Explore top 10 tips to secure your open-source projects now. Read More
×
The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2025-3978 http://linux.oracle.com/errata/ELSA-2025-3978.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: x86_64: postgresql-9.2.24-9.0.5.el7_9.i686.rpm postgresql-9.2.24-9.0.5.el7_9.x86_64.rpm postgresql-contrib-9.2.24-9.0.5.el7_9.x86_64.rpm postgresql-devel-9.2.24-9.0.5.el7_9.i686.rpm postgresql-devel-9.2.24-9.0.5.el7_9.x86_64.rpm postgresql-docs-9.2.24-9.0.5.el7_9.x86_64.rpm postgresql-libs-9.2.24-9.0.5.el7_9.i686.rpm postgresql-libs-9.2.24-9.0.5.el7_9.x86_64.rpm postgresql-plperl-9.2.24-9.0.5.el7_9.x86_64.rpm postgresql-plpython-9.2.24-9.0.5.el7_9.x86_64.rpm postgresql-pltcl-9.2.24-9.0.5.el7_9.x86_64.rpm postgresql-server-9.2.24-9.0.5.el7_9.x86_64.rpm postgresql-static-9.2.24-9.0.5.el7_9.i686.rpm postgresql-static-9.2.24-9.0.5.el7_9.x86_64.rpm postgresql-test-9.2.24-9.0.5.el7_9.x86_64.rpm postgresql-upgrade-9.2.24-9.0.5.el7_9.x86_64.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates/postgresql-9.2.24-9.0.5.el7_9.src.rpm Related CVEs: CVE-2025-1094 Description of changes: [9.2.24-9.0.5] - Resolves CVE-2025-1094: Improper neutralization of quoting syntax in certain - libpq functions [Orabug: 37843176] _______________________________________________ El-errata mailing list
* bsc#1242931 Cross-References: * CVE-2025-4207 . # Security update for postgresql16 Announcement ID: SUSE-SU-2025:01766-2 Release Date: 2025-06-04T13:37:51Z Rating: moderate References: * bsc#1242931 Cross-References: * CVE-2025-4207 CVSS scores: * CVE-2025-4207 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-4207 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Legacy Module 15-SP7 * Server Applications Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Package Hub 15 15-SP7 An update that solves one vulnerability can now be installed. ## Description: This update for postgresql16 fixes the following issues: Upgrade to 16.9: * CVE-2025-4207: Fixed PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation (bsc#1242931) Changelog: https://www.postgresql.org/docs/release/16.9/ ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Legacy Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Legacy-15-SP7-2025-1766=1 * SUSE Package Hub 15 15-SP7 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2025-1766=1 * Server Applications Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP7-2025-1766=1 ## Package List: * Legacy Module 15-SP7 (aarch64 ppc64le s390x x86_64) * postgresql16-debugsource-16.9-150600.16.18.1 * postgresql16-contrib-debuginfo-16.9-150600.16.18.1 * postgresql16-debuginfo-16.9-150600.16.18.1 * postgresql16-devel-16.9-150600.16.18.1 * postgresql16-contrib-16.9-150600.16.18.1 * postgresql16-devel-debuginfo-16.9-150600.16.18.1 * SUSE Package Hub 1515-SP7 (aarch64 ppc64le s390x x86_64) * postgresql16-llvmjit-16.9-150600.16.18.1 * postgresql16-debugsource-16.9-150600.16.18.1 * postgresql16-llvmjit-debuginfo-16.9-150600.16.18.1 * postgresql16-test-16.9-150600.16.18.1 * postgresql16-debuginfo-16.9-150600.16.18.1 * postgresql16-llvmjit-devel-16.9-150600.16.18.1 * Server Applications Module 15-SP7 (aarch64 ppc64le s390x x86_64) * postgresql16-debugsource-16.9-150600.16.18.1 * postgresql16-server-debuginfo-16.9-150600.16.18.1 * postgresql16-debuginfo-16.9-150600.16.18.1 * postgresql16-16.9-150600.16.18.1 * postgresql16-server-16.9-150600.16.18.1 ## References: * https://www.suse.com/security/cve/CVE-2025-4207.html * https://bugzilla.suse.com/show_bug.cgi?id=1242931 . SUSE's release for postgresql16 addresses several moderate vulnerabilities, enhancing encoding verification. Upgrade advised.. postgresql16 security patch, SUSE Linux update, encoding validation fix. . LinuxSecurity.com Team
* bsc#1219340 * bsc#1230423 * bsc#1233323 * bsc#1233325 * bsc#1233326 . # Security update for postgresql, postgresql16, postgresql17 Announcement ID: SUSE-SU-2025:01799-1 Release Date: 2025-06-02T13:28:51Z Rating: important References: * bsc#1219340 * bsc#1230423 * bsc#1233323 * bsc#1233325 * bsc#1233326 * bsc#1233327 * jsc#PED-11514 Cross-References: * CVE-2024-10976 * CVE-2024-10977 * CVE-2024-10978 * CVE-2024-10979 CVSS scores: * CVE-2024-10976 ( SUSE ): 4.2 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2024-10976 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2024-10976 ( NVD ): 4.2 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2024-10977 ( SUSE ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N * CVE-2024-10977 ( NVD ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N * CVE-2024-10977 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2024-10978 ( SUSE ): 4.2 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2024-10978 ( NVD ): 4.2 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2024-10978 ( NVD ): 4.2 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2024-10979 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-10979 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-10979 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves four vulnerabilities, contains one feature and has two security fixes can now be installed. ## Description: This update for postgresql, postgresql16, postgresql17 fixes the following issues: This update ships postgresql17 , and fixes security issues with postgresql16: * bsc#1230423: Relax thedependency of extensions on the server version from exact major.minor to greater or equal, after Tom Lane confirmed on the PostgreSQL packagers list that ABI stability is being taken care of between minor releases. * bsc#1219340: The last fix was not correct. Improve it by removing the dependency again and call fillup only if it is installed. postgresql16 was updated to 16.6: * Repair ABI break for extensions that work with struct ResultRelInfo. * Restore functionality of ALTER {ROLE|DATABASE} SET role. * Fix cases where a logical replication slot's restart_lsn could go backwards. * Avoid deleting still-needed WAL files during pg_rewind. * Fix race conditions associated with dropping shared statistics entries. * Count index scans in contrib/bloom indexes in the statistics views, such as the pg_stat_user_indexes.idx_scan counter. * Fix crash when checking to see if an index's opclass options have changed. * Avoid assertion failure caused by disconnected NFA sub-graphs in regular expression parsing. * https://www.postgresql.org/docs/release/16.6/ postgresql16 was updated to 16.5: * CVE-2024-10976, bsc#1233323: Ensure cached plans are marked as dependent on the calling role when RLS applies to a non-top-level table reference. * CVE-2024-10977, bsc#1233325: Make libpq discard error messages received during SSL or GSS protocol negotiation. * CVE-2024-10978, bsc#1233326: Fix unintended interactions between SET SESSION AUTHORIZATION and SET ROLE * CVE-2024-10979, bsc#1233327: Prevent trusted PL/Perl code from changing environment variables. * https://www.postgresql.org/about/news/postgresql-171-165-159-1414-1317-and-1221-released-2955/ * https://www.postgresql.org/docs/release/16.5/ * Don't build the libs and mini flavor anymore to hand over to PostgreSQL 17. * https://www.postgresql.org/about/news/postgresql-164-158-1413-1316-1220-and-17-beta-3-released-2910/ postgresql17 is shipped in version 17.2: * CVE-2024-10976, bsc#1233323: Ensure cached plans aremarked as dependent on the calling role when RLS applies to a non-top-level table reference. * CVE-2024-10977, bsc#1233325: Make libpq discard error messages received during SSL or GSS protocol negotiation. * CVE-2024-10978, bsc#1233326: Fix unintended interactions between SET SESSION AUTHORIZATION and SET ROLE * CVE-2024-10979, bsc#1233327: Prevent trusted PL/Perl code from changing environment variables. * https://www.postgresql.org/about/news/postgresql-171-165-159-1414-1317-and-1221-released-2955/ * https://www.postgresql.org/docs/release/17.1/ * https://www.postgresql.org/docs/release/17.2/ Upgrade to 17.2: * Repair ABI break for extensions that work with struct ResultRelInfo. * Restore functionality of ALTER {ROLE|DATABASE} SET role. * Fix cases where a logical replication slot's restart_lsn could go backwards. * Avoid deleting still-needed WAL files during pg_rewind. * Fix race conditions associated with dropping shared statistics entries. * Count index scans in contrib/bloom indexes in the statistics views, such as the pg_stat_user_indexes.idx_scan counter. * Fix crash when checking to see if an index's opclass options have changed. * Avoid assertion failure caused by disconnected NFA sub-graphs in regular expression parsing. Upgrade to 17.0: * New memory management system for VACUUM, which reduces memory consumption and can improve overall vacuuming performance. * New SQL/JSON capabilities, including constructors, identity functions, and the JSON_TABLE() function, which converts JSON data into a table representation. * Various query performance improvements, including for sequential reads using streaming I/O, write throughput under high concurrency, and searches over multiple values in a btree index. * Logical replication enhancements, including: * Failover control * pg_createsubscriber, a utility that creates logical replicas from physical standbys * pg_upgrade now preserves replication slots on bothpublishers and subscribers * New client-side connection option, sslnegotiation=direct, that performs a direct TLS handshake to avoid a round-trip negotiation. * pg_basebackup now supports incremental backup. * COPY adds a new option, ON_ERROR ignore, that allows a copy operation to continue in the event of an error. * https://www.postgresql.org/about/news/postgresql-17-released-2936/ * https://www.postgresql.org/docs/17/release-17.html ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-1799=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-1799=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * libecpg6-debuginfo-17.2-3.5.1 * postgresql16-contrib-debuginfo-16.6-3.21.1 * postgresql16-plperl-16.6-3.21.1 * postgresql16-plperl-debuginfo-16.6-3.21.1 * postgresql16-devel-16.6-3.21.1 * libpq5-17.2-3.5.1 * postgresql16-pltcl-debuginfo-16.6-3.21.1 * postgresql16-contrib-16.6-3.21.1 * postgresql16-16.6-3.21.1 * postgresql16-server-devel-debuginfo-16.6-3.21.1 * postgresql16-devel-debuginfo-16.6-3.21.1 * postgresql16-server-debuginfo-16.6-3.21.1 * postgresql16-plpython-16.6-3.21.1 * postgresql16-debuginfo-16.6-3.21.1 * libpq5-debuginfo-17.2-3.5.1 * postgresql16-plpython-debuginfo-16.6-3.21.1 * postgresql16-server-devel-16.6-3.21.1 * postgresql16-server-16.6-3.21.1 * postgresql16-pltcl-16.6-3.21.1 * postgresql16-debugsource-16.6-3.21.1 * libecpg6-17.2-3.5.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch) * postgresql-docs-17-4.29.1 * postgresql-devel-17-4.29.1 * postgresql-server-17-4.29.1 *postgresql-server-devel-17-4.29.1 * postgresql-pltcl-17-4.29.1 * postgresql-plpython-17-4.29.1 * postgresql16-docs-16.6-3.21.1 * postgresql-17-4.29.1 * postgresql-contrib-17-4.29.1 * postgresql-plperl-17-4.29.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (s390x x86_64) * libecpg6-32bit-17.2-3.5.1 * libpq5-32bit-17.2-3.5.1 * libpq5-debuginfo-32bit-17.2-3.5.1 * libecpg6-debuginfo-32bit-17.2-3.5.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * libecpg6-debuginfo-17.2-3.5.1 * postgresql16-contrib-debuginfo-16.6-3.21.1 * postgresql16-plperl-16.6-3.21.1 * postgresql16-plperl-debuginfo-16.6-3.21.1 * postgresql16-devel-16.6-3.21.1 * libpq5-17.2-3.5.1 * libecpg6-debuginfo-32bit-17.2-3.5.1 * postgresql16-pltcl-debuginfo-16.6-3.21.1 * postgresql16-contrib-16.6-3.21.1 * postgresql16-16.6-3.21.1 * postgresql16-server-devel-debuginfo-16.6-3.21.1 * postgresql16-devel-debuginfo-16.6-3.21.1 * postgresql16-server-debuginfo-16.6-3.21.1 * postgresql16-plpython-16.6-3.21.1 * postgresql16-debuginfo-16.6-3.21.1 * libpq5-debuginfo-32bit-17.2-3.5.1 * libpq5-debuginfo-17.2-3.5.1 * postgresql16-plpython-debuginfo-16.6-3.21.1 * postgresql16-server-devel-16.6-3.21.1 * postgresql16-server-16.6-3.21.1 * libecpg6-32bit-17.2-3.5.1 * postgresql16-pltcl-16.6-3.21.1 * postgresql16-debugsource-16.6-3.21.1 * libpq5-32bit-17.2-3.5.1 * libecpg6-17.2-3.5.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * postgresql-docs-17-4.29.1 * postgresql-devel-17-4.29.1 * postgresql-server-17-4.29.1 * postgresql-server-devel-17-4.29.1 * postgresql-pltcl-17-4.29.1 * postgresql-plpython-17-4.29.1 * postgresql16-docs-16.6-3.21.1 * postgresql-17-4.29.1 * postgresql-contrib-17-4.29.1 * postgresql-plperl-17-4.29.1 ## References: * https://www.suse.com/security/cve/CVE-2024-10976.html *https://www.suse.com/security/cve/CVE-2024-10977.html * https://www.suse.com/security/cve/CVE-2024-10978.html * https://www.suse.com/security/cve/CVE-2024-10979.html * https://bugzilla.suse.com/show_bug.cgi?id=1219340 * https://bugzilla.suse.com/show_bug.cgi?id=1230423 * https://bugzilla.suse.com/show_bug.cgi?id=1233323 * https://bugzilla.suse.com/show_bug.cgi?id=1233325 * https://bugzilla.suse.com/show_bug.cgi?id=1233326 * https://bugzilla.suse.com/show_bug.cgi?id=1233327 * https://jira.suse.com/login.jsp?permissionViolation=true&os_destination=%2Fbrowse%2FPED-11514&page_caps=&user_role= . Important security update for PostgreSQL on SUSE addresses multiple critical issues affecting server integrity.. PostgreSQL Security Update, SUSE Important Patch, PostgreSQL Version Security, SUSE Security Advisory. . Severity: Important. LinuxSecurity.com Team
* bsc#1242931 Cross-References: * CVE-2025-4207 . # Security update for postgresql15 Announcement ID: SUSE-SU-2025:01785-1 Release Date: 2025-05-30T16:11:28Z Rating: moderate References: * bsc#1242931 Cross-References: * CVE-2025-4207 CVSS scores: * CVE-2025-4207 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-4207 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for postgresql15 fixes the following issues: Upgrade to 15.13: * CVE-2025-4207: Fixed PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation (bsc#1242931) Changelog: https://www.postgresql.org/docs/release/15.13/ ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-1785=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1785=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1785=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1785=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1785=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-1785=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1785=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1785=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-1785=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1785=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1785=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-1785=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-1785=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-1785=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-1785=1 ## Package List: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) *postgresql15-debuginfo-15.13-150200.5.41.1 * postgresql15-devel-15.13-150200.5.41.1 * postgresql15-plpython-debuginfo-15.13-150200.5.41.1 * postgresql15-server-15.13-150200.5.41.1 * postgresql15-server-debuginfo-15.13-150200.5.41.1 * postgresql15-contrib-debuginfo-15.13-150200.5.41.1 * postgresql15-plpython-15.13-150200.5.41.1 * postgresql15-devel-debuginfo-15.13-150200.5.41.1 * postgresql15-plperl-debuginfo-15.13-150200.5.41.1 * postgresql15-server-devel-15.13-150200.5.41.1 * postgresql15-contrib-15.13-150200.5.41.1 * postgresql15-pltcl-debuginfo-15.13-150200.5.41.1 * postgresql15-debugsource-15.13-150200.5.41.1 * postgresql15-plperl-15.13-150200.5.41.1 * postgresql15-15.13-150200.5.41.1 * postgresql15-pltcl-15.13-150200.5.41.1 * postgresql15-server-devel-debuginfo-15.13-150200.5.41.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * postgresql15-docs-15.13-150200.5.41.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * postgresql15-debuginfo-15.13-150200.5.41.1 * postgresql15-devel-15.13-150200.5.41.1 * postgresql15-plpython-debuginfo-15.13-150200.5.41.1 * postgresql15-server-15.13-150200.5.41.1 * postgresql15-server-debuginfo-15.13-150200.5.41.1 * postgresql15-contrib-debuginfo-15.13-150200.5.41.1 * postgresql15-plpython-15.13-150200.5.41.1 * postgresql15-devel-debuginfo-15.13-150200.5.41.1 * postgresql15-plperl-debuginfo-15.13-150200.5.41.1 * postgresql15-server-devel-15.13-150200.5.41.1 * postgresql15-contrib-15.13-150200.5.41.1 * postgresql15-pltcl-debuginfo-15.13-150200.5.41.1 * postgresql15-debugsource-15.13-150200.5.41.1 * postgresql15-plperl-15.13-150200.5.41.1 * postgresql15-15.13-150200.5.41.1 * postgresql15-pltcl-15.13-150200.5.41.1 * postgresql15-server-devel-debuginfo-15.13-150200.5.41.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) *postgresql15-docs-15.13-150200.5.41.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * postgresql15-debuginfo-15.13-150200.5.41.1 * postgresql15-devel-15.13-150200.5.41.1 * postgresql15-plpython-debuginfo-15.13-150200.5.41.1 * postgresql15-server-15.13-150200.5.41.1 * postgresql15-server-debuginfo-15.13-150200.5.41.1 * postgresql15-contrib-debuginfo-15.13-150200.5.41.1 * postgresql15-plpython-15.13-150200.5.41.1 * postgresql15-devel-debuginfo-15.13-150200.5.41.1 * postgresql15-plperl-debuginfo-15.13-150200.5.41.1 * postgresql15-server-devel-15.13-150200.5.41.1 * postgresql15-contrib-15.13-150200.5.41.1 * postgresql15-pltcl-debuginfo-15.13-150200.5.41.1 * postgresql15-debugsource-15.13-150200.5.41.1 * postgresql15-plperl-15.13-150200.5.41.1 * postgresql15-15.13-150200.5.41.1 * postgresql15-pltcl-15.13-150200.5.41.1 * postgresql15-server-devel-debuginfo-15.13-150200.5.41.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * postgresql15-docs-15.13-150200.5.41.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * postgresql15-debuginfo-15.13-150200.5.41.1 * postgresql15-devel-15.13-150200.5.41.1 * postgresql15-plpython-debuginfo-15.13-150200.5.41.1 * postgresql15-server-15.13-150200.5.41.1 * postgresql15-server-debuginfo-15.13-150200.5.41.1 * postgresql15-contrib-debuginfo-15.13-150200.5.41.1 * postgresql15-plpython-15.13-150200.5.41.1 * postgresql15-devel-debuginfo-15.13-150200.5.41.1 * postgresql15-plperl-debuginfo-15.13-150200.5.41.1 * postgresql15-server-devel-15.13-150200.5.41.1 * postgresql15-contrib-15.13-150200.5.41.1 * postgresql15-pltcl-debuginfo-15.13-150200.5.41.1 * postgresql15-debugsource-15.13-150200.5.41.1 * postgresql15-plperl-15.13-150200.5.41.1 * postgresql15-15.13-150200.5.41.1 * postgresql15-pltcl-15.13-150200.5.41.1 *postgresql15-server-devel-debuginfo-15.13-150200.5.41.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * postgresql15-docs-15.13-150200.5.41.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * postgresql15-debuginfo-15.13-150200.5.41.1 * postgresql15-devel-15.13-150200.5.41.1 * postgresql15-plpython-debuginfo-15.13-150200.5.41.1 * postgresql15-server-15.13-150200.5.41.1 * postgresql15-server-debuginfo-15.13-150200.5.41.1 * postgresql15-contrib-debuginfo-15.13-150200.5.41.1 * postgresql15-plpython-15.13-150200.5.41.1 * postgresql15-devel-debuginfo-15.13-150200.5.41.1 * postgresql15-plperl-debuginfo-15.13-150200.5.41.1 * postgresql15-server-devel-15.13-150200.5.41.1 * postgresql15-contrib-15.13-150200.5.41.1 * postgresql15-pltcl-debuginfo-15.13-150200.5.41.1 * postgresql15-debugsource-15.13-150200.5.41.1 * postgresql15-plperl-15.13-150200.5.41.1 * postgresql15-15.13-150200.5.41.1 * postgresql15-pltcl-15.13-150200.5.41.1 * postgresql15-server-devel-debuginfo-15.13-150200.5.41.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * postgresql15-docs-15.13-150200.5.41.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * postgresql15-debuginfo-15.13-150200.5.41.1 * postgresql15-devel-15.13-150200.5.41.1 * postgresql15-plpython-debuginfo-15.13-150200.5.41.1 * postgresql15-server-15.13-150200.5.41.1 * postgresql15-server-debuginfo-15.13-150200.5.41.1 * postgresql15-contrib-debuginfo-15.13-150200.5.41.1 * postgresql15-plpython-15.13-150200.5.41.1 * postgresql15-devel-debuginfo-15.13-150200.5.41.1 * postgresql15-plperl-debuginfo-15.13-150200.5.41.1 * postgresql15-server-devel-15.13-150200.5.41.1 * postgresql15-contrib-15.13-150200.5.41.1 * postgresql15-pltcl-debuginfo-15.13-150200.5.41.1 * postgresql15-debugsource-15.13-150200.5.41.1 * postgresql15-plperl-15.13-150200.5.41.1 * postgresql15-15.13-150200.5.41.1 * postgresql15-pltcl-15.13-150200.5.41.1 * postgresql15-server-devel-debuginfo-15.13-150200.5.41.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch) * postgresql15-docs-15.13-150200.5.41.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * postgresql15-debuginfo-15.13-150200.5.41.1 * postgresql15-devel-15.13-150200.5.41.1 * postgresql15-plpython-debuginfo-15.13-150200.5.41.1 * postgresql15-server-15.13-150200.5.41.1 * postgresql15-server-debuginfo-15.13-150200.5.41.1 * postgresql15-contrib-debuginfo-15.13-150200.5.41.1 * postgresql15-plpython-15.13-150200.5.41.1 * postgresql15-devel-debuginfo-15.13-150200.5.41.1 * postgresql15-plperl-debuginfo-15.13-150200.5.41.1 * postgresql15-server-devel-15.13-150200.5.41.1 * postgresql15-contrib-15.13-150200.5.41.1 * postgresql15-pltcl-debuginfo-15.13-150200.5.41.1 * postgresql15-debugsource-15.13-150200.5.41.1 * postgresql15-plperl-15.13-150200.5.41.1 * postgresql15-15.13-150200.5.41.1 * postgresql15-pltcl-15.13-150200.5.41.1 * postgresql15-server-devel-debuginfo-15.13-150200.5.41.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * postgresql15-docs-15.13-150200.5.41.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * postgresql15-debuginfo-15.13-150200.5.41.1 * postgresql15-devel-15.13-150200.5.41.1 * postgresql15-plpython-debuginfo-15.13-150200.5.41.1 * postgresql15-server-15.13-150200.5.41.1 * postgresql15-server-debuginfo-15.13-150200.5.41.1 * postgresql15-contrib-debuginfo-15.13-150200.5.41.1 * postgresql15-plpython-15.13-150200.5.41.1 * postgresql15-devel-debuginfo-15.13-150200.5.41.1 * postgresql15-plperl-debuginfo-15.13-150200.5.41.1 * postgresql15-server-devel-15.13-150200.5.41.1 * postgresql15-contrib-15.13-150200.5.41.1 * postgresql15-pltcl-debuginfo-15.13-150200.5.41.1 * postgresql15-debugsource-15.13-150200.5.41.1 *postgresql15-plperl-15.13-150200.5.41.1 * postgresql15-15.13-150200.5.41.1 * postgresql15-pltcl-15.13-150200.5.41.1 * postgresql15-server-devel-debuginfo-15.13-150200.5.41.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * postgresql15-docs-15.13-150200.5.41.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * postgresql15-debuginfo-15.13-150200.5.41.1 * postgresql15-devel-15.13-150200.5.41.1 * postgresql15-plpython-debuginfo-15.13-150200.5.41.1 * postgresql15-server-15.13-150200.5.41.1 * postgresql15-server-debuginfo-15.13-150200.5.41.1 * postgresql15-contrib-debuginfo-15.13-150200.5.41.1 * postgresql15-plpython-15.13-150200.5.41.1 * postgresql15-devel-debuginfo-15.13-150200.5.41.1 * postgresql15-plperl-debuginfo-15.13-150200.5.41.1 * postgresql15-server-devel-15.13-150200.5.41.1 * postgresql15-contrib-15.13-150200.5.41.1 * postgresql15-pltcl-debuginfo-15.13-150200.5.41.1 * postgresql15-debugsource-15.13-150200.5.41.1 * postgresql15-plperl-15.13-150200.5.41.1 * postgresql15-15.13-150200.5.41.1 * postgresql15-pltcl-15.13-150200.5.41.1 * postgresql15-server-devel-debuginfo-15.13-150200.5.41.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * postgresql15-docs-15.13-150200.5.41.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * postgresql15-debuginfo-15.13-150200.5.41.1 * postgresql15-devel-15.13-150200.5.41.1 * postgresql15-plpython-debuginfo-15.13-150200.5.41.1 * postgresql15-server-15.13-150200.5.41.1 * postgresql15-server-debuginfo-15.13-150200.5.41.1 * postgresql15-contrib-debuginfo-15.13-150200.5.41.1 * postgresql15-plpython-15.13-150200.5.41.1 * postgresql15-devel-debuginfo-15.13-150200.5.41.1 * postgresql15-plperl-debuginfo-15.13-150200.5.41.1 * postgresql15-server-devel-15.13-150200.5.41.1 * postgresql15-contrib-15.13-150200.5.41.1 * postgresql15-pltcl-debuginfo-15.13-150200.5.41.1 * postgresql15-debugsource-15.13-150200.5.41.1 * postgresql15-plperl-15.13-150200.5.41.1 * postgresql15-15.13-150200.5.41.1 * postgresql15-pltcl-15.13-150200.5.41.1 * postgresql15-server-devel-debuginfo-15.13-150200.5.41.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * postgresql15-docs-15.13-150200.5.41.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * postgresql15-debuginfo-15.13-150200.5.41.1 * postgresql15-devel-15.13-150200.5.41.1 * postgresql15-plpython-debuginfo-15.13-150200.5.41.1 * postgresql15-server-15.13-150200.5.41.1 * postgresql15-server-debuginfo-15.13-150200.5.41.1 * postgresql15-contrib-debuginfo-15.13-150200.5.41.1 * postgresql15-plpython-15.13-150200.5.41.1 * postgresql15-devel-debuginfo-15.13-150200.5.41.1 * postgresql15-plperl-debuginfo-15.13-150200.5.41.1 * postgresql15-server-devel-15.13-150200.5.41.1 * postgresql15-contrib-15.13-150200.5.41.1 * postgresql15-pltcl-debuginfo-15.13-150200.5.41.1 * postgresql15-debugsource-15.13-150200.5.41.1 * postgresql15-plperl-15.13-150200.5.41.1 * postgresql15-15.13-150200.5.41.1 * postgresql15-pltcl-15.13-150200.5.41.1 * postgresql15-server-devel-debuginfo-15.13-150200.5.41.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * postgresql15-docs-15.13-150200.5.41.1 * SUSE Manager Proxy 4.3 (x86_64) * postgresql15-debuginfo-15.13-150200.5.41.1 * postgresql15-devel-15.13-150200.5.41.1 * postgresql15-plpython-debuginfo-15.13-150200.5.41.1 * postgresql15-server-15.13-150200.5.41.1 * postgresql15-server-debuginfo-15.13-150200.5.41.1 * postgresql15-contrib-debuginfo-15.13-150200.5.41.1 * postgresql15-plpython-15.13-150200.5.41.1 * postgresql15-devel-debuginfo-15.13-150200.5.41.1 * postgresql15-plperl-debuginfo-15.13-150200.5.41.1 * postgresql15-server-devel-15.13-150200.5.41.1 * postgresql15-contrib-15.13-150200.5.41.1 *postgresql15-pltcl-debuginfo-15.13-150200.5.41.1 * postgresql15-debugsource-15.13-150200.5.41.1 * postgresql15-plperl-15.13-150200.5.41.1 * postgresql15-15.13-150200.5.41.1 * postgresql15-pltcl-15.13-150200.5.41.1 * postgresql15-server-devel-debuginfo-15.13-150200.5.41.1 * SUSE Manager Proxy 4.3 (noarch) * postgresql15-docs-15.13-150200.5.41.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * postgresql15-debuginfo-15.13-150200.5.41.1 * postgresql15-devel-15.13-150200.5.41.1 * postgresql15-plpython-debuginfo-15.13-150200.5.41.1 * postgresql15-server-15.13-150200.5.41.1 * postgresql15-server-debuginfo-15.13-150200.5.41.1 * postgresql15-contrib-debuginfo-15.13-150200.5.41.1 * postgresql15-plpython-15.13-150200.5.41.1 * postgresql15-devel-debuginfo-15.13-150200.5.41.1 * postgresql15-plperl-debuginfo-15.13-150200.5.41.1 * postgresql15-server-devel-15.13-150200.5.41.1 * postgresql15-contrib-15.13-150200.5.41.1 * postgresql15-pltcl-debuginfo-15.13-150200.5.41.1 * postgresql15-debugsource-15.13-150200.5.41.1 * postgresql15-plperl-15.13-150200.5.41.1 * postgresql15-15.13-150200.5.41.1 * postgresql15-pltcl-15.13-150200.5.41.1 * postgresql15-server-devel-debuginfo-15.13-150200.5.41.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * postgresql15-docs-15.13-150200.5.41.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * postgresql15-debuginfo-15.13-150200.5.41.1 * postgresql15-devel-15.13-150200.5.41.1 * postgresql15-plpython-debuginfo-15.13-150200.5.41.1 * postgresql15-server-15.13-150200.5.41.1 * postgresql15-server-debuginfo-15.13-150200.5.41.1 * postgresql15-contrib-debuginfo-15.13-150200.5.41.1 * postgresql15-plpython-15.13-150200.5.41.1 * postgresql15-devel-debuginfo-15.13-150200.5.41.1 * postgresql15-plperl-debuginfo-15.13-150200.5.41.1 * postgresql15-server-devel-15.13-150200.5.41.1 * postgresql15-contrib-15.13-150200.5.41.1 *postgresql15-pltcl-debuginfo-15.13-150200.5.41.1 * postgresql15-debugsource-15.13-150200.5.41.1 * postgresql15-plperl-15.13-150200.5.41.1 * postgresql15-15.13-150200.5.41.1 * postgresql15-pltcl-15.13-150200.5.41.1 * postgresql15-server-devel-debuginfo-15.13-150200.5.41.1 * SUSE Manager Server 4.3 (noarch) * postgresql15-docs-15.13-150200.5.41.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * postgresql15-debuginfo-15.13-150200.5.41.1 * postgresql15-devel-15.13-150200.5.41.1 * postgresql15-plpython-debuginfo-15.13-150200.5.41.1 * postgresql15-server-15.13-150200.5.41.1 * postgresql15-server-debuginfo-15.13-150200.5.41.1 * postgresql15-contrib-debuginfo-15.13-150200.5.41.1 * postgresql15-plpython-15.13-150200.5.41.1 * postgresql15-devel-debuginfo-15.13-150200.5.41.1 * postgresql15-plperl-debuginfo-15.13-150200.5.41.1 * postgresql15-server-devel-15.13-150200.5.41.1 * postgresql15-contrib-15.13-150200.5.41.1 * postgresql15-pltcl-debuginfo-15.13-150200.5.41.1 * postgresql15-debugsource-15.13-150200.5.41.1 * postgresql15-plperl-15.13-150200.5.41.1 * postgresql15-15.13-150200.5.41.1 * postgresql15-pltcl-15.13-150200.5.41.1 * postgresql15-server-devel-debuginfo-15.13-150200.5.41.1 * SUSE Enterprise Storage 7.1 (noarch) * postgresql15-docs-15.13-150200.5.41.1 ## References: * https://www.suse.com/security/cve/CVE-2025-4207.html * https://bugzilla.suse.com/show_bug.cgi?id=1242931 . Addressing CVE-2025-4207 in PostgreSQL 15 improves the overall security posture for SUSE systems and safeguards sensitive data effectively. PostgreSQL 15, SUS Security, Encoding Issues, Database Security. . LinuxSecurity.com Team
* bsc#1242931 Cross-References: * CVE-2025-4207 . # Security update for postgresql14 Announcement ID: SUSE-SU-2025:01786-1 Release Date: 2025-05-30T16:12:31Z Rating: moderate References: * bsc#1242931 Cross-References: * CVE-2025-4207 CVSS scores: * CVE-2025-4207 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-4207 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for postgresql14 fixes the following issues: Upgrade to 14.18: * CVE-2025-4207: Fixed PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation (bsc#1242931) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1786=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -tpatch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1786=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-1786=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1786=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1786=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-1786=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-1786=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-1786=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-1786=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-1786=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1786=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1786=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-1786=1 ## Package List: * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * postgresql14-debuginfo-14.18-150200.5.58.1 * postgresql14-plpython-debuginfo-14.18-150200.5.58.1 * postgresql14-14.18-150200.5.58.1 * postgresql14-pltcl-14.18-150200.5.58.1 * postgresql14-contrib-debuginfo-14.18-150200.5.58.1 * postgresql14-plpython-14.18-150200.5.58.1 * postgresql14-server-devel-14.18-150200.5.58.1 * postgresql14-devel-14.18-150200.5.58.1 * postgresql14-devel-debuginfo-14.18-150200.5.58.1 * postgresql14-pltcl-debuginfo-14.18-150200.5.58.1 *postgresql14-plperl-debuginfo-14.18-150200.5.58.1 * postgresql14-server-14.18-150200.5.58.1 * postgresql14-server-debuginfo-14.18-150200.5.58.1 * postgresql14-server-devel-debuginfo-14.18-150200.5.58.1 * postgresql14-contrib-14.18-150200.5.58.1 * postgresql14-debugsource-14.18-150200.5.58.1 * postgresql14-plperl-14.18-150200.5.58.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * postgresql14-docs-14.18-150200.5.58.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * postgresql14-debuginfo-14.18-150200.5.58.1 * postgresql14-llvmjit-debuginfo-14.18-150200.5.58.1 * postgresql14-plpython-debuginfo-14.18-150200.5.58.1 * postgresql14-14.18-150200.5.58.1 * postgresql14-llvmjit-14.18-150200.5.58.1 * postgresql14-contrib-debuginfo-14.18-150200.5.58.1 * postgresql14-plpython-14.18-150200.5.58.1 * postgresql14-pltcl-14.18-150200.5.58.1 * postgresql14-server-devel-14.18-150200.5.58.1 * postgresql14-devel-14.18-150200.5.58.1 * postgresql14-devel-debuginfo-14.18-150200.5.58.1 * postgresql14-llvmjit-devel-14.18-150200.5.58.1 * postgresql14-plperl-debuginfo-14.18-150200.5.58.1 * postgresql14-pltcl-debuginfo-14.18-150200.5.58.1 * postgresql14-server-14.18-150200.5.58.1 * postgresql14-server-debuginfo-14.18-150200.5.58.1 * postgresql14-server-devel-debuginfo-14.18-150200.5.58.1 * postgresql14-contrib-14.18-150200.5.58.1 * postgresql14-debugsource-14.18-150200.5.58.1 * postgresql14-plperl-14.18-150200.5.58.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * postgresql14-docs-14.18-150200.5.58.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * postgresql14-debuginfo-14.18-150200.5.58.1 * postgresql14-plpython-debuginfo-14.18-150200.5.58.1 * postgresql14-14.18-150200.5.58.1 * postgresql14-pltcl-14.18-150200.5.58.1 * postgresql14-contrib-debuginfo-14.18-150200.5.58.1 * postgresql14-plpython-14.18-150200.5.58.1 *postgresql14-server-devel-14.18-150200.5.58.1 * postgresql14-devel-14.18-150200.5.58.1 * postgresql14-devel-debuginfo-14.18-150200.5.58.1 * postgresql14-pltcl-debuginfo-14.18-150200.5.58.1 * postgresql14-plperl-debuginfo-14.18-150200.5.58.1 * postgresql14-server-14.18-150200.5.58.1 * postgresql14-server-debuginfo-14.18-150200.5.58.1 * postgresql14-server-devel-debuginfo-14.18-150200.5.58.1 * postgresql14-contrib-14.18-150200.5.58.1 * postgresql14-debugsource-14.18-150200.5.58.1 * postgresql14-plperl-14.18-150200.5.58.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * postgresql14-docs-14.18-150200.5.58.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * postgresql14-debuginfo-14.18-150200.5.58.1 * postgresql14-plpython-debuginfo-14.18-150200.5.58.1 * postgresql14-14.18-150200.5.58.1 * postgresql14-pltcl-14.18-150200.5.58.1 * postgresql14-contrib-debuginfo-14.18-150200.5.58.1 * postgresql14-plpython-14.18-150200.5.58.1 * postgresql14-server-devel-14.18-150200.5.58.1 * postgresql14-devel-14.18-150200.5.58.1 * postgresql14-devel-debuginfo-14.18-150200.5.58.1 * postgresql14-pltcl-debuginfo-14.18-150200.5.58.1 * postgresql14-plperl-debuginfo-14.18-150200.5.58.1 * postgresql14-server-14.18-150200.5.58.1 * postgresql14-server-debuginfo-14.18-150200.5.58.1 * postgresql14-server-devel-debuginfo-14.18-150200.5.58.1 * postgresql14-contrib-14.18-150200.5.58.1 * postgresql14-debugsource-14.18-150200.5.58.1 * postgresql14-plperl-14.18-150200.5.58.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * postgresql14-docs-14.18-150200.5.58.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * postgresql14-debuginfo-14.18-150200.5.58.1 * postgresql14-llvmjit-debuginfo-14.18-150200.5.58.1 * postgresql14-plpython-debuginfo-14.18-150200.5.58.1 * postgresql14-14.18-150200.5.58.1 *postgresql14-llvmjit-14.18-150200.5.58.1 * postgresql14-contrib-debuginfo-14.18-150200.5.58.1 * postgresql14-plpython-14.18-150200.5.58.1 * postgresql14-pltcl-14.18-150200.5.58.1 * postgresql14-server-devel-14.18-150200.5.58.1 * postgresql14-devel-14.18-150200.5.58.1 * postgresql14-devel-debuginfo-14.18-150200.5.58.1 * postgresql14-llvmjit-devel-14.18-150200.5.58.1 * postgresql14-plperl-debuginfo-14.18-150200.5.58.1 * postgresql14-pltcl-debuginfo-14.18-150200.5.58.1 * postgresql14-server-14.18-150200.5.58.1 * postgresql14-server-debuginfo-14.18-150200.5.58.1 * postgresql14-server-devel-debuginfo-14.18-150200.5.58.1 * postgresql14-contrib-14.18-150200.5.58.1 * postgresql14-debugsource-14.18-150200.5.58.1 * postgresql14-plperl-14.18-150200.5.58.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * postgresql14-docs-14.18-150200.5.58.1 * SUSE Manager Proxy 4.3 (x86_64) * postgresql14-debuginfo-14.18-150200.5.58.1 * postgresql14-plpython-debuginfo-14.18-150200.5.58.1 * postgresql14-14.18-150200.5.58.1 * postgresql14-pltcl-14.18-150200.5.58.1 * postgresql14-contrib-debuginfo-14.18-150200.5.58.1 * postgresql14-plpython-14.18-150200.5.58.1 * postgresql14-server-devel-14.18-150200.5.58.1 * postgresql14-devel-14.18-150200.5.58.1 * postgresql14-devel-debuginfo-14.18-150200.5.58.1 * postgresql14-pltcl-debuginfo-14.18-150200.5.58.1 * postgresql14-plperl-debuginfo-14.18-150200.5.58.1 * postgresql14-server-14.18-150200.5.58.1 * postgresql14-server-debuginfo-14.18-150200.5.58.1 * postgresql14-server-devel-debuginfo-14.18-150200.5.58.1 * postgresql14-contrib-14.18-150200.5.58.1 * postgresql14-debugsource-14.18-150200.5.58.1 * postgresql14-plperl-14.18-150200.5.58.1 * SUSE Manager Proxy 4.3 (noarch) * postgresql14-docs-14.18-150200.5.58.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * postgresql14-debuginfo-14.18-150200.5.58.1 *postgresql14-plpython-debuginfo-14.18-150200.5.58.1 * postgresql14-14.18-150200.5.58.1 * postgresql14-pltcl-14.18-150200.5.58.1 * postgresql14-contrib-debuginfo-14.18-150200.5.58.1 * postgresql14-plpython-14.18-150200.5.58.1 * postgresql14-server-devel-14.18-150200.5.58.1 * postgresql14-devel-14.18-150200.5.58.1 * postgresql14-devel-debuginfo-14.18-150200.5.58.1 * postgresql14-pltcl-debuginfo-14.18-150200.5.58.1 * postgresql14-plperl-debuginfo-14.18-150200.5.58.1 * postgresql14-server-14.18-150200.5.58.1 * postgresql14-server-debuginfo-14.18-150200.5.58.1 * postgresql14-server-devel-debuginfo-14.18-150200.5.58.1 * postgresql14-contrib-14.18-150200.5.58.1 * postgresql14-debugsource-14.18-150200.5.58.1 * postgresql14-plperl-14.18-150200.5.58.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * postgresql14-docs-14.18-150200.5.58.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * postgresql14-debuginfo-14.18-150200.5.58.1 * postgresql14-plpython-debuginfo-14.18-150200.5.58.1 * postgresql14-14.18-150200.5.58.1 * postgresql14-pltcl-14.18-150200.5.58.1 * postgresql14-contrib-debuginfo-14.18-150200.5.58.1 * postgresql14-plpython-14.18-150200.5.58.1 * postgresql14-server-devel-14.18-150200.5.58.1 * postgresql14-devel-14.18-150200.5.58.1 * postgresql14-devel-debuginfo-14.18-150200.5.58.1 * postgresql14-pltcl-debuginfo-14.18-150200.5.58.1 * postgresql14-plperl-debuginfo-14.18-150200.5.58.1 * postgresql14-server-14.18-150200.5.58.1 * postgresql14-server-debuginfo-14.18-150200.5.58.1 * postgresql14-server-devel-debuginfo-14.18-150200.5.58.1 * postgresql14-contrib-14.18-150200.5.58.1 * postgresql14-debugsource-14.18-150200.5.58.1 * postgresql14-plperl-14.18-150200.5.58.1 * SUSE Manager Server 4.3 (noarch) * postgresql14-docs-14.18-150200.5.58.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * postgresql14-debuginfo-14.18-150200.5.58.1 *postgresql14-plpython-debuginfo-14.18-150200.5.58.1 * postgresql14-14.18-150200.5.58.1 * postgresql14-pltcl-14.18-150200.5.58.1 * postgresql14-contrib-debuginfo-14.18-150200.5.58.1 * postgresql14-plpython-14.18-150200.5.58.1 * postgresql14-server-devel-14.18-150200.5.58.1 * postgresql14-devel-14.18-150200.5.58.1 * postgresql14-devel-debuginfo-14.18-150200.5.58.1 * postgresql14-pltcl-debuginfo-14.18-150200.5.58.1 * postgresql14-plperl-debuginfo-14.18-150200.5.58.1 * postgresql14-server-14.18-150200.5.58.1 * postgresql14-server-debuginfo-14.18-150200.5.58.1 * postgresql14-server-devel-debuginfo-14.18-150200.5.58.1 * postgresql14-contrib-14.18-150200.5.58.1 * postgresql14-debugsource-14.18-150200.5.58.1 * postgresql14-plperl-14.18-150200.5.58.1 * SUSE Enterprise Storage 7.1 (noarch) * postgresql14-docs-14.18-150200.5.58.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * postgresql14-debuginfo-14.18-150200.5.58.1 * postgresql14-plpython-debuginfo-14.18-150200.5.58.1 * postgresql14-14.18-150200.5.58.1 * postgresql14-pltcl-14.18-150200.5.58.1 * postgresql14-contrib-debuginfo-14.18-150200.5.58.1 * postgresql14-plpython-14.18-150200.5.58.1 * postgresql14-server-devel-14.18-150200.5.58.1 * postgresql14-devel-14.18-150200.5.58.1 * postgresql14-devel-debuginfo-14.18-150200.5.58.1 * postgresql14-pltcl-debuginfo-14.18-150200.5.58.1 * postgresql14-plperl-debuginfo-14.18-150200.5.58.1 * postgresql14-server-14.18-150200.5.58.1 * postgresql14-server-debuginfo-14.18-150200.5.58.1 * postgresql14-server-devel-debuginfo-14.18-150200.5.58.1 * postgresql14-contrib-14.18-150200.5.58.1 * postgresql14-debugsource-14.18-150200.5.58.1 * postgresql14-plperl-14.18-150200.5.58.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * postgresql14-docs-14.18-150200.5.58.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * postgresql14-debuginfo-14.18-150200.5.58.1 * postgresql14-plpython-debuginfo-14.18-150200.5.58.1 * postgresql14-14.18-150200.5.58.1 * postgresql14-pltcl-14.18-150200.5.58.1 * postgresql14-contrib-debuginfo-14.18-150200.5.58.1 * postgresql14-plpython-14.18-150200.5.58.1 * postgresql14-server-devel-14.18-150200.5.58.1 * postgresql14-devel-14.18-150200.5.58.1 * postgresql14-devel-debuginfo-14.18-150200.5.58.1 * postgresql14-pltcl-debuginfo-14.18-150200.5.58.1 * postgresql14-plperl-debuginfo-14.18-150200.5.58.1 * postgresql14-server-14.18-150200.5.58.1 * postgresql14-server-debuginfo-14.18-150200.5.58.1 * postgresql14-server-devel-debuginfo-14.18-150200.5.58.1 * postgresql14-contrib-14.18-150200.5.58.1 * postgresql14-debugsource-14.18-150200.5.58.1 * postgresql14-plperl-14.18-150200.5.58.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * postgresql14-docs-14.18-150200.5.58.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * postgresql14-debuginfo-14.18-150200.5.58.1 * postgresql14-plpython-debuginfo-14.18-150200.5.58.1 * postgresql14-14.18-150200.5.58.1 * postgresql14-pltcl-14.18-150200.5.58.1 * postgresql14-contrib-debuginfo-14.18-150200.5.58.1 * postgresql14-plpython-14.18-150200.5.58.1 * postgresql14-server-devel-14.18-150200.5.58.1 * postgresql14-devel-14.18-150200.5.58.1 * postgresql14-devel-debuginfo-14.18-150200.5.58.1 * postgresql14-pltcl-debuginfo-14.18-150200.5.58.1 * postgresql14-plperl-debuginfo-14.18-150200.5.58.1 * postgresql14-server-14.18-150200.5.58.1 * postgresql14-server-debuginfo-14.18-150200.5.58.1 * postgresql14-server-devel-debuginfo-14.18-150200.5.58.1 * postgresql14-contrib-14.18-150200.5.58.1 * postgresql14-debugsource-14.18-150200.5.58.1 * postgresql14-plperl-14.18-150200.5.58.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) *postgresql14-docs-14.18-150200.5.58.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * postgresql14-debuginfo-14.18-150200.5.58.1 * postgresql14-plpython-debuginfo-14.18-150200.5.58.1 * postgresql14-14.18-150200.5.58.1 * postgresql14-pltcl-14.18-150200.5.58.1 * postgresql14-contrib-debuginfo-14.18-150200.5.58.1 * postgresql14-plpython-14.18-150200.5.58.1 * postgresql14-server-devel-14.18-150200.5.58.1 * postgresql14-devel-14.18-150200.5.58.1 * postgresql14-devel-debuginfo-14.18-150200.5.58.1 * postgresql14-pltcl-debuginfo-14.18-150200.5.58.1 * postgresql14-plperl-debuginfo-14.18-150200.5.58.1 * postgresql14-server-14.18-150200.5.58.1 * postgresql14-server-debuginfo-14.18-150200.5.58.1 * postgresql14-server-devel-debuginfo-14.18-150200.5.58.1 * postgresql14-contrib-14.18-150200.5.58.1 * postgresql14-debugsource-14.18-150200.5.58.1 * postgresql14-plperl-14.18-150200.5.58.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch) * postgresql14-docs-14.18-150200.5.58.1 ## References: * https://www.suse.com/security/cve/CVE-2025-4207.html * https://bugzilla.suse.com/show_bug.cgi?id=1242931 . Crucial announcement regarding PostgreSQL 14 resolves a character encoding validation concern, enhancing overall system security and robustness.. PostgreSQL Update, SUSE Security Fix, Encoding Validation Patch. . LinuxSecurity.com Team
* bsc#1242931 Cross-References: * CVE-2025-4207 . # Security update for postgresql16 Announcement ID: SUSE-SU-2025:01782-1 Release Date: 2025-05-30T15:33:46Z Rating: moderate References: * bsc#1242931 Cross-References: * CVE-2025-4207 CVSS scores: * CVE-2025-4207 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-4207 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for postgresql16 fixes the following issues: Upgrade to 16.9: * CVE-2025-4207: Fixed PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation (bsc#1242931) Changelog: https://www.postgresql.org/docs/release/16.9/ ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1782=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1782=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-1782=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1782=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1782=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-1782=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-1782=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-1782=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-1782=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-1782=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1782=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1782=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1782=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1782=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-1782=1 ## Package List: * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) *postgresql16-pltcl-16.9-150200.5.29.1 * postgresql16-plpython-16.9-150200.5.29.1 * postgresql16-pltcl-debuginfo-16.9-150200.5.29.1 * postgresql16-16.9-150200.5.29.1 * postgresql16-server-devel-16.9-150200.5.29.1 * postgresql16-server-devel-debuginfo-16.9-150200.5.29.1 * postgresql16-plperl-16.9-150200.5.29.1 * postgresql16-debugsource-16.9-150200.5.29.1 * postgresql16-server-16.9-150200.5.29.1 * postgresql16-contrib-debuginfo-16.9-150200.5.29.1 * postgresql16-plperl-debuginfo-16.9-150200.5.29.1 * postgresql16-server-debuginfo-16.9-150200.5.29.1 * postgresql16-devel-debuginfo-16.9-150200.5.29.1 * postgresql16-devel-16.9-150200.5.29.1 * postgresql16-contrib-16.9-150200.5.29.1 * postgresql16-debuginfo-16.9-150200.5.29.1 * postgresql16-plpython-debuginfo-16.9-150200.5.29.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * postgresql16-docs-16.9-150200.5.29.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * postgresql16-pltcl-16.9-150200.5.29.1 * postgresql16-plpython-16.9-150200.5.29.1 * postgresql16-pltcl-debuginfo-16.9-150200.5.29.1 * postgresql16-16.9-150200.5.29.1 * postgresql16-server-devel-16.9-150200.5.29.1 * postgresql16-server-devel-debuginfo-16.9-150200.5.29.1 * postgresql16-plperl-16.9-150200.5.29.1 * postgresql16-debugsource-16.9-150200.5.29.1 * postgresql16-server-16.9-150200.5.29.1 * postgresql16-contrib-debuginfo-16.9-150200.5.29.1 * postgresql16-plperl-debuginfo-16.9-150200.5.29.1 * postgresql16-server-debuginfo-16.9-150200.5.29.1 * postgresql16-devel-debuginfo-16.9-150200.5.29.1 * postgresql16-devel-16.9-150200.5.29.1 * postgresql16-contrib-16.9-150200.5.29.1 * postgresql16-debuginfo-16.9-150200.5.29.1 * postgresql16-plpython-debuginfo-16.9-150200.5.29.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * postgresql16-docs-16.9-150200.5.29.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) *postgresql16-debuginfo-16.9-150200.5.29.1 * postgresql16-debugsource-16.9-150200.5.29.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * postgresql16-pltcl-16.9-150200.5.29.1 * postgresql16-plpython-16.9-150200.5.29.1 * postgresql16-pltcl-debuginfo-16.9-150200.5.29.1 * postgresql16-16.9-150200.5.29.1 * postgresql16-server-devel-16.9-150200.5.29.1 * postgresql16-server-devel-debuginfo-16.9-150200.5.29.1 * postgresql16-plperl-16.9-150200.5.29.1 * postgresql16-debugsource-16.9-150200.5.29.1 * postgresql16-server-16.9-150200.5.29.1 * postgresql16-contrib-debuginfo-16.9-150200.5.29.1 * postgresql16-plperl-debuginfo-16.9-150200.5.29.1 * postgresql16-server-debuginfo-16.9-150200.5.29.1 * postgresql16-devel-debuginfo-16.9-150200.5.29.1 * postgresql16-devel-16.9-150200.5.29.1 * postgresql16-contrib-16.9-150200.5.29.1 * postgresql16-debuginfo-16.9-150200.5.29.1 * postgresql16-plpython-debuginfo-16.9-150200.5.29.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * postgresql16-docs-16.9-150200.5.29.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * postgresql16-pltcl-16.9-150200.5.29.1 * postgresql16-plpython-16.9-150200.5.29.1 * postgresql16-pltcl-debuginfo-16.9-150200.5.29.1 * postgresql16-16.9-150200.5.29.1 * postgresql16-server-devel-16.9-150200.5.29.1 * postgresql16-server-devel-debuginfo-16.9-150200.5.29.1 * postgresql16-plperl-16.9-150200.5.29.1 * postgresql16-debugsource-16.9-150200.5.29.1 * postgresql16-server-16.9-150200.5.29.1 * postgresql16-contrib-debuginfo-16.9-150200.5.29.1 * postgresql16-plperl-debuginfo-16.9-150200.5.29.1 * postgresql16-server-debuginfo-16.9-150200.5.29.1 * postgresql16-devel-debuginfo-16.9-150200.5.29.1 * postgresql16-devel-16.9-150200.5.29.1 * postgresql16-contrib-16.9-150200.5.29.1 * postgresql16-debuginfo-16.9-150200.5.29.1 *postgresql16-plpython-debuginfo-16.9-150200.5.29.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * postgresql16-docs-16.9-150200.5.29.1 * SUSE Manager Proxy 4.3 (x86_64) * postgresql16-pltcl-16.9-150200.5.29.1 * postgresql16-plpython-16.9-150200.5.29.1 * postgresql16-pltcl-debuginfo-16.9-150200.5.29.1 * postgresql16-16.9-150200.5.29.1 * postgresql16-server-devel-16.9-150200.5.29.1 * postgresql16-server-devel-debuginfo-16.9-150200.5.29.1 * postgresql16-plperl-16.9-150200.5.29.1 * postgresql16-debugsource-16.9-150200.5.29.1 * postgresql16-server-16.9-150200.5.29.1 * postgresql16-contrib-debuginfo-16.9-150200.5.29.1 * postgresql16-plperl-debuginfo-16.9-150200.5.29.1 * postgresql16-server-debuginfo-16.9-150200.5.29.1 * postgresql16-devel-debuginfo-16.9-150200.5.29.1 * postgresql16-devel-16.9-150200.5.29.1 * postgresql16-contrib-16.9-150200.5.29.1 * postgresql16-debuginfo-16.9-150200.5.29.1 * postgresql16-plpython-debuginfo-16.9-150200.5.29.1 * SUSE Manager Proxy 4.3 (noarch) * postgresql16-docs-16.9-150200.5.29.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * postgresql16-pltcl-16.9-150200.5.29.1 * postgresql16-plpython-16.9-150200.5.29.1 * postgresql16-pltcl-debuginfo-16.9-150200.5.29.1 * postgresql16-16.9-150200.5.29.1 * postgresql16-server-devel-16.9-150200.5.29.1 * postgresql16-server-devel-debuginfo-16.9-150200.5.29.1 * postgresql16-plperl-16.9-150200.5.29.1 * postgresql16-debugsource-16.9-150200.5.29.1 * postgresql16-server-16.9-150200.5.29.1 * postgresql16-contrib-debuginfo-16.9-150200.5.29.1 * postgresql16-plperl-debuginfo-16.9-150200.5.29.1 * postgresql16-server-debuginfo-16.9-150200.5.29.1 * postgresql16-devel-debuginfo-16.9-150200.5.29.1 * postgresql16-devel-16.9-150200.5.29.1 * postgresql16-contrib-16.9-150200.5.29.1 * postgresql16-debuginfo-16.9-150200.5.29.1 * postgresql16-plpython-debuginfo-16.9-150200.5.29.1 * SUSE ManagerRetail Branch Server 4.3 (noarch) * postgresql16-docs-16.9-150200.5.29.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * postgresql16-pltcl-16.9-150200.5.29.1 * postgresql16-plpython-16.9-150200.5.29.1 * postgresql16-pltcl-debuginfo-16.9-150200.5.29.1 * postgresql16-16.9-150200.5.29.1 * postgresql16-server-devel-16.9-150200.5.29.1 * postgresql16-server-devel-debuginfo-16.9-150200.5.29.1 * postgresql16-plperl-16.9-150200.5.29.1 * postgresql16-debugsource-16.9-150200.5.29.1 * postgresql16-server-16.9-150200.5.29.1 * postgresql16-contrib-debuginfo-16.9-150200.5.29.1 * postgresql16-plperl-debuginfo-16.9-150200.5.29.1 * postgresql16-server-debuginfo-16.9-150200.5.29.1 * postgresql16-devel-debuginfo-16.9-150200.5.29.1 * postgresql16-devel-16.9-150200.5.29.1 * postgresql16-contrib-16.9-150200.5.29.1 * postgresql16-debuginfo-16.9-150200.5.29.1 * postgresql16-plpython-debuginfo-16.9-150200.5.29.1 * SUSE Manager Server 4.3 (noarch) * postgresql16-docs-16.9-150200.5.29.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * postgresql16-debuginfo-16.9-150200.5.29.1 * postgresql16-debugsource-16.9-150200.5.29.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * postgresql16-debuginfo-16.9-150200.5.29.1 * postgresql16-debugsource-16.9-150200.5.29.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * postgresql16-pltcl-16.9-150200.5.29.1 * postgresql16-plpython-16.9-150200.5.29.1 * postgresql16-pltcl-debuginfo-16.9-150200.5.29.1 * postgresql16-16.9-150200.5.29.1 * postgresql16-server-devel-16.9-150200.5.29.1 * postgresql16-server-devel-debuginfo-16.9-150200.5.29.1 * postgresql16-plperl-16.9-150200.5.29.1 * postgresql16-debugsource-16.9-150200.5.29.1 * postgresql16-server-16.9-150200.5.29.1 * postgresql16-contrib-debuginfo-16.9-150200.5.29.1 * postgresql16-plperl-debuginfo-16.9-150200.5.29.1 *postgresql16-server-debuginfo-16.9-150200.5.29.1 * postgresql16-devel-debuginfo-16.9-150200.5.29.1 * postgresql16-devel-16.9-150200.5.29.1 * postgresql16-contrib-16.9-150200.5.29.1 * postgresql16-debuginfo-16.9-150200.5.29.1 * postgresql16-plpython-debuginfo-16.9-150200.5.29.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * postgresql16-docs-16.9-150200.5.29.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * postgresql16-pltcl-16.9-150200.5.29.1 * postgresql16-plpython-16.9-150200.5.29.1 * postgresql16-pltcl-debuginfo-16.9-150200.5.29.1 * postgresql16-16.9-150200.5.29.1 * postgresql16-server-devel-16.9-150200.5.29.1 * postgresql16-server-devel-debuginfo-16.9-150200.5.29.1 * postgresql16-plperl-16.9-150200.5.29.1 * postgresql16-debugsource-16.9-150200.5.29.1 * postgresql16-server-16.9-150200.5.29.1 * postgresql16-contrib-debuginfo-16.9-150200.5.29.1 * postgresql16-plperl-debuginfo-16.9-150200.5.29.1 * postgresql16-server-debuginfo-16.9-150200.5.29.1 * postgresql16-devel-debuginfo-16.9-150200.5.29.1 * postgresql16-devel-16.9-150200.5.29.1 * postgresql16-contrib-16.9-150200.5.29.1 * postgresql16-debuginfo-16.9-150200.5.29.1 * postgresql16-plpython-debuginfo-16.9-150200.5.29.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * postgresql16-docs-16.9-150200.5.29.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * postgresql16-pltcl-16.9-150200.5.29.1 * postgresql16-plpython-16.9-150200.5.29.1 * postgresql16-pltcl-debuginfo-16.9-150200.5.29.1 * postgresql16-16.9-150200.5.29.1 * postgresql16-server-devel-16.9-150200.5.29.1 * postgresql16-server-devel-debuginfo-16.9-150200.5.29.1 * postgresql16-plperl-16.9-150200.5.29.1 * postgresql16-debugsource-16.9-150200.5.29.1 * postgresql16-server-16.9-150200.5.29.1 * postgresql16-contrib-debuginfo-16.9-150200.5.29.1 * postgresql16-plperl-debuginfo-16.9-150200.5.29.1 * postgresql16-server-debuginfo-16.9-150200.5.29.1 * postgresql16-devel-debuginfo-16.9-150200.5.29.1 * postgresql16-devel-16.9-150200.5.29.1 * postgresql16-contrib-16.9-150200.5.29.1 * postgresql16-debuginfo-16.9-150200.5.29.1 * postgresql16-plpython-debuginfo-16.9-150200.5.29.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * postgresql16-docs-16.9-150200.5.29.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * postgresql16-pltcl-16.9-150200.5.29.1 * postgresql16-plpython-16.9-150200.5.29.1 * postgresql16-pltcl-debuginfo-16.9-150200.5.29.1 * postgresql16-16.9-150200.5.29.1 * postgresql16-server-devel-16.9-150200.5.29.1 * postgresql16-server-devel-debuginfo-16.9-150200.5.29.1 * postgresql16-plperl-16.9-150200.5.29.1 * postgresql16-debugsource-16.9-150200.5.29.1 * postgresql16-server-16.9-150200.5.29.1 * postgresql16-contrib-debuginfo-16.9-150200.5.29.1 * postgresql16-plperl-debuginfo-16.9-150200.5.29.1 * postgresql16-server-debuginfo-16.9-150200.5.29.1 * postgresql16-devel-debuginfo-16.9-150200.5.29.1 * postgresql16-devel-16.9-150200.5.29.1 * postgresql16-contrib-16.9-150200.5.29.1 * postgresql16-debuginfo-16.9-150200.5.29.1 * postgresql16-plpython-debuginfo-16.9-150200.5.29.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * postgresql16-docs-16.9-150200.5.29.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * postgresql16-debuginfo-16.9-150200.5.29.1 * postgresql16-debugsource-16.9-150200.5.29.1 ## References: * https://www.suse.com/security/cve/CVE-2025-4207.html * https://bugzilla.suse.com/show_bug.cgi?id=1242931 . Essential patch for PostgreSQL 16.9 addressing a significant security vulnerability impacting various SUSE offerings. Apply without delay.. PostgreSQL 16.9, SUSE update, security threat. . LinuxSecurity.com Team
* bsc#1242931 Cross-References: * CVE-2025-4207 . # Security update for postgresql14 Announcement ID: SUSE-SU-2025:01772-1 Release Date: 2025-05-30T10:44:52Z Rating: moderate References: * bsc#1242931 Cross-References: * CVE-2025-4207 CVSS scores: * CVE-2025-4207 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-4207 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for postgresql14 fixes the following issues: Upgrade to 14.18: * CVE-2025-4207: Fixed PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation (bsc#1242931) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-1772=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-1772=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * postgresql14-contrib-14.18-3.57.1 * postgresql14-pltcl-debuginfo-14.18-3.57.1 * postgresql14-debugsource-14.18-3.57.1 * postgresql14-devel-14.18-3.57.1 * postgresql14-plperl-14.18-3.57.1 * postgresql14-server-14.18-3.57.1 * postgresql14-plperl-debuginfo-14.18-3.57.1 * postgresql14-server-debuginfo-14.18-3.57.1 * postgresql14-plpython-debuginfo-14.18-3.57.1 * postgresql14-devel-debuginfo-14.18-3.57.1 * postgresql14-contrib-debuginfo-14.18-3.57.1 * postgresql14-plpython-14.18-3.57.1 * postgresql14-debuginfo-14.18-3.57.1 * postgresql14-14.18-3.57.1 * postgresql14-pltcl-14.18-3.57.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch) * postgresql14-docs-14.18-3.57.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (ppc64le s390x x86_64) * postgresql14-server-devel-14.18-3.57.1 * postgresql14-server-devel-debuginfo-14.18-3.57.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * postgresql14-contrib-14.18-3.57.1 * postgresql14-pltcl-debuginfo-14.18-3.57.1 * postgresql14-debugsource-14.18-3.57.1 * postgresql14-devel-14.18-3.57.1 * postgresql14-plperl-14.18-3.57.1 * postgresql14-server-14.18-3.57.1 * postgresql14-plperl-debuginfo-14.18-3.57.1 * postgresql14-server-debuginfo-14.18-3.57.1 * postgresql14-plpython-debuginfo-14.18-3.57.1 * postgresql14-devel-debuginfo-14.18-3.57.1 * postgresql14-contrib-debuginfo-14.18-3.57.1 * postgresql14-plpython-14.18-3.57.1 * postgresql14-server-devel-14.18-3.57.1 * postgresql14-debuginfo-14.18-3.57.1 * postgresql14-server-devel-debuginfo-14.18-3.57.1 * postgresql14-14.18-3.57.1 * postgresql14-pltcl-14.18-3.57.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * postgresql14-docs-14.18-3.57.1 ## References: * https://www.suse.com/security/cve/CVE-2025-4207.html * https://bugzilla.suse.com/show_bug.cgi?id=1242931 . This notice outlines a security patch for PostgreSQL version 14 concerning a character encoding validation vulnerability classified as moderate.. PostgreSQL Security, SUSE Update, Patch Management, Software Vulnerability, Encoding Issue. . LinuxSecurity.com Team
* bsc#1242931 Cross-References: * CVE-2025-4207 . # Security update for postgresql17 Announcement ID: SUSE-SU-2025:01765-1 Release Date: 2025-05-30T07:44:44Z Rating: moderate References: * bsc#1242931 Cross-References: * CVE-2025-4207 CVSS scores: * CVE-2025-4207 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-4207 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for postgresql17 fixes the following issues: Upgrade to 17.5: * CVE-2025-4207: Fixed PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation (bsc#1242931) Changelog: https://www.postgresql.org/docs/release/17.5/ ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-1765=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-1765=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * libecpg6-debuginfo-17.5-3.13.1 * libpq5-debuginfo-17.5-3.13.1 * libpq5-17.5-3.13.1 * libecpg6-17.5-3.13.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (s390x x86_64) * libecpg6-debuginfo-32bit-17.5-3.13.1 * libecpg6-32bit-17.5-3.13.1 * libpq5-32bit-17.5-3.13.1 * libpq5-debuginfo-32bit-17.5-3.13.1 * SUSE Linux Enterprise Server 12 SP5 LTSS ExtendedSecurity (x86_64) * libecpg6-debuginfo-17.5-3.13.1 * libecpg6-debuginfo-32bit-17.5-3.13.1 * libpq5-debuginfo-32bit-17.5-3.13.1 * libecpg6-32bit-17.5-3.13.1 * libecpg6-17.5-3.13.1 * libpq5-32bit-17.5-3.13.1 * libpq5-17.5-3.13.1 * libpq5-debuginfo-17.5-3.13.1 ## References: * https://www.suse.com/security/cve/CVE-2025-4207.html * https://bugzilla.suse.com/show_bug.cgi?id=1242931 . The recent PostgreSQL 17.5 patch for SUSE addresses a moderate severity issue regarding encoding validation. Discover further information about the specifics of this update.. PostgreSQL Update,SUSE Security,Encoding Flaw Fix. . LinuxSecurity.com Team
Get the latest Linux and open source security news straight to your inbox.