Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 5 articles for you...
202
security advisorybuffer overflowimportantopenSUSE Leap 16.0 PostgreSQL13 Important Security Fixes 2026-20449-1
An update that solves 2 vulnerabilities and has 2 bug fixes can now be installed.. openSUSE security update: security update for postgresql13 ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20449-1 Rating: important References: * bsc#1253332 * bsc#1253333 Cross-References: * CVE-2025-12817 * CVE-2025-12818 CVSS scores: * CVE-2025-12817 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2025-12817 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-12818 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-12818 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N Affected Products: openSUSE Leap 16.0 ------------------------------------------------------------- An update that solves 2 vulnerabilities and has 2 bug fixes can now be installed. Description: This update for postgresql13 fixes the following issues: Security fixes: - CVE-2025-12817: Fixed missing check for CREATE privileges on the schema in CREATE STATISTICS allowed table owners to create statistics in any schema, potentially leading to unexpected naming conflicts (bsc#1253332) - CVE-2025-12818: Fixed several places in libpq were not sufficiently careful about computing the required size of a memory allocation. Sufficiently large inputs could cause integer overflow, resulting in an undersized buffer, which would then lead to writing past the end of the buffer (bsc#1253333) Other fixes: - Update to 13.23 * https://www.postgresql.org/about/news/postgresql-181-177-1611-1515-1420-and-1323-released-3171/ * https://www.postgresql.org/docs/release/13.23 Patch instructions: To install this openSUSE security update use the suse recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 16.0 zypper in -t patch openSUSE-Leap-16.0-467=1 PackageList: - openSUSE Leap 16.0: postgresql13-13.23-160000.1.1 postgresql13-contrib-13.23-160000.1.1 postgresql13-devel-13.23-160000.1.1 postgresql13-docs-13.23-160000.1.1 postgresql13-llvmjit-13.23-160000.1.1 postgresql13-llvmjit-devel-13.23-160000.1.1 postgresql13-plperl-13.23-160000.1.1 postgresql13-plpython-13.23-160000.1.1 postgresql13-pltcl-13.23-160000.1.1 postgresql13-server-13.23-160000.1.1 postgresql13-server-devel-13.23-160000.1.1 postgresql13-test-13.23-160000.1.1 References: * https://www.suse.com/security/cve/CVE-2025-12817.html * https://www.suse.com/security/cve/CVE-2025-12818.html . This security advisory addresses critical issues in postgresql13 for openSUSE, detailing important vulnerabilities and fixes.. openSUSE security, postgresql13 update, important patch, buffer overflow fix. . Severity: Important. LinuxSecurity.com Team
Apr 02, 2026
•Important
OpenSUSE
100
security advisorySuSEprivilege escalationSUSE: PostgreSQL13 Important Update for CVE-2025-12817 & CVE-2025-12818
* bsc#1253332 * bsc#1253333 Cross-References: * CVE-2025-12817 . # Security update for postgresql13 Announcement ID: SUSE-SU-2025:4334-1 Release Date: 2025-12-09T18:17:26Z Rating: important References: * bsc#1253332 * bsc#1253333 Cross-References: * CVE-2025-12817 * CVE-2025-12818 CVSS scores: * CVE-2025-12817 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-12817 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2025-12817 ( NVD ): 3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-12818 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-12818 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-12818 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for postgresql13 fixes the following issues: Upgraded to 13.23: * CVE-2025-12817: Fixed missing check for CREATE privileges on the schema in CREATE STATISTICS (bsc#1253332) * CVE-2025-12818: Fixed integer overflow in allocation-size calculations within libpq (bsc#1253333) Other fixes: * Use %product_libs_llvm_ver to determine the LLVM version. * Remove conditionals for obsolete PostgreSQL releases. * Sync spec file from version 18. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-4334=1 * SUSE Linux Enterprise Server12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-4334=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * postgresql13-13.23-3.69.1 * postgresql13-contrib-13.23-3.69.1 * postgresql13-devel-13.23-3.69.1 * postgresql13-plperl-13.23-3.69.1 * postgresql13-server-13.23-3.69.1 * postgresql13-server-debuginfo-13.23-3.69.1 * postgresql13-devel-debuginfo-13.23-3.69.1 * postgresql13-plpython-13.23-3.69.1 * postgresql13-debuginfo-13.23-3.69.1 * postgresql13-plperl-debuginfo-13.23-3.69.1 * postgresql13-contrib-debuginfo-13.23-3.69.1 * postgresql13-pltcl-13.23-3.69.1 * postgresql13-plpython-debuginfo-13.23-3.69.1 * postgresql13-pltcl-debuginfo-13.23-3.69.1 * postgresql13-debugsource-13.23-3.69.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch) * postgresql13-docs-13.23-3.69.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (ppc64le s390x x86_64) * postgresql13-server-devel-13.23-3.69.1 * postgresql13-server-devel-debuginfo-13.23-3.69.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * postgresql13-server-devel-debuginfo-13.23-3.69.1 * postgresql13-13.23-3.69.1 * postgresql13-contrib-13.23-3.69.1 * postgresql13-devel-13.23-3.69.1 * postgresql13-plperl-13.23-3.69.1 * postgresql13-server-13.23-3.69.1 * postgresql13-server-debuginfo-13.23-3.69.1 * postgresql13-devel-debuginfo-13.23-3.69.1 * postgresql13-server-devel-13.23-3.69.1 * postgresql13-plpython-13.23-3.69.1 * postgresql13-debuginfo-13.23-3.69.1 * postgresql13-plperl-debuginfo-13.23-3.69.1 * postgresql13-contrib-debuginfo-13.23-3.69.1 * postgresql13-pltcl-13.23-3.69.1 * postgresql13-plpython-debuginfo-13.23-3.69.1 * postgresql13-pltcl-debuginfo-13.23-3.69.1 * postgresql13-debugsource-13.23-3.69.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * postgresql13-docs-13.23-3.69.1 ##References: * https://www.suse.com/security/cve/CVE-2025-12817.html * https://www.suse.com/security/cve/CVE-2025-12818.html * https://bugzilla.suse.com/show_bug.cgi?id=1253332 * https://bugzilla.suse.com/show_bug.cgi?id=1253333 . Critical update for PostgreSQL 13 on SUSE addressing important vulnerabilities. Install patches immediately to strengthen security.. SUSE Linux, PostgreSQL, Security Update, Database Vulnerability, Linux Patching. . Severity: Important. LinuxSecurity.com Team
Dec 09, 2025
•Important
SuSE
202
security advisoryimportantOpenSUSEopenSUSE: postgresql13 Important Fix for CVE-2025-12817 and CVE-2025-12818
An update that solves two vulnerabilities can now be installed.. # Security update for postgresql13 Announcement ID: SUSE-SU-2025:4325-1 Release Date: 2025-12-08T18:19:59Z Rating: important References: * bsc#1253332 * bsc#1253333 Cross-References: * CVE-2025-12817 * CVE-2025-12818 CVSS scores: * CVE-2025-12817 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-12817 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2025-12817 ( NVD ): 3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-12818 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-12818 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-12818 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.6 An update that solves two vulnerabilities can now be installed. ## Description: This update for postgresql13 fixes the following issues: Upgraded to 13.23: * CVE-2025-12817: Fixed missing check for CREATE privileges on the schema in CREATE STATISTICS (bsc#1253332) * CVE-2025-12818: Fixed integer overflow in allocation-size calculations within libpq (bsc#1253333) Other fixes: * Use %product_libs_llvm_ver to determine the LLVM version. * Remove conditionals for obsolete PostgreSQL releases. * Sync spec file from version 18. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-4325=1 SUSE-2025-4325=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * postgresql13-server-13.23-150600.14.14.1 * postgresql13-plperl-13.23-150600.14.14.1 * postgresql13-devel-debuginfo-13.23-150600.14.14.1 * postgresql13-debuginfo-13.23-150600.14.14.1 *postgresql13-server-debuginfo-13.23-150600.14.14.1 * postgresql13-contrib-debuginfo-13.23-150600.14.14.1 * postgresql13-llvmjit-13.23-150600.14.14.1 * postgresql13-llvmjit-devel-13.23-150600.14.14.1 * postgresql13-pltcl-debuginfo-13.23-150600.14.14.1 * postgresql13-plpython-13.23-150600.14.14.1 * postgresql13-server-devel-debuginfo-13.23-150600.14.14.1 * postgresql13-plpython-debuginfo-13.23-150600.14.14.1 * postgresql13-llvmjit-debuginfo-13.23-150600.14.14.1 * postgresql13-devel-13.23-150600.14.14.1 * postgresql13-13.23-150600.14.14.1 * postgresql13-test-13.23-150600.14.14.1 * postgresql13-contrib-13.23-150600.14.14.1 * postgresql13-pltcl-13.23-150600.14.14.1 * postgresql13-server-devel-13.23-150600.14.14.1 * postgresql13-plperl-debuginfo-13.23-150600.14.14.1 * postgresql13-debugsource-13.23-150600.14.14.1 * openSUSE Leap 15.6 (noarch) * postgresql13-docs-13.23-150600.14.14.1 ## References: * https://www.suse.com/security/cve/CVE-2025-12817.html * https://www.suse.com/security/cve/CVE-2025-12818.html * https://bugzilla.suse.com/show_bug.cgi?id=1253332 * https://bugzilla.suse.com/show_bug.cgi?id=1253333 . An important security advisory for openSUSE addresses two critical vulnerabilities in postgresql13. Update promptly.. openSUSE security advisory, postgresql13 vulnerabilities, important update. . Severity: Important. LinuxSecurity.com Team
Dec 09, 2025
•Important
OpenSUSE
100
security advisoryaccess controlimportantopenSUSE Leap 15.6: PostgreSQL 13 Critical Access Control Vulnerabilities
* bsc#1253332 * bsc#1253333 Cross-References: * CVE-2025-12817 . # Security update for postgresql13 Announcement ID: SUSE-SU-2025:4325-1 Release Date: 2025-12-08T18:19:59Z Rating: important References: * bsc#1253332 * bsc#1253333 Cross-References: * CVE-2025-12817 * CVE-2025-12818 CVSS scores: * CVE-2025-12817 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-12817 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2025-12817 ( NVD ): 3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-12818 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-12818 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-12818 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.6 An update that solves two vulnerabilities can now be installed. ## Description: This update for postgresql13 fixes the following issues: Upgraded to 13.23: * CVE-2025-12817: Fixed missing check for CREATE privileges on the schema in CREATE STATISTICS (bsc#1253332) * CVE-2025-12818: Fixed integer overflow in allocation-size calculations within libpq (bsc#1253333) Other fixes: * Use %product_libs_llvm_ver to determine the LLVM version. * Remove conditionals for obsolete PostgreSQL releases. * Sync spec file from version 18. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-4325=1 SUSE-2025-4325=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * postgresql13-server-13.23-150600.14.14.1 * postgresql13-plperl-13.23-150600.14.14.1 * postgresql13-devel-debuginfo-13.23-150600.14.14.1 * postgresql13-debuginfo-13.23-150600.14.14.1 *postgresql13-server-debuginfo-13.23-150600.14.14.1 * postgresql13-contrib-debuginfo-13.23-150600.14.14.1 * postgresql13-llvmjit-13.23-150600.14.14.1 * postgresql13-llvmjit-devel-13.23-150600.14.14.1 * postgresql13-pltcl-debuginfo-13.23-150600.14.14.1 * postgresql13-plpython-13.23-150600.14.14.1 * postgresql13-server-devel-debuginfo-13.23-150600.14.14.1 * postgresql13-plpython-debuginfo-13.23-150600.14.14.1 * postgresql13-llvmjit-debuginfo-13.23-150600.14.14.1 * postgresql13-devel-13.23-150600.14.14.1 * postgresql13-13.23-150600.14.14.1 * postgresql13-test-13.23-150600.14.14.1 * postgresql13-contrib-13.23-150600.14.14.1 * postgresql13-pltcl-13.23-150600.14.14.1 * postgresql13-server-devel-13.23-150600.14.14.1 * postgresql13-plperl-debuginfo-13.23-150600.14.14.1 * postgresql13-debugsource-13.23-150600.14.14.1 * openSUSE Leap 15.6 (noarch) * postgresql13-docs-13.23-150600.14.14.1 ## References: * https://www.suse.com/security/cve/CVE-2025-12817.html * https://www.suse.com/security/cve/CVE-2025-12818.html * https://bugzilla.suse.com/show_bug.cgi?id=1253332 * https://bugzilla.suse.com/show_bug.cgi?id=1253333 . This advisory details crucial updates for postgresql13 addressing multiple vulnerabilities in openSUSE.. postgresql13 openSUSE update security fix important issues. . Severity: Important. LinuxSecurity.com Team
Dec 09, 2025
•Important
SuSE
100
security advisoryremote code executionimportantSUSE: PostgreSQL13 Important Security Update CVE-2025-8713 DoS 2025:02994-1
* bsc#1248119 * bsc#1248120 * bsc#1248122 Cross-References: . # Security update for postgresql13 Announcement ID: SUSE-SU-2025:02994-1 Release Date: 2025-08-27T12:00:22Z Rating: important References: * bsc#1248119 * bsc#1248120 * bsc#1248122 Cross-References: * CVE-2025-8713 * CVE-2025-8714 * CVE-2025-8715 CVSS scores: * CVE-2025-8713 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-8713 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2025-8713 ( NVD ): 3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2025-8714 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-8714 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-8714 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-8715 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-8715 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-8715 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * Galera for Ericsson 15 SP5 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves three vulnerabilities can now be installed. ## Description: This update for postgresql13 fixes the following issues: Upgrade to 13.22: * CVE-2025-8713: optimizer statistics can expose sampleddata within a view, partition, or child table (bsc#1248120). * CVE-2025-8714: untrusted data inclusion in `pg_dump` lets superuser of origin server execute arbitrary code in psql client (bsc#1248122). * CVE-2025-8715: improper neutralization of newlines in `pg_dump` allows execution of arbitrary code in psql client and in restore target server (bsc#1248119). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-2994=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-2994=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-2994=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-2994=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-2994=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-2994=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-2994=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-2994=1 * Galera for Ericsson 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-ERICSSON-2025-2994=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * postgresql13-contrib-debuginfo-13.22-150200.5.75.2 * postgresql13-plperl-debuginfo-13.22-150200.5.75.2 * postgresql13-plpython-debuginfo-13.22-150200.5.75.2 * postgresql13-server-debuginfo-13.22-150200.5.75.2 *postgresql13-13.22-150200.5.75.2 * postgresql13-pltcl-13.22-150200.5.75.2 * postgresql13-contrib-13.22-150200.5.75.2 * postgresql13-debugsource-13.22-150200.5.75.2 * postgresql13-server-devel-debuginfo-13.22-150200.5.75.2 * postgresql13-devel-13.22-150200.5.75.2 * postgresql13-server-devel-13.22-150200.5.75.2 * postgresql13-server-13.22-150200.5.75.2 * postgresql13-debuginfo-13.22-150200.5.75.2 * postgresql13-devel-debuginfo-13.22-150200.5.75.2 * postgresql13-pltcl-debuginfo-13.22-150200.5.75.2 * postgresql13-plpython-13.22-150200.5.75.2 * postgresql13-plperl-13.22-150200.5.75.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * postgresql13-docs-13.22-150200.5.75.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * postgresql13-contrib-debuginfo-13.22-150200.5.75.2 * postgresql13-plperl-debuginfo-13.22-150200.5.75.2 * postgresql13-plpython-debuginfo-13.22-150200.5.75.2 * postgresql13-server-debuginfo-13.22-150200.5.75.2 * postgresql13-13.22-150200.5.75.2 * postgresql13-llvmjit-devel-13.22-150200.5.75.2 * postgresql13-pltcl-13.22-150200.5.75.2 * postgresql13-contrib-13.22-150200.5.75.2 * postgresql13-debugsource-13.22-150200.5.75.2 * postgresql13-llvmjit-debuginfo-13.22-150200.5.75.2 * postgresql13-devel-13.22-150200.5.75.2 * postgresql13-server-devel-debuginfo-13.22-150200.5.75.2 * postgresql13-server-devel-13.22-150200.5.75.2 * postgresql13-server-13.22-150200.5.75.2 * postgresql13-debuginfo-13.22-150200.5.75.2 * postgresql13-devel-debuginfo-13.22-150200.5.75.2 * postgresql13-pltcl-debuginfo-13.22-150200.5.75.2 * postgresql13-plpython-13.22-150200.5.75.2 * postgresql13-llvmjit-13.22-150200.5.75.2 * postgresql13-plperl-13.22-150200.5.75.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * postgresql13-docs-13.22-150200.5.75.2 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) *postgresql13-contrib-debuginfo-13.22-150200.5.75.2 * postgresql13-plperl-debuginfo-13.22-150200.5.75.2 * postgresql13-plpython-debuginfo-13.22-150200.5.75.2 * postgresql13-server-debuginfo-13.22-150200.5.75.2 * postgresql13-13.22-150200.5.75.2 * postgresql13-pltcl-13.22-150200.5.75.2 * postgresql13-contrib-13.22-150200.5.75.2 * postgresql13-debugsource-13.22-150200.5.75.2 * postgresql13-server-devel-debuginfo-13.22-150200.5.75.2 * postgresql13-devel-13.22-150200.5.75.2 * postgresql13-server-devel-13.22-150200.5.75.2 * postgresql13-server-13.22-150200.5.75.2 * postgresql13-debuginfo-13.22-150200.5.75.2 * postgresql13-devel-debuginfo-13.22-150200.5.75.2 * postgresql13-pltcl-debuginfo-13.22-150200.5.75.2 * postgresql13-plpython-13.22-150200.5.75.2 * postgresql13-plperl-13.22-150200.5.75.2 * SUSE Enterprise Storage 7.1 (noarch) * postgresql13-docs-13.22-150200.5.75.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * postgresql13-contrib-debuginfo-13.22-150200.5.75.2 * postgresql13-plperl-debuginfo-13.22-150200.5.75.2 * postgresql13-plpython-debuginfo-13.22-150200.5.75.2 * postgresql13-server-debuginfo-13.22-150200.5.75.2 * postgresql13-13.22-150200.5.75.2 * postgresql13-pltcl-13.22-150200.5.75.2 * postgresql13-contrib-13.22-150200.5.75.2 * postgresql13-debugsource-13.22-150200.5.75.2 * postgresql13-server-devel-debuginfo-13.22-150200.5.75.2 * postgresql13-devel-13.22-150200.5.75.2 * postgresql13-server-devel-13.22-150200.5.75.2 * postgresql13-server-13.22-150200.5.75.2 * postgresql13-debuginfo-13.22-150200.5.75.2 * postgresql13-devel-debuginfo-13.22-150200.5.75.2 * postgresql13-pltcl-debuginfo-13.22-150200.5.75.2 * postgresql13-plpython-13.22-150200.5.75.2 * postgresql13-plperl-13.22-150200.5.75.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * postgresql13-docs-13.22-150200.5.75.2 * SUSE Linux Enterprise HighPerformance Computing ESPOS 15 SP4 (aarch64 x86_64) * postgresql13-contrib-debuginfo-13.22-150200.5.75.2 * postgresql13-plperl-debuginfo-13.22-150200.5.75.2 * postgresql13-plpython-debuginfo-13.22-150200.5.75.2 * postgresql13-server-debuginfo-13.22-150200.5.75.2 * postgresql13-13.22-150200.5.75.2 * postgresql13-llvmjit-devel-13.22-150200.5.75.2 * postgresql13-pltcl-13.22-150200.5.75.2 * postgresql13-contrib-13.22-150200.5.75.2 * postgresql13-debugsource-13.22-150200.5.75.2 * postgresql13-llvmjit-debuginfo-13.22-150200.5.75.2 * postgresql13-devel-13.22-150200.5.75.2 * postgresql13-server-devel-debuginfo-13.22-150200.5.75.2 * postgresql13-server-devel-13.22-150200.5.75.2 * postgresql13-server-13.22-150200.5.75.2 * postgresql13-debuginfo-13.22-150200.5.75.2 * postgresql13-devel-debuginfo-13.22-150200.5.75.2 * postgresql13-pltcl-debuginfo-13.22-150200.5.75.2 * postgresql13-plpython-13.22-150200.5.75.2 * postgresql13-llvmjit-13.22-150200.5.75.2 * postgresql13-plperl-13.22-150200.5.75.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * postgresql13-docs-13.22-150200.5.75.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * postgresql13-contrib-debuginfo-13.22-150200.5.75.2 * postgresql13-plperl-debuginfo-13.22-150200.5.75.2 * postgresql13-plpython-debuginfo-13.22-150200.5.75.2 * postgresql13-server-debuginfo-13.22-150200.5.75.2 * postgresql13-13.22-150200.5.75.2 * postgresql13-llvmjit-devel-13.22-150200.5.75.2 * postgresql13-pltcl-13.22-150200.5.75.2 * postgresql13-contrib-13.22-150200.5.75.2 * postgresql13-debugsource-13.22-150200.5.75.2 * postgresql13-llvmjit-debuginfo-13.22-150200.5.75.2 * postgresql13-devel-13.22-150200.5.75.2 * postgresql13-server-devel-debuginfo-13.22-150200.5.75.2 * postgresql13-server-devel-13.22-150200.5.75.2 * postgresql13-server-13.22-150200.5.75.2 *postgresql13-debuginfo-13.22-150200.5.75.2 * postgresql13-devel-debuginfo-13.22-150200.5.75.2 * postgresql13-pltcl-debuginfo-13.22-150200.5.75.2 * postgresql13-plpython-13.22-150200.5.75.2 * postgresql13-llvmjit-13.22-150200.5.75.2 * postgresql13-plperl-13.22-150200.5.75.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * postgresql13-docs-13.22-150200.5.75.2 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * postgresql13-contrib-debuginfo-13.22-150200.5.75.2 * postgresql13-plperl-debuginfo-13.22-150200.5.75.2 * postgresql13-plpython-debuginfo-13.22-150200.5.75.2 * postgresql13-server-debuginfo-13.22-150200.5.75.2 * postgresql13-13.22-150200.5.75.2 * postgresql13-pltcl-13.22-150200.5.75.2 * postgresql13-contrib-13.22-150200.5.75.2 * postgresql13-debugsource-13.22-150200.5.75.2 * postgresql13-server-devel-debuginfo-13.22-150200.5.75.2 * postgresql13-devel-13.22-150200.5.75.2 * postgresql13-server-devel-13.22-150200.5.75.2 * postgresql13-server-13.22-150200.5.75.2 * postgresql13-debuginfo-13.22-150200.5.75.2 * postgresql13-devel-debuginfo-13.22-150200.5.75.2 * postgresql13-pltcl-debuginfo-13.22-150200.5.75.2 * postgresql13-plpython-13.22-150200.5.75.2 * postgresql13-plperl-13.22-150200.5.75.2 * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch) * postgresql13-docs-13.22-150200.5.75.2 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * postgresql13-contrib-debuginfo-13.22-150200.5.75.2 * postgresql13-plperl-debuginfo-13.22-150200.5.75.2 * postgresql13-plpython-debuginfo-13.22-150200.5.75.2 * postgresql13-server-debuginfo-13.22-150200.5.75.2 * postgresql13-13.22-150200.5.75.2 * postgresql13-llvmjit-devel-13.22-150200.5.75.2 * postgresql13-pltcl-13.22-150200.5.75.2 * postgresql13-contrib-13.22-150200.5.75.2 * postgresql13-debugsource-13.22-150200.5.75.2 *postgresql13-llvmjit-debuginfo-13.22-150200.5.75.2 * postgresql13-devel-13.22-150200.5.75.2 * postgresql13-server-devel-debuginfo-13.22-150200.5.75.2 * postgresql13-server-devel-13.22-150200.5.75.2 * postgresql13-server-13.22-150200.5.75.2 * postgresql13-debuginfo-13.22-150200.5.75.2 * postgresql13-devel-debuginfo-13.22-150200.5.75.2 * postgresql13-pltcl-debuginfo-13.22-150200.5.75.2 * postgresql13-plpython-13.22-150200.5.75.2 * postgresql13-llvmjit-13.22-150200.5.75.2 * postgresql13-plperl-13.22-150200.5.75.2 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * postgresql13-docs-13.22-150200.5.75.2 * Galera for Ericsson 15 SP5 (x86_64) * postgresql13-contrib-debuginfo-13.22-150200.5.75.2 * postgresql13-plperl-debuginfo-13.22-150200.5.75.2 * postgresql13-plpython-debuginfo-13.22-150200.5.75.2 * postgresql13-server-debuginfo-13.22-150200.5.75.2 * postgresql13-13.22-150200.5.75.2 * postgresql13-pltcl-13.22-150200.5.75.2 * postgresql13-contrib-13.22-150200.5.75.2 * postgresql13-debugsource-13.22-150200.5.75.2 * postgresql13-server-devel-debuginfo-13.22-150200.5.75.2 * postgresql13-devel-13.22-150200.5.75.2 * postgresql13-server-devel-13.22-150200.5.75.2 * postgresql13-server-13.22-150200.5.75.2 * postgresql13-debuginfo-13.22-150200.5.75.2 * postgresql13-devel-debuginfo-13.22-150200.5.75.2 * postgresql13-pltcl-debuginfo-13.22-150200.5.75.2 * postgresql13-plpython-13.22-150200.5.75.2 * postgresql13-plperl-13.22-150200.5.75.2 * Galera for Ericsson 15 SP5 (noarch) * postgresql13-docs-13.22-150200.5.75.2 ## References: * https://www.suse.com/security/cve/CVE-2025-8713.html * https://www.suse.com/security/cve/CVE-2025-8714.html * https://www.suse.com/security/cve/CVE-2025-8715.html * https://bugzilla.suse.com/show_bug.cgi?id=1248119 * https://bugzilla.suse.com/show_bug.cgi?id=1248120 * https://bugzilla.suse.com/show_bug.cgi?id=1248122 . Tackling critical weaknesses in postgresql13through recent enhancements to maintain system reliability and safeguard against threats.. postgresql13 update, security advisory SUSE, system patching, CVE mitigation, important security update. . Severity: Important. LinuxSecurity.com Team
Aug 27, 2025
•Important
SuSE
100
security advisorySuSEcode executionSUSE PostgreSQL 13 Important Update for Code Execution Risks 2025:03003-1
* bsc#1248119 * bsc#1248120 * bsc#1248122 Cross-References: . # Security update for postgresql13 Announcement ID: SUSE-SU-2025:03003-1 Release Date: 2025-08-27T13:42:36Z Rating: important References: * bsc#1248119 * bsc#1248120 * bsc#1248122 Cross-References: * CVE-2025-8713 * CVE-2025-8714 * CVE-2025-8715 CVSS scores: * CVE-2025-8713 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-8713 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2025-8713 ( NVD ): 3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2025-8714 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-8714 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-8714 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-8715 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-8715 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-8715 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for postgresql13 fixes the following issues: Upgrade to 13.22: * CVE-2025-8713: optimizer statistics can expose sampled data within a view, partition, or child table (bsc#1248120). * CVE-2025-8714: untrusted data inclusion in `pg_dump` lets superuser of origin server execute arbitrary code in psql client (bsc#1248122). * CVE-2025-8715: improper neutralization of newlines in `pg_dump` allows execution of arbitrary code in psql client and in restore target server (bsc#1248119). ## PatchInstructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-3003=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-3003=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * postgresql13-server-debuginfo-13.22-3.66.1 * postgresql13-13.22-3.66.1 * postgresql13-devel-13.22-3.66.1 * postgresql13-pltcl-debuginfo-13.22-3.66.1 * postgresql13-plpython-13.22-3.66.1 * postgresql13-plpython-debuginfo-13.22-3.66.1 * postgresql13-pltcl-13.22-3.66.1 * postgresql13-plperl-debuginfo-13.22-3.66.1 * postgresql13-devel-debuginfo-13.22-3.66.1 * postgresql13-contrib-13.22-3.66.1 * postgresql13-plperl-13.22-3.66.1 * postgresql13-server-13.22-3.66.1 * postgresql13-debuginfo-13.22-3.66.1 * postgresql13-contrib-debuginfo-13.22-3.66.1 * postgresql13-debugsource-13.22-3.66.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch) * postgresql13-docs-13.22-3.66.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (ppc64le s390x x86_64) * postgresql13-server-devel-13.22-3.66.1 * postgresql13-server-devel-debuginfo-13.22-3.66.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * postgresql13-server-debuginfo-13.22-3.66.1 * postgresql13-13.22-3.66.1 * postgresql13-devel-13.22-3.66.1 * postgresql13-pltcl-debuginfo-13.22-3.66.1 * postgresql13-plpython-13.22-3.66.1 * postgresql13-server-devel-debuginfo-13.22-3.66.1 * postgresql13-plpython-debuginfo-13.22-3.66.1 * postgresql13-pltcl-13.22-3.66.1 * postgresql13-plperl-debuginfo-13.22-3.66.1 * postgresql13-devel-debuginfo-13.22-3.66.1 * postgresql13-contrib-13.22-3.66.1 *postgresql13-plperl-13.22-3.66.1 * postgresql13-server-13.22-3.66.1 * postgresql13-debuginfo-13.22-3.66.1 * postgresql13-server-devel-13.22-3.66.1 * postgresql13-contrib-debuginfo-13.22-3.66.1 * postgresql13-debugsource-13.22-3.66.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * postgresql13-docs-13.22-3.66.1 ## References: * https://www.suse.com/security/cve/CVE-2025-8713.html * https://www.suse.com/security/cve/CVE-2025-8714.html * https://www.suse.com/security/cve/CVE-2025-8715.html * https://bugzilla.suse.com/show_bug.cgi?id=1248119 * https://bugzilla.suse.com/show_bug.cgi?id=1248120 * https://bugzilla.suse.com/show_bug.cgi?id=1248122 . The latest PostgreSQL update for SUSE deals with significant vulnerabilities concerning data protection and stability, offering essential fixes for users.. SUSE PostgreSQL Server Update Important Risk. . Severity: Important. LinuxSecurity.com Team
Aug 27, 2025
•Important
SuSE
202
security advisoryimportantarbitrary codeopenSUSE Leap 15.6: postgresql13 Important Security Issues 2025:02842-1
An update that solves three vulnerabilities can now be installed.. # Security update for postgresql13 Announcement ID: SUSE-SU-2025:02842-1 Release Date: 2025-08-18T12:33:33Z Rating: important References: * bsc#1248119 * bsc#1248120 * bsc#1248122 Cross-References: * CVE-2025-8713 * CVE-2025-8714 * CVE-2025-8715 CVSS scores: * CVE-2025-8713 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-8713 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2025-8713 ( NVD ): 3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2025-8714 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-8714 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-8714 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-8715 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-8715 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-8715 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 An update that solves three vulnerabilities can now be installed. ## Description: This update for postgresql13 fixes the following issues: Upgrade to 13.22: * CVE-2025-8713: optimizer statistics can expose sampled data within a view, partition, or child table (bsc#1248120). * CVE-2025-8714: untrusted data inclusion in `pg_dump` lets superuser of origin server execute arbitrary code in psql client (bsc#1248122). * CVE-2025-8715: improper neutralization of newlines in `pg_dump` allows execution of arbitrary code in psql client and in restore target server (bsc#1248119). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patchSUSE-2025-2842=1 openSUSE-SLE-15.6-2025-2842=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * postgresql13-plpython-debuginfo-13.22-150600.14.11.1 * postgresql13-13.22-150600.14.11.1 * postgresql13-contrib-13.22-150600.14.11.1 * postgresql13-llvmjit-devel-13.22-150600.14.11.1 * postgresql13-pltcl-debuginfo-13.22-150600.14.11.1 * postgresql13-debugsource-13.22-150600.14.11.1 * postgresql13-server-devel-debuginfo-13.22-150600.14.11.1 * postgresql13-devel-13.22-150600.14.11.1 * postgresql13-test-13.22-150600.14.11.1 * postgresql13-llvmjit-debuginfo-13.22-150600.14.11.1 * postgresql13-pltcl-13.22-150600.14.11.1 * postgresql13-plperl-13.22-150600.14.11.1 * postgresql13-server-devel-13.22-150600.14.11.1 * postgresql13-server-debuginfo-13.22-150600.14.11.1 * postgresql13-server-13.22-150600.14.11.1 * postgresql13-llvmjit-13.22-150600.14.11.1 * postgresql13-debuginfo-13.22-150600.14.11.1 * postgresql13-contrib-debuginfo-13.22-150600.14.11.1 * postgresql13-plperl-debuginfo-13.22-150600.14.11.1 * postgresql13-devel-debuginfo-13.22-150600.14.11.1 * postgresql13-plpython-13.22-150600.14.11.1 * openSUSE Leap 15.6 (noarch) * postgresql13-docs-13.22-150600.14.11.1 ## References: * https://www.suse.com/security/cve/CVE-2025-8713.html * https://www.suse.com/security/cve/CVE-2025-8714.html * https://www.suse.com/security/cve/CVE-2025-8715.html * https://bugzilla.suse.com/show_bug.cgi?id=1248119 * https://bugzilla.suse.com/show_bug.cgi?id=1248120 * https://bugzilla.suse.com/show_bug.cgi?id=1248122 . An enhancement for postgresql13 on openSUSE has been released to tackle severe vulnerabilities, thereby safeguarding data fidelity and operational security.. postgresql13, important update, security fix, openSUSE Leap, CVE references. . Severity: Important. LinuxSecurity.com Team
Aug 18, 2025
•Important
OpenSUSE
100
security advisorycode executionimportantopenSUSE: postgresql13 Important Code Execution Risks CVE-2025-8713-8715
* bsc#1248119 * bsc#1248120 * bsc#1248122 Cross-References: . # Security update for postgresql13 Announcement ID: SUSE-SU-2025:02842-1 Release Date: 2025-08-18T12:33:33Z Rating: important References: * bsc#1248119 * bsc#1248120 * bsc#1248122 Cross-References: * CVE-2025-8713 * CVE-2025-8714 * CVE-2025-8715 CVSS scores: * CVE-2025-8713 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-8713 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2025-8713 ( NVD ): 3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2025-8714 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-8714 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-8714 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-8715 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-8715 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-8715 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 An update that solves three vulnerabilities can now be installed. ## Description: This update for postgresql13 fixes the following issues: Upgrade to 13.22: * CVE-2025-8713: optimizer statistics can expose sampled data within a view, partition, or child table (bsc#1248120). * CVE-2025-8714: untrusted data inclusion in `pg_dump` lets superuser of origin server execute arbitrary code in psql client (bsc#1248122). * CVE-2025-8715: improper neutralization of newlines in `pg_dump` allows execution of arbitrary code in psql client and in restore target server (bsc#1248119). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patchSUSE-2025-2842=1 openSUSE-SLE-15.6-2025-2842=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * postgresql13-plpython-debuginfo-13.22-150600.14.11.1 * postgresql13-13.22-150600.14.11.1 * postgresql13-contrib-13.22-150600.14.11.1 * postgresql13-llvmjit-devel-13.22-150600.14.11.1 * postgresql13-pltcl-debuginfo-13.22-150600.14.11.1 * postgresql13-debugsource-13.22-150600.14.11.1 * postgresql13-server-devel-debuginfo-13.22-150600.14.11.1 * postgresql13-devel-13.22-150600.14.11.1 * postgresql13-test-13.22-150600.14.11.1 * postgresql13-llvmjit-debuginfo-13.22-150600.14.11.1 * postgresql13-pltcl-13.22-150600.14.11.1 * postgresql13-plperl-13.22-150600.14.11.1 * postgresql13-server-devel-13.22-150600.14.11.1 * postgresql13-server-debuginfo-13.22-150600.14.11.1 * postgresql13-server-13.22-150600.14.11.1 * postgresql13-llvmjit-13.22-150600.14.11.1 * postgresql13-debuginfo-13.22-150600.14.11.1 * postgresql13-contrib-debuginfo-13.22-150600.14.11.1 * postgresql13-plperl-debuginfo-13.22-150600.14.11.1 * postgresql13-devel-debuginfo-13.22-150600.14.11.1 * postgresql13-plpython-13.22-150600.14.11.1 * openSUSE Leap 15.6 (noarch) * postgresql13-docs-13.22-150600.14.11.1 ## References: * https://www.suse.com/security/cve/CVE-2025-8713.html * https://www.suse.com/security/cve/CVE-2025-8714.html * https://www.suse.com/security/cve/CVE-2025-8715.html * https://bugzilla.suse.com/show_bug.cgi?id=1248119 * https://bugzilla.suse.com/show_bug.cgi?id=1248120 * https://bugzilla.suse.com/show_bug.cgi?id=1248122 . This enhancement for postgresql13 addresses significant security vulnerabilities that pose a risk to openSUSE environments.. postgresql13 security code execution important update. . Severity: Important. LinuxSecurity.com Team
Aug 18, 2025
•Important
SuSE
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!