Alerts This Week
Warning Icon 1 1,154
Alerts This Week
Warning Icon 1 1,154

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Can sandbox isolation stop malware?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/154-can-sandbox-isolation-stop-malware?task=poll.vote&format=json
154
radio
0
[{"id":497,"title":"Breaches happen despite container barriers.","votes":0,"type":"x","order":1,"pct":0,"resources":[]},{"id":498,"title":"Supply chain flaws exploit trust.","votes":2,"type":"x","order":2,"pct":100,"resources":[]},{"id":499,"title":"Flawed configurations expose vital files.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 22 articles for you...
100

SUSE: PostgreSQL Moderate Encoding Issue CVE-2025-4207 2025:01786-2

* bsc#1242931 Cross-References: * CVE-2025-4207 . # Security update for postgresql14 Announcement ID: SUSE-SU-2025:01786-2 Release Date: 2025-08-11T12:43:59Z Rating: moderate References: * bsc#1242931 Cross-References: * CVE-2025-4207 CVSS scores: * CVE-2025-4207 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-4207 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Desktop 15 SP3 * SUSE Linux Enterprise Desktop 15 SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.2 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.2 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.2 * SUSE Manager Server 4.3 * SUSE Package Hub 15 15-SP3 * SUSE Package Hub 15 15-SP4 * SUSE Package Hub 15 15-SP5 An update that solves one vulnerability can now be installed. ## Description: This update for postgresql14 fixes the following issues: Upgrade to 14.18: * CVE-2025-4207: Fixed PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation (bsc#1242931) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaSTonline_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Package Hub 15 15-SP3 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2025-1786=1 * SUSE Package Hub 15 15-SP4 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2025-1786=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2025-1786=1 ## Package List: * SUSE Package Hub 15 15-SP3 (aarch64 ppc64le s390x x86_64) * postgresql14-llvmjit-debuginfo-14.18-150200.5.58.1 * postgresql14-llvmjit-14.18-150200.5.58.1 * SUSE Package Hub 15 15-SP3 (x86_64) * postgresql14-test-14.18-150200.5.58.1 * SUSE Package Hub 15 15-SP4 (aarch64 ppc64le s390x x86_64) * postgresql14-debuginfo-14.18-150200.5.58.1 * postgresql14-llvmjit-debuginfo-14.18-150200.5.58.1 * postgresql14-debugsource-14.18-150200.5.58.1 * postgresql14-llvmjit-14.18-150200.5.58.1 * postgresql14-test-14.18-150200.5.58.1 * postgresql14-llvmjit-devel-14.18-150200.5.58.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * postgresql14-debuginfo-14.18-150200.5.58.1 * postgresql14-llvmjit-debuginfo-14.18-150200.5.58.1 * postgresql14-debugsource-14.18-150200.5.58.1 * postgresql14-llvmjit-14.18-150200.5.58.1 * postgresql14-test-14.18-150200.5.58.1 ## References: * https://www.suse.com/security/cve/CVE-2025-4207.html * https://bugzilla.suse.com/show_bug.cgi?id=1242931 . Latest security patch for PostgreSQL on SUSE fixes CVE-2025-4207, noted for its moderate severity regarding encoding vulnerabilities.. SUSE Linux, PostgreSQL, security update, encoding validation, CVE-2025-4207. . LinuxSecurity.com Team

Calendar%202 Aug 11, 2025 SuSE
100

SUSE: 2025:01772-1 moderate: postgresql14 encoding issue fix

* bsc#1242931 Cross-References: * CVE-2025-4207 . # Security update for postgresql14 Announcement ID: SUSE-SU-2025:01772-1 Release Date: 2025-05-30T10:44:52Z Rating: moderate References: * bsc#1242931 Cross-References: * CVE-2025-4207 CVSS scores: * CVE-2025-4207 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-4207 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for postgresql14 fixes the following issues: Upgrade to 14.18: * CVE-2025-4207: Fixed PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation (bsc#1242931) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-1772=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-1772=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * postgresql14-contrib-14.18-3.57.1 * postgresql14-pltcl-debuginfo-14.18-3.57.1 * postgresql14-debugsource-14.18-3.57.1 * postgresql14-devel-14.18-3.57.1 * postgresql14-plperl-14.18-3.57.1 * postgresql14-server-14.18-3.57.1 * postgresql14-plperl-debuginfo-14.18-3.57.1 * postgresql14-server-debuginfo-14.18-3.57.1 * postgresql14-plpython-debuginfo-14.18-3.57.1 * postgresql14-devel-debuginfo-14.18-3.57.1 * postgresql14-contrib-debuginfo-14.18-3.57.1 * postgresql14-plpython-14.18-3.57.1 * postgresql14-debuginfo-14.18-3.57.1 * postgresql14-14.18-3.57.1 * postgresql14-pltcl-14.18-3.57.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch) * postgresql14-docs-14.18-3.57.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (ppc64le s390x x86_64) * postgresql14-server-devel-14.18-3.57.1 * postgresql14-server-devel-debuginfo-14.18-3.57.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * postgresql14-contrib-14.18-3.57.1 * postgresql14-pltcl-debuginfo-14.18-3.57.1 * postgresql14-debugsource-14.18-3.57.1 * postgresql14-devel-14.18-3.57.1 * postgresql14-plperl-14.18-3.57.1 * postgresql14-server-14.18-3.57.1 * postgresql14-plperl-debuginfo-14.18-3.57.1 * postgresql14-server-debuginfo-14.18-3.57.1 * postgresql14-plpython-debuginfo-14.18-3.57.1 * postgresql14-devel-debuginfo-14.18-3.57.1 * postgresql14-contrib-debuginfo-14.18-3.57.1 * postgresql14-plpython-14.18-3.57.1 * postgresql14-server-devel-14.18-3.57.1 * postgresql14-debuginfo-14.18-3.57.1 * postgresql14-server-devel-debuginfo-14.18-3.57.1 * postgresql14-14.18-3.57.1 * postgresql14-pltcl-14.18-3.57.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * postgresql14-docs-14.18-3.57.1 ## References: * https://www.suse.com/security/cve/CVE-2025-4207.html * https://bugzilla.suse.com/show_bug.cgi?id=1242931 . This notice outlines a security patch for PostgreSQL version 14 concerning a character encoding validation vulnerability classified as moderate.. PostgreSQL Security, SUSE Update, Patch Management, Software Vulnerability, Encoding Issue. . LinuxSecurity.com Team

Calendar%202 May 30, 2025 SuSE
100

SUSE Linux 12 SP5: 2025:01749-1 moderate: postgresql15 encoding issue

* bsc#1242931 Cross-References: * CVE-2025-4207 . # Security update for postgresql15 Announcement ID: SUSE-SU-2025:01749-1 Release Date: 2025-05-29T12:44:13Z Rating: moderate References: * bsc#1242931 Cross-References: * CVE-2025-4207 CVSS scores: * CVE-2025-4207 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-4207 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for postgresql15 fixes the following issues: Upgrade to 15.13: * CVE-2025-4207: Fixed PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation (bsc#1242931) Changelog: https://www.postgresql.org/docs/release/15.13/ ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-1749=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-1749=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * postgresql15-debuginfo-15.13-3.41.1 * postgresql15-server-15.13-3.41.1 * postgresql15-debugsource-15.13-3.41.1 * postgresql15-devel-debuginfo-15.13-3.41.1 * postgresql15-plperl-debuginfo-15.13-3.41.1 * postgresql15-pltcl-debuginfo-15.13-3.41.1 * postgresql15-pltcl-15.13-3.41.1 * postgresql15-server-devel-15.13-3.41.1 *postgresql15-contrib-debuginfo-15.13-3.41.1 * postgresql15-plpython-debuginfo-15.13-3.41.1 * postgresql15-devel-15.13-3.41.1 * postgresql15-plpython-15.13-3.41.1 * postgresql15-server-devel-debuginfo-15.13-3.41.1 * postgresql15-contrib-15.13-3.41.1 * postgresql15-plperl-15.13-3.41.1 * postgresql15-server-debuginfo-15.13-3.41.1 * postgresql15-15.13-3.41.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch) * postgresql15-docs-15.13-3.41.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * postgresql15-debuginfo-15.13-3.41.1 * postgresql15-server-15.13-3.41.1 * postgresql15-debugsource-15.13-3.41.1 * postgresql15-devel-debuginfo-15.13-3.41.1 * postgresql15-plperl-debuginfo-15.13-3.41.1 * postgresql15-pltcl-debuginfo-15.13-3.41.1 * postgresql15-pltcl-15.13-3.41.1 * postgresql15-server-devel-15.13-3.41.1 * postgresql15-contrib-debuginfo-15.13-3.41.1 * postgresql15-plpython-debuginfo-15.13-3.41.1 * postgresql15-devel-15.13-3.41.1 * postgresql15-plpython-15.13-3.41.1 * postgresql15-server-devel-debuginfo-15.13-3.41.1 * postgresql15-contrib-15.13-3.41.1 * postgresql15-plperl-15.13-3.41.1 * postgresql15-server-debuginfo-15.13-3.41.1 * postgresql15-15.13-3.41.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * postgresql15-docs-15.13-3.41.1 ## References: * https://www.suse.com/security/cve/CVE-2025-4207.html * https://bugzilla.suse.com/show_bug.cgi?id=1242931 . To mitigate the moderate security vulnerability in PostgreSQL 15 on SUSE systems, follow the outlined update guidance to secure your installation effectively. PostgreSQL Security Update, SUSE Patch, Enterprise Linux Fix. . LinuxSecurity.com Team

Calendar%202 May 29, 2025 SuSE
100

SUSE 15-SP7: 2025:01644-2 moderate: postgresql17 encoding issue

* bsc#1242931 Cross-References: * CVE-2025-4207 . # Security update for postgresql17 Announcement ID: SUSE-SU-2025:01644-2 Release Date: 2025-05-29T13:30:20Z Rating: moderate References: * bsc#1242931 Cross-References: * CVE-2025-4207 CVSS scores: * CVE-2025-4207 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-4207 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP7 * Server Applications Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Package Hub 15 15-SP7 An update that solves one vulnerability can now be installed. ## Description: This update for postgresql17 fixes the following issues: Upgrade to 17.5: * CVE-2025-4207: Fixed PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation (bsc#1242931) Changelog: https://www.postgresql.org/docs/release/17.5/ ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-1644=1 * SUSE Package Hub 15 15-SP7 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2025-1644=1 * Server Applications Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP7-2025-1644=1 ## Package List: * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * postgresql17-17.5-150600.13.13.1 * postgresql17-debuginfo-17.5-150600.13.13.1 * postgresql17-debugsource-17.5-150600.13.13.1 * libpq5-17.5-150600.13.13.1 * libpq5-debuginfo-17.5-150600.13.13.1 * Basesystem Module 15-SP7 (x86_64) * libpq5-32bit-debuginfo-17.5-150600.13.13.1 *libpq5-32bit-17.5-150600.13.13.1 * SUSE Package Hub 15 15-SP7 (aarch64 ppc64le s390x x86_64) * postgresql17-llvmjit-devel-17.5-150600.13.13.1 * postgresql17-llvmjit-17.5-150600.13.13.1 * postgresql17-debuginfo-17.5-150600.13.13.1 * postgresql17-llvmjit-debuginfo-17.5-150600.13.13.1 * postgresql17-test-17.5-150600.13.13.1 * postgresql17-debugsource-17.5-150600.13.13.1 * Server Applications Module 15-SP7 (aarch64 ppc64le s390x x86_64) * postgresql17-devel-17.5-150600.13.13.1 * postgresql17-plperl-debuginfo-17.5-150600.13.13.1 * postgresql17-plperl-17.5-150600.13.13.1 * postgresql17-pltcl-debuginfo-17.5-150600.13.13.1 * postgresql17-contrib-17.5-150600.13.13.1 * postgresql17-debugsource-17.5-150600.13.13.1 * postgresql17-devel-debuginfo-17.5-150600.13.13.1 * postgresql17-pltcl-17.5-150600.13.13.1 * postgresql17-server-debuginfo-17.5-150600.13.13.1 * postgresql17-debuginfo-17.5-150600.13.13.1 * postgresql17-server-17.5-150600.13.13.1 * postgresql17-server-devel-17.5-150600.13.13.1 * postgresql17-plpython-17.5-150600.13.13.1 * postgresql17-plpython-debuginfo-17.5-150600.13.13.1 * postgresql17-server-devel-debuginfo-17.5-150600.13.13.1 * libecpg6-debuginfo-17.5-150600.13.13.1 * libecpg6-17.5-150600.13.13.1 * postgresql17-contrib-debuginfo-17.5-150600.13.13.1 * Server Applications Module 15-SP7 (noarch) * postgresql17-docs-17.5-150600.13.13.1 ## References: * https://www.suse.com/security/cve/CVE-2025-4207.html * https://bugzilla.suse.com/show_bug.cgi?id=1242931 . PostgreSQL version 17.5 introduces a security patch that resolves an encoding validation vulnerability. Find further information on the fix here.. PostgreSQL, SUSE, security update, encoding validation, update instructions. . LinuxSecurity.com Team

Calendar%202 May 29, 2025 SuSE
89

Fedora 41 - FEDORA-2025-d5e2376a90 critical: ghostscript encoding issue

CVE-2025-46646 ghostscript: Mishandling of Overlong UTF-8 Encoding in decode_utf8() (fedora#2362639, fedora#2362446). -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-d5e2376a90 2025-05-24 01:46:25.887874+00:00 -------------------------------------------------------------------------------- Name : ghostscript Product : Fedora 41 Version : 10.03.1 Release : 6.fc41 URL : https://ghostscript.com/ Summary : Interpreter for PostScript language & PDF Description : This package provides useful conversion utilities based on Ghostscript software, for converting PS, PDF and other document formats between each other. Ghostscript is a suite of software providing an interpreter for Adobe Systems' PostScript (PS) and Portable Document Format (PDF) page description languages. Its primary purpose includes displaying (rasterization & rendering) and printing of document pages, as well as conversions between different document formats. -------------------------------------------------------------------------------- Update Information: CVE-2025-46646 ghostscript: Mishandling of Overlong UTF-8 Encoding in decode_utf8() (fedora#2362639, fedora#2362446) -------------------------------------------------------------------------------- ChangeLog: * Mon May 19 2025 Zdenek Dohnal - 10.03.1-6 - CVE-2025-46646 ghostscript: Mishandling of Overlong UTF-8 Encoding in decode_utf8() (fedora#2362639, fedora#2362446) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2362446 - CVE-2025-46646 Ghostscript: Mishandling of Overlong UTF-8 Encoding in Artifex Ghostscript's decode_utf8 Function https://bugzilla.redhat.com/show_bug.cgi?id=2362446 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-d5e2376a90' atthe command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue . Fedora 41 now includes a patch for ghostscript, correcting its inadequate handling of UTF-8 encoding vulnerabilities, critical for maintaining user security.. ghostscript update, Fedora 41 security, UTF-8 encoding issue, critical software update, security patch release. . LinuxSecurity.com Team

Calendar%202 May 24, 2025 Fedora
100

openSUSE Leap 15.6: SUSE-SU-2025:01654-1 moderate PostgreSQL encoding fix

* bsc#1242931 Cross-References: * CVE-2025-4207 . # Security update for postgresql13 Announcement ID: SUSE-SU-2025:01654-1 Release Date: 2025-05-22T10:52:10Z Rating: moderate References: * bsc#1242931 Cross-References: * CVE-2025-4207 CVSS scores: * CVE-2025-4207 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-4207 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.6 An update that solves one vulnerability can now be installed. ## Description: This update for postgresql13 fixes the following issues: Upgrade to 13.21: * CVE-2025-4207: Fixed PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation (bsc#1242931) Changelog: https://www.postgresql.org/docs/release/13.21/ ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1654=1 SUSE-2025-1654=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * postgresql13-llvmjit-13.21-150600.14.8.1 * postgresql13-server-debuginfo-13.21-150600.14.8.1 * postgresql13-contrib-debuginfo-13.21-150600.14.8.1 * postgresql13-server-devel-debuginfo-13.21-150600.14.8.1 * postgresql13-contrib-13.21-150600.14.8.1 * postgresql13-server-13.21-150600.14.8.1 * postgresql13-devel-debuginfo-13.21-150600.14.8.1 * postgresql13-debugsource-13.21-150600.14.8.1 * postgresql13-plperl-debuginfo-13.21-150600.14.8.1 * postgresql13-plpython-debuginfo-13.21-150600.14.8.1 * postgresql13-13.21-150600.14.8.1 * postgresql13-pltcl-debuginfo-13.21-150600.14.8.1 * postgresql13-test-13.21-150600.14.8.1 * postgresql13-debuginfo-13.21-150600.14.8.1 * postgresql13-llvmjit-debuginfo-13.21-150600.14.8.1 *postgresql13-devel-13.21-150600.14.8.1 * postgresql13-llvmjit-devel-13.21-150600.14.8.1 * postgresql13-plperl-13.21-150600.14.8.1 * postgresql13-plpython-13.21-150600.14.8.1 * postgresql13-server-devel-13.21-150600.14.8.1 * postgresql13-pltcl-13.21-150600.14.8.1 * openSUSE Leap 15.6 (noarch) * postgresql13-docs-13.21-150600.14.8.1 ## References: * https://www.suse.com/security/cve/CVE-2025-4207.html * https://bugzilla.suse.com/show_bug.cgi?id=1242931 . SUSE releases a minor security patch for postgresql13 to tackle encoding vulnerabilities. Update your installation to enhance system protection.. PostgreSQL Update, SUSE Security Fix, Database Security. . LinuxSecurity.com Team

Calendar%202 May 22, 2025 SuSE
202

openSUSE 15.6: SUSE-SU-2025:01644-1 moderate: postgresql17 encoding issue

An update that solves one vulnerability can now be installed.. # Security update for postgresql17 Announcement ID: SUSE-SU-2025:01644-1 Release Date: 2025-05-21T14:35:27Z Rating: moderate References: * bsc#1242931 Cross-References: * CVE-2025-4207 CVSS scores: * CVE-2025-4207 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-4207 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP6 An update that solves one vulnerability can now be installed. ## Description: This update for postgresql17 fixes the following issues: Upgrade to 17.5: * CVE-2025-4207: Fixed PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation (bsc#1242931) Changelog: https://www.postgresql.org/docs/release/17.5/ ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-1644=1 openSUSE-SLE-15.6-2025-1644=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-1644=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-1644=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-1644=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * postgresql17-pltcl-debuginfo-17.5-150600.13.13.1 * postgresql17-contrib-17.5-150600.13.13.1 * postgresql17-pltcl-17.5-150600.13.13.1 *postgresql17-llvmjit-devel-17.5-150600.13.13.1 * postgresql17-devel-mini-debuginfo-17.5-150600.13.13.1 * postgresql17-llvmjit-debuginfo-17.5-150600.13.13.1 * postgresql17-plpython-17.5-150600.13.13.1 * postgresql17-server-devel-17.5-150600.13.13.1 * postgresql17-devel-debuginfo-17.5-150600.13.13.1 * postgresql17-mini-debugsource-17.5-150600.13.13.1 * postgresql17-test-17.5-150600.13.13.1 * postgresql17-devel-17.5-150600.13.13.1 * postgresql17-debuginfo-17.5-150600.13.13.1 * postgresql17-plperl-17.5-150600.13.13.1 * libecpg6-17.5-150600.13.13.1 * postgresql17-server-devel-debuginfo-17.5-150600.13.13.1 * postgresql17-plpython-debuginfo-17.5-150600.13.13.1 * postgresql17-llvmjit-17.5-150600.13.13.1 * libpq5-17.5-150600.13.13.1 * postgresql17-contrib-debuginfo-17.5-150600.13.13.1 * postgresql17-17.5-150600.13.13.1 * postgresql17-server-debuginfo-17.5-150600.13.13.1 * libecpg6-debuginfo-17.5-150600.13.13.1 * libpq5-debuginfo-17.5-150600.13.13.1 * postgresql17-debugsource-17.5-150600.13.13.1 * postgresql17-server-17.5-150600.13.13.1 * postgresql17-plperl-debuginfo-17.5-150600.13.13.1 * postgresql17-devel-mini-17.5-150600.13.13.1 * openSUSE Leap 15.6 (x86_64) * libpq5-32bit-debuginfo-17.5-150600.13.13.1 * libecpg6-32bit-debuginfo-17.5-150600.13.13.1 * libecpg6-32bit-17.5-150600.13.13.1 * libpq5-32bit-17.5-150600.13.13.1 * openSUSE Leap 15.6 (noarch) * postgresql17-docs-17.5-150600.13.13.1 * openSUSE Leap 15.6 (aarch64_ilp32) * libpq5-64bit-debuginfo-17.5-150600.13.13.1 * libecpg6-64bit-17.5-150600.13.13.1 * libpq5-64bit-17.5-150600.13.13.1 * libecpg6-64bit-debuginfo-17.5-150600.13.13.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libpq5-debuginfo-17.5-150600.13.13.1 * postgresql17-debugsource-17.5-150600.13.13.1 * libpq5-17.5-150600.13.13.1 * postgresql17-17.5-150600.13.13.1 * postgresql17-debuginfo-17.5-150600.13.13.1 * Basesystem Module 15-SP6(x86_64) * libpq5-32bit-17.5-150600.13.13.1 * libpq5-32bit-debuginfo-17.5-150600.13.13.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64) * postgresql17-debugsource-17.5-150600.13.13.1 * postgresql17-llvmjit-17.5-150600.13.13.1 * postgresql17-llvmjit-debuginfo-17.5-150600.13.13.1 * postgresql17-llvmjit-devel-17.5-150600.13.13.1 * postgresql17-test-17.5-150600.13.13.1 * postgresql17-debuginfo-17.5-150600.13.13.1 * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * postgresql17-server-debuginfo-17.5-150600.13.13.1 * libecpg6-debuginfo-17.5-150600.13.13.1 * postgresql17-server-17.5-150600.13.13.1 * postgresql17-debugsource-17.5-150600.13.13.1 * postgresql17-plperl-17.5-150600.13.13.1 * libecpg6-17.5-150600.13.13.1 * postgresql17-pltcl-debuginfo-17.5-150600.13.13.1 * postgresql17-plpython-debuginfo-17.5-150600.13.13.1 * postgresql17-server-devel-debuginfo-17.5-150600.13.13.1 * postgresql17-contrib-17.5-150600.13.13.1 * postgresql17-plperl-debuginfo-17.5-150600.13.13.1 * postgresql17-plpython-17.5-150600.13.13.1 * postgresql17-devel-17.5-150600.13.13.1 * postgresql17-pltcl-17.5-150600.13.13.1 * postgresql17-server-devel-17.5-150600.13.13.1 * postgresql17-devel-debuginfo-17.5-150600.13.13.1 * postgresql17-contrib-debuginfo-17.5-150600.13.13.1 * postgresql17-debuginfo-17.5-150600.13.13.1 * Server Applications Module 15-SP6 (noarch) * postgresql17-docs-17.5-150600.13.13.1 ## References: * https://www.suse.com/security/cve/CVE-2025-4207.html * https://bugzilla.suse.com/show_bug.cgi?id=1242931 . Tackling the character set challenges in postgresql17, this revision guarantees reliability and resolves key security flaws.. postgresql security, openSUSE patch, moderate severity issues, encoding validation fixes. . LinuxSecurity.com Team

Calendar%202 May 21, 2025 OpenSUSE
203

Mageia 9: MGASA-2025-0064 moderate: PostgreSQL encoding issue

PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding validation. (CVE-2025-1094) References: - https://bugs.mageia.org/show_bug.cgi?id=34018 . MGASA-2025-0064 - Updated postgresql15 & postgresql13 packages fix security vulnerability Publication date: 14 Feb 2025 URL: https://advisories.mageia.org/MGASA-2025-0064.html Type: security Affected Mageia releases: 9 CVE: CVE-2025-1094 PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding validation. (CVE-2025-1094) References: - https://bugs.mageia.org/show_bug.cgi?id=34018 - https://www.postgresql.org/about/news/postgresql-173-167-1511-1416-and-1319-released-3015/ - https://www.cve.org/CVERecord?id=CVE-2025-1094 SRPMS: - 9/core/postgresql15-15.11-1.mga9 - 9/core/postgresql13-13.19-1.mga9 . Improvements for PostgreSQL versions 15 and 13 have been implemented to resolve security vulnerabilities in Mageia release 9. Discover further details here.. PostgreSQL Security Updates,Mageia Security Advisory,Encoding Vulnerability Fix. . LinuxSecurity.com Team

Calendar%202 Feb 14, 2025 Mageia
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Can sandbox isolation stop malware?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/154-can-sandbox-isolation-stop-malware?task=poll.vote&format=json
154
radio
0
[{"id":497,"title":"Breaches happen despite container barriers.","votes":0,"type":"x","order":1,"pct":0,"resources":[]},{"id":498,"title":"Supply chain flaws exploit trust.","votes":2,"type":"x","order":2,"pct":100,"resources":[]},{"id":499,"title":"Flawed configurations expose vital files.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Your message here