Explore top 10 tips to secure your open-source projects now. Read More
×MariaDB 10.11.18 Upstream Release notes: https://mariadb.com/docs/release-notes/community-server/10.11/10.11.18 Upstream Changelog: https://mariadb.com/docs/release-notes/community-. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-efc64a64ec 2026-06-29 01:10:47.357937+00:00 -------------------------------------------------------------------------------- Name : mariadb10.11 Product : Fedora 43 Version : 10.11.18 Release : 2.fc43 URL : http://mariadb.org Summary : A very fast and robust SQL database server Description : MariaDB is a community developed fork from MySQL - a multi-user, multi-threaded SQL database server. It is a client/server implementation consisting of a server daemon (mariadbd) and many different client programs and libraries. The base package contains the standard MariaDB/MySQL client programs and utilities. -------------------------------------------------------------------------------- Update Information: MariaDB 10.11.18 Upstream Release notes: https://mariadb.com/docs/release-notes/community-server/10.11/10.11.18 Upstream Changelog: https://mariadb.com/docs/release-notes/community- server/changelogs/10.11/10.11.18 Fixes CVEs: CVE-2026-49261 CVE-2026-48165 CVE-2026-48163 CVE-2026-44173 CVE-2026-44172 CVE-2026-44171 CVE-2026-44170 CVE-2026-44168 -------------------------------------------------------------------------------- ChangeLog: * Thu Jun 25 2026 František Zatloukal - 3:10.11.18-2 - Rebuilt for fmt/spdlog * Wed Jun 3 2026 Pavol Sloboda - 3:10.11.18-1 - Rebase to 10.11.18 * Tue May 26 2026 Pavol Sloboda - 3:10.11.17-1 - Rebase to 10.11.17 * Thu Mar 19 2026 Michal Schorm - 3:10.11.16-3 - Bump release for package rebuild -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-efc64a64ec' at the command line. For more information, refer to thednf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- . MariaDB 10.11.18 update provides significant improvements and security fixes. Upgrade to enhance performance and security.. MariaDB update Fedora SQL security fixes performance. . Severity: Important. LinuxSecurity.com Team
Important: postgresql18 security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:27742", "synopsis": "Important: postgresql18 security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for postgresql18.\nThis update affects Rocky Linux 10.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "PostgreSQL is an advanced Object-Relational database management system (DBMS). The base postgresql package contains the client programs that you'll need to access a PostgreSQL DBMS server, as well as HTML documentation for the whole system. These client programs can be located on the same machine as the PostgreSQL server, or on a remote machine that accesses a PostgreSQL server over a network connection. The PostgreSQL server can be found in the postgresql-server sub-package.\n\nSecurity Fix(es):\n\n* postgresql: PostgreSQL: Operating system account hijack via symlink following in pg_basebackup and pg_rewind (CVE-2026-6475)\n\n* postgresql: PostgreSQL libpq: Buffer overflow allows server superuser to overwrite client stack memory (CVE-2026-6477)\n\n* postgresql: PostgreSQL: Credential recovery via covert timing channel in MD5 password comparison (CVE-2026-6478)\n\n* postgresql: integer overflow can cause an undersized allocation and an out-of-bounds write (CVE-2026-6473)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 10"], "fixes": [{"ticket": "2477442", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2477442", "description": ""}, {"ticket": "2477447", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2477447", "description": ""}, {"ticket": "2477448", "sourceBy": "Red Hat", "sourceLink":"https://bugzilla.redhat.com/show_bug.cgi?id=2477448", "description": ""}, {"ticket": "2477439", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2477439", "description": ""}], "cves": [{"name": "CVE-2026-6473", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6473", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "cvss3BaseScore": "8.8", "cwe": "CWE-190"}, {"name": "CVE-2026-6475", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6475", "cvss3ScoringVector": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "cvss3BaseScore": "6.7", "cwe": "CWE-59"}, {"name": "CVE-2026-6477", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6477", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H", "cvss3BaseScore": "8.4", "cwe": "CWE-120"}, {"name": "CVE-2026-6478", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6478", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", "cvss3BaseScore": "8.2", "cwe": "CWE-385"}], "references": [], "publishedAt": "2026-06-24T12:05:09.232192Z", "rpms": {"Rocky Linux 10": {"nvras": ["postgresql18-docs-0:18.4-1.el10_2.aarch64.rpm", "postgresql18-upgrade-0:18.4-1.el10_2.x86_64.rpm", "postgresql18-test-debuginfo-0:18.4-1.el10_2.s390x.rpm", "postgresql18-static-0:18.4-1.el10_2.ppc64le.rpm", "postgresql18-server-devel-0:18.4-1.el10_2.x86_64.rpm", "postgresql18-private-libs-0:18.4-1.el10_2.aarch64.rpm", "postgresql18-private-libs-debuginfo-0:18.4-1.el10_2.aarch64.rpm", "postgresql18-plpython3-0:18.4-1.el10_2.aarch64.rpm", "postgresql18-0:18.4-1.el10_2.s390x.rpm", "postgresql18-upgrade-0:18.4-1.el10_2.s390x.rpm", "postgresql18-private-libs-debuginfo-0:18.4-1.el10_2.s390x.rpm", "postgresql18-docs-0:18.4-1.el10_2.s390x.rpm", "postgresql18-upgrade-devel-debuginfo-0:18.4-1.el10_2.aarch64.rpm","postgresql18-docs-debuginfo-0:18.4-1.el10_2.ppc64le.rpm", "postgresql18-plperl-debuginfo-0:18.4-1.el10_2.ppc64le.rpm", "postgresql18-upgrade-debuginfo-0:18.4-1.el10_2.ppc64le.rpm", "postgresql18-server-0:18.4-1.el10_2.aarch64.rpm", "postgresql18-debugsource-0:18.4-1.el10_2.s390x.rpm", "postgresql18-test-debuginfo-0:18.4-1.el10_2.aarch64.rpm", "postgresql18-plperl-debuginfo-0:18.4-1.el10_2.x86_64.rpm", "postgresql18-upgrade-0:18.4-1.el10_2.ppc64le.rpm", "postgresql18-docs-debuginfo-0:18.4-1.el10_2.aarch64.rpm", "postgresql18-server-devel-0:18.4-1.el10_2.s390x.rpm", "postgresql18-static-0:18.4-1.el10_2.aarch64.rpm", "postgresql18-debuginfo-0:18.4-1.el10_2.s390x.rpm", "postgresql18-server-devel-debuginfo-0:18.4-1.el10_2.aarch64.rpm", "postgresql18-private-devel-0:18.4-1.el10_2.ppc64le.rpm", "postgresql18-debuginfo-0:18.4-1.el10_2.aarch64.rpm", "postgresql18-private-libs-debuginfo-0:18.4-1.el10_2.x86_64.rpm", "postgresql18-plpython3-0:18.4-1.el10_2.x86_64.rpm", "postgresql18-plpython3-debuginfo-0:18.4-1.el10_2.ppc64le.rpm", "postgresql18-docs-0:18.4-1.el10_2.x86_64.rpm", "postgresql18-upgrade-devel-debuginfo-0:18.4-1.el10_2.ppc64le.rpm", "postgresql18-upgrade-devel-0:18.4-1.el10_2.aarch64.rpm", "postgresql18-server-devel-debuginfo-0:18.4-1.el10_2.s390x.rpm", "postgresql18-test-0:18.4-1.el10_2.ppc64le.rpm", "postgresql18-0:18.4-1.el10_2.src.rpm", "postgresql18-debuginfo-0:18.4-1.el10_2.x86_64.rpm", "postgresql18-static-0:18.4-1.el10_2.x86_64.rpm", "postgresql18-server-0:18.4-1.el10_2.s390x.rpm", "postgresql18-server-0:18.4-1.el10_2.x86_64.rpm", "postgresql18-debugsource-0:18.4-1.el10_2.x86_64.rpm", "postgresql18-private-libs-0:18.4-1.el10_2.s390x.rpm", "postgresql18-server-debuginfo-0:18.4-1.el10_2.x86_64.rpm", "postgresql18-debugsource-0:18.4-1.el10_2.aarch64.rpm", "postgresql18-server-debuginfo-0:18.4-1.el10_2.ppc64le.rpm", "postgresql18-debuginfo-0:18.4-1.el10_2.ppc64le.rpm", "postgresql18-contrib-debuginfo-0:18.4-1.el10_2.s390x.rpm", "postgresql18-plperl-0:18.4-1.el10_2.ppc64le.rpm","postgresql18-private-libs-0:18.4-1.el10_2.ppc64le.rpm", "postgresql18-plpython3-0:18.4-1.el10_2.s390x.rpm", "postgresql18-upgrade-devel-0:18.4-1.el10_2.x86_64.rpm", "postgresql18-0:18.4-1.el10_2.aarch64.rpm", "postgresql18-contrib-0:18.4-1.el10_2.s390x.rpm", "postgresql18-test-debuginfo-0:18.4-1.el10_2.ppc64le.rpm", "postgresql18-private-devel-0:18.4-1.el10_2.x86_64.rpm", "postgresql18-private-devel-0:18.4-1.el10_2.aarch64.rpm", "postgresql18-0:18.4-1.el10_2.ppc64le.rpm", "postgresql18-test-0:18.4-1.el10_2.x86_64.rpm", "postgresql18-docs-0:18.4-1.el10_2.ppc64le.rpm", "postgresql18-plperl-debuginfo-0:18.4-1.el10_2.s390x.rpm", "postgresql18-server-0:18.4-1.el10_2.ppc64le.rpm", "postgresql18-docs-debuginfo-0:18.4-1.el10_2.x86_64.rpm", "postgresql18-plpython3-debuginfo-0:18.4-1.el10_2.x86_64.rpm", "postgresql18-upgrade-devel-0:18.4-1.el10_2.ppc64le.rpm", "postgresql18-contrib-debuginfo-0:18.4-1.el10_2.aarch64.rpm", "postgresql18-debugsource-0:18.4-1.el10_2.ppc64le.rpm", "postgresql18-test-0:18.4-1.el10_2.s390x.rpm", "postgresql18-contrib-0:18.4-1.el10_2.ppc64le.rpm", "postgresql18-private-libs-debuginfo-0:18.4-1.el10_2.ppc64le.rpm", "postgresql18-server-devel-debuginfo-0:18.4-1.el10_2.ppc64le.rpm", "postgresql18-plperl-0:18.4-1.el10_2.aarch64.rpm", "postgresql18-upgrade-0:18.4-1.el10_2.aarch64.rpm", "postgresql18-0:18.4-1.el10_2.x86_64.rpm", "postgresql18-docs-debuginfo-0:18.4-1.el10_2.s390x.rpm", "postgresql18-upgrade-debuginfo-0:18.4-1.el10_2.s390x.rpm", "postgresql18-test-rpm-macros-0:18.4-1.el10_2.noarch.rpm", "postgresql18-server-devel-debuginfo-0:18.4-1.el10_2.x86_64.rpm", "postgresql18-server-debuginfo-0:18.4-1.el10_2.s390x.rpm", "postgresql18-contrib-0:18.4-1.el10_2.aarch64.rpm", "postgresql18-plperl-0:18.4-1.el10_2.x86_64.rpm", "postgresql18-test-debuginfo-0:18.4-1.el10_2.x86_64.rpm", "postgresql18-upgrade-debuginfo-0:18.4-1.el10_2.aarch64.rpm", "postgresql18-contrib-0:18.4-1.el10_2.x86_64.rpm", "postgresql18-server-devel-0:18.4-1.el10_2.ppc64le.rpm","postgresql18-plpython3-debuginfo-0:18.4-1.el10_2.aarch64.rpm", "postgresql18-server-debuginfo-0:18.4-1.el10_2.aarch64.rpm", "postgresql18-plperl-0:18.4-1.el10_2.s390x.rpm", "postgresql18-private-devel-0:18.4-1.el10_2.s390x.rpm", "postgresql18-contrib-debuginfo-0:18.4-1.el10_2.x86_64.rpm", "postgresql18-plperl-debuginfo-0:18.4-1.el10_2.aarch64.rpm", "postgresql18-upgrade-devel-debuginfo-0:18.4-1.el10_2.x86_64.rpm", "postgresql18-upgrade-devel-debuginfo-0:18.4-1.el10_2.s390x.rpm", "postgresql18-contrib-debuginfo-0:18.4-1.el10_2.ppc64le.rpm", "postgresql18-plpython3-0:18.4-1.el10_2.ppc64le.rpm", "postgresql18-plpython3-debuginfo-0:18.4-1.el10_2.s390x.rpm", "postgresql18-upgrade-devel-0:18.4-1.el10_2.s390x.rpm", "postgresql18-test-0:18.4-1.el10_2.aarch64.rpm", "postgresql18-server-devel-0:18.4-1.el10_2.aarch64.rpm", "postgresql18-private-libs-0:18.4-1.el10_2.x86_64.rpm", "postgresql18-static-0:18.4-1.el10_2.s390x.rpm", "postgresql18-upgrade-debuginfo-0:18.4-1.el10_2.x86_64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. PostgreSQL security update on Rocky Linux addresses multiple critical flaws to enhance database integrity and security.. Rocky Linux Security Update PostgreSQL Important. . Severity: Important. LinuxSecurity.com Team
Several security issues were fixed in MySQL.. ========================================================================== Ubuntu Security Notice USN-8363-2 June 03, 2026 mysql-8.0 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS Summary: Several security issues were fixed in MySQL. Software Description: - mysql-8.0: MySQL database Details: USN-8363-1 fixed several vulnerabilities in MySQL. This update provides the corresponding fixes for MySQL on Ubuntu 20.04 LTS. Original advisory details: Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.46 in Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. Ubuntu 25.10 and Ubuntu 26.04 LTS have been updated to MySQL 8.4.9. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-46.html https://dev.mysql.com/doc/relnotes/mysql/8.4/en/news-8-4-9.html https://www.oracle.com/security-alerts/cpuapr2026.html Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS mysql-server-8.0 8.0.46-0ubuntu0.20.04.1+esm2 Available with Ubuntu Pro This update uses a new upstream release, which includes additional bug fixes. In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-8363-2 https://ubuntu.com/security/notices/USN-8363-1 CVE-2026-21998, CVE-2026-22001, CVE-2026-22002, CVE-2026-22004, CVE-2026-22005, CVE-2026-22009, CVE-2026-22015, CVE-2026-22017, CVE-2026-34267, CVE-2026-34270, CVE-2026-34271, CVE-2026-34276, CVE-2026-34278, CVE-2026-34293, CVE-2026-34303,CVE-2026-34304, CVE-2026-34308, CVE-2026-34317, CVE-2026-34318, CVE-2026-34319, CVE-2026-35236, CVE-2026-35237, CVE-2026-35238, CVE-2026-35239, CVE-2026-35240 . Critical updates for MySQL address multiple security issues in Ubuntu 20.04 LTS, enhancing database security.. MySQL security updates, Ubuntu 20.04 LTS, database vulnerabilities, MySQL fixes. . Severity: Important. LinuxSecurity.com Team
MySQL 8.0.46 Release notes: https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-46.html Known issue: s390x-specific issue - zlib with DFLTCC compressed pages with low KEY_BLOCK_SIZE values can cause ER_TOO_BIG_ROWSIZE errors in tables near the column count and their size limits.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-0c462e5676 2026-05-21 01:26:51.960447+00:00 -------------------------------------------------------------------------------- Name : mysql8.0 Product : Fedora 43 Version : 8.0.46 Release : 1.fc43 URL : http://www.mysql.com Summary : MySQL client programs and shared libraries Description : MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon (mysqld) and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files. -------------------------------------------------------------------------------- Update Information: MySQL 8.0.46 Release notes: https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-46.html Known issue: s390x-specific issue - zlib with DFLTCC compressed pages with low KEY_BLOCK_SIZE values can cause ER_TOO_BIG_ROWSIZE errors in tables near the column count and their size limits. EOL notice: As of April 2026, with version 8.0.46, MySQL 8.0 reached End of Life (EoL). -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 22 2026 Michal Schorm - 8.0.46-1 - Rebase to 8.0.46 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2461062 - CVE-2026-21998 CVE-2026-22001 CVE-2026-22002 CVE-2026-22004 CVE-2026-22005 CVE-2026-22009 CVE-2026-22015 CVE-2026-22017 CVE-2026-34267 CVE-2026-34270 CVE-2026-34271 CVE-2026-34276 CVE-2026-34278 CVE-2026-34293 ... mysql8.0: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2461062 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-0c462e5676' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
MySQL 8.4.9 Release notes: https://dev.mysql.com/doc/relnotes/mysql/8.4/en/news-8-4-9.html Known issue: s390x-specific issue - zlib with DFLTCC compressed pages with low KEY_BLOCK_SIZE values can cause ER_TOO_BIG_ROWSIZE errors in tables near the column count and their size limits.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-a7adf2637c 2026-05-21 01:26:51.960408+00:00 -------------------------------------------------------------------------------- Name : mysql8.4 Product : Fedora 43 Version : 8.4.9 Release : 1.fc43 URL : http://www.mysql.com Summary : MySQL client programs and shared libraries Description : MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon (mysqld) and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files. -------------------------------------------------------------------------------- Update Information: MySQL 8.4.9 Release notes: https://dev.mysql.com/doc/relnotes/mysql/8.4/en/news-8-4-9.html Known issue: s390x-specific issue - zlib with DFLTCC compressed pages with low KEY_BLOCK_SIZE values can cause ER_TOO_BIG_ROWSIZE errors in tables near the column count and their size limits. -------------------------------------------------------------------------------- ChangeLog: * Wed May 6 2026 Michal Schorm - 8.4.9-1 - Rebase to 8.4.9 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2461060 - CVE-2026-21998 CVE-2026-22001 CVE-2026-22002 CVE-2026-22004 CVE-2026-22005 CVE-2026-22009 CVE-2026-22015 CVE-2026-22017 CVE-2026-34270 CVE-2026-34271 CVE-2026-34276 CVE-2026-34303 CVE-2026-34304 CVE-2026-34308 ... mysql8.4: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2461060 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-a7adf2637c' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
MySQL 8.0.46 Release notes: https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-46.html Known issue: s390x-specific issue - zlib with DFLTCC compressed pages with low KEY_BLOCK_SIZE values can cause ER_TOO_BIG_ROWSIZE errors in tables near the column count and their size limits.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-1704f705ab 2026-05-21 00:54:04.884681+00:00 -------------------------------------------------------------------------------- Name : mysql8.0 Product : Fedora 44 Version : 8.0.46 Release : 1.fc44 URL : http://www.mysql.com Summary : MySQL client programs and shared libraries Description : MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon (mysqld) and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files. -------------------------------------------------------------------------------- Update Information: MySQL 8.0.46 Release notes: https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-46.html Known issue: s390x-specific issue - zlib with DFLTCC compressed pages with low KEY_BLOCK_SIZE values can cause ER_TOO_BIG_ROWSIZE errors in tables near the column count and their size limits. EOL notice: As of April 2026, with version 8.0.46, MySQL 8.0 reached End of Life (EoL). -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 22 2026 Michal Schorm - 8.0.46-1 - Rebase to 8.0.46 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2461062 - CVE-2026-21998 CVE-2026-22001 CVE-2026-22002 CVE-2026-22004 CVE-2026-22005 CVE-2026-22009 CVE-2026-22015 CVE-2026-22017 CVE-2026-34267 CVE-2026-34270 CVE-2026-34271 CVE-2026-34276 CVE-2026-34278 CVE-2026-34293 ... mysql8.0: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2461062 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-1704f705ab' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
MGASA-2026-0151 - Updated postgresql15 packages fix security vulnerabilities. MGASA-2026-0151 - Updated postgresql15 packages fix security vulnerabilities Publication date: 19 May 2026 URL: https://advisories.mageia.org/MGASA-2026-0151.html Type: security Affected Mageia releases: 9 CVE: CVE-2026-6472, CVE-2026-6473, CVE-2026-6474, CVE-2026-6475, CVE-2026-6476, CVE-2026-6477, CVE-2026-6478, CVE-2026-6479, CVE-2026-6575, CVE-2026-6637, CVE-2026-6638 Description: PostgreSQL CREATE TYPE does not check multirange schema CREATE privilege. (CVE-2026-6472) PostgreSQL server undersizes allocations, via integer wraparound. (CVE-2026-6473) PostgreSQL timeofday() can disclose portions of server memory. (CVE-2026-6474) PostgreSQL pg_basebackup and pg_rewind can overwrite unrelated files of origin superuser choice. (CVE-2026-6475) PostgreSQL libpq lo_* functions let server superuser overwrite client stack memory. (CVE-2026-6477) PostgreSQL discloses MD5-hashed passwords via covert timing channel. (CVE-2026-6478) PostgreSQL SSL/GSS init causes denial of service, via uncontrolled recursion. (CVE-2026-6479) PostgreSQL refint allows stack buffer overflow and SQL injection. (CVE-2026-6637) References: - https://bugs.mageia.org/show_bug.cgi?id=35534 - https://www.postgresql.org/about/news/postgresql-184-1710-1614-1518-and-1423-released-3297/ - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6472 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6473 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6474 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6475 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6476 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6477 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6478 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6479 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6575 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6637 -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6638 SRPMS: - 9/core/postgresql15-15.18-1.mga9 . Updated postgresql15 packages for Mageia fix critical security issues to safeguard database data integrity.. PostgreSQL Security, Mageia Update, Database Vulnerabilities, Memory Exploitation. . Severity: Important. LinuxSecurity.com Team
. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4548-1
Get the latest Linux and open source security news straight to your inbox.