in contrib/pgcrypto's PGP decryption functions. (bsc#1258010)
- CVE-2026-2006: Fix inadequate validation of multibyte character lengths. (bsc#1258011)
Patch instructions:
To install this openSUSE security update use the suse recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 16.0
zypper in -t patch openSUSE-Leap-16.0-465=1
- openSUSE Leap 16.0:
postgresql16-16.13-160000.1.1
postgresql16-contrib-16.13-160000.1.1
postgresql16-devel-16.13-160000.1.1
postgresql16-docs-16.13-160000.1.1
postgresql16-llvmjit-16.13-160000.1.1
postgresql16-llvmjit-devel-16.13-160000.1.1
postgresql16-plperl-16.13-160000.1.1
postgresql16-plpython-16.13-160000.1.1
postgresql16-pltcl-16.13-160000.1.1
postgresql16-server-16.13-160000.1.1
postgresql16-server-devel-16.13-160000.1.1
postgresql16-test-16.13-160000.1.1
* bsc#1258008
* bsc#1258009
* bsc#1258010
* bsc#1258011
* bsc#1258754
References:
* https://www.suse.com/security/cve/CVE-2026-2003.html
* https://www.suse.com/security/cve/CVE-2026-2004.html
* https://www.suse.com/security/cve/CVE-2026-2005.html
* https://www.suse.com/security/cve/CVE-2026-2006.html
Get the latest Linux and open source security news straight to your inbox.