Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 11 articles for you...
202
security advisorybuffer overflowsecurity fixopenSUSE PostgreSQL 17 Important Security Fix Advisory 2026-1943-1
An update that solves 10 vulnerabilities, contains one feature and has two security fixes can now be installed.. # Security update for postgresql17 Announcement ID: SUSE-SU-2026:1943-1 Release Date: 2026-05-18T07:46:58Z Rating: important References: * bsc#1245875 * bsc#1263804 * bsc#1265172 * bsc#1265173 * bsc#1265174 * bsc#1265175 * bsc#1265176 * bsc#1265177 * bsc#1265178 * bsc#1265179 * bsc#1265181 * bsc#1265182 * jsc#PED-14825 Cross-References: * CVE-2026-6472 * CVE-2026-6473 * CVE-2026-6474 * CVE-2026-6475 * CVE-2026-6476 * CVE-2026-6477 * CVE-2026-6478 * CVE-2026-6479 * CVE-2026-6637 * CVE-2026-6638 CVSS scores: * CVE-2026-6472 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2026-6472 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2026-6473 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-6473 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-6474 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2026-6474 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2026-6475 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-6475 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-6476 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-6476 ( NVD ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-6477 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-6477 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-6478 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2026-6478 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2026-6479 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-6479 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-6637 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-6637 ( NVD ): 8.8CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-6638 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N * CVE-2026-6638 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N Affected Products: * Basesystem Module 15-SP7 * openSUSE Leap 15.6 * Server Applications Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Package Hub 15 15-SP7 An update that solves 10 vulnerabilities, contains one feature and has two security fixes can now be installed. ## Description: This update for postgresql17 fixes the following issues Update to version 17.10. Security issues: * CVE-2026-6472: ensure the user has CREATE privilege on the schema specified (bsc#1265172). * CVE-2026-6473: integer overflows in memory-allocation calculations (bsc#1265173). * CVE-2026-6474: Guard against malicious time zone names (bsc#1265174). * CVE-2026-6475: Prevent path traversal in pg_basebackup and pg_rewind (bsc#1265175). * CVE-2026-6476: Properly quote subscription names in pg_createsubscriber (bsc#1265176). * CVE-2026-6477: Mark PQfn() as unsafe, and avoid using it within libpq (bsc#1265177). * CVE-2026-6478: Use timing-safe string comparisons in authentication code (bsc#1265178). * CVE-2026-6479: Prevent unbounded recursion while processing startup packets (bsc#1265179). * CVE-2026-6637: Prevent SQL injection and buffer overruns in contrib/spi (bsc#1265181). * CVE-2026-6638: Properly quote object names in logical replication origin checks (bsc#1265182). Non security issue: * Get rid of update-alternatives for openSUSE/SLE 16.0 and newer to support immutable systems and transactional updates (jsc#PED-14825 bsc#1245875). */usr/bin/pg_config is missing after migrating away from update-alternatives (bsc#1263804). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-1943=1 * Server Applications Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP7-2026-1943=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-1943=1 * SUSE Package Hub 15 15-SP7 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-1943=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-1943=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-1943=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * postgresql17-debugsource-17.10-150600.13.27.1 * postgresql17-contrib-17.10-150600.13.27.1 * postgresql17-pltcl-17.10-150600.13.27.1 * postgresql17-test-17.10-150600.13.27.1 * postgresql17-llvmjit-devel-17.10-150600.13.27.1 * postgresql17-plpython-17.10-150600.13.27.1 * postgresql17-plperl-17.10-150600.13.27.1 * postgresql17-server-17.10-150600.13.27.1 * postgresql17-server-devel-debuginfo-17.10-150600.13.27.1 * postgresql17-server-devel-17.10-150600.13.27.1 * postgresql17-llvmjit-debuginfo-17.10-150600.13.27.1 * postgresql17-debuginfo-17.10-150600.13.27.1 * postgresql17-plpython-debuginfo-17.10-150600.13.27.1 * postgresql17-server-debuginfo-17.10-150600.13.27.1 * postgresql17-pltcl-debuginfo-17.10-150600.13.27.1 * postgresql17-17.10-150600.13.27.1 * postgresql17-contrib-debuginfo-17.10-150600.13.27.1 * postgresql17-devel-debuginfo-17.10-150600.13.27.1 * postgresql17-llvmjit-17.10-150600.13.27.1 *postgresql17-plperl-debuginfo-17.10-150600.13.27.1 * postgresql17-devel-17.10-150600.13.27.1 * openSUSE Leap 15.6 (noarch) * postgresql17-docs-17.10-150600.13.27.1 * Server Applications Module 15-SP7 (aarch64 ppc64le s390x x86_64) * postgresql17-contrib-debuginfo-17.10-150600.13.27.1 * postgresql17-debugsource-17.10-150600.13.27.1 * postgresql17-server-devel-17.10-150600.13.27.1 * postgresql17-devel-debuginfo-17.10-150600.13.27.1 * postgresql17-plpython-17.10-150600.13.27.1 * postgresql17-debuginfo-17.10-150600.13.27.1 * postgresql17-plpython-debuginfo-17.10-150600.13.27.1 * postgresql17-plperl-17.10-150600.13.27.1 * postgresql17-server-17.10-150600.13.27.1 * postgresql17-plperl-debuginfo-17.10-150600.13.27.1 * postgresql17-server-debuginfo-17.10-150600.13.27.1 * postgresql17-pltcl-17.10-150600.13.27.1 * postgresql17-contrib-17.10-150600.13.27.1 * postgresql17-server-devel-debuginfo-17.10-150600.13.27.1 * postgresql17-devel-17.10-150600.13.27.1 * postgresql17-pltcl-debuginfo-17.10-150600.13.27.1 * Server Applications Module 15-SP7 (noarch) * postgresql17-docs-17.10-150600.13.27.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * postgresql17-debuginfo-17.10-150600.13.27.1 * postgresql17-17.10-150600.13.27.1 * postgresql17-debugsource-17.10-150600.13.27.1 * SUSE Package Hub 15 15-SP7 (aarch64 ppc64le s390x x86_64) * postgresql17-debugsource-17.10-150600.13.27.1 * postgresql17-llvmjit-devel-17.10-150600.13.27.1 * postgresql17-debuginfo-17.10-150600.13.27.1 * postgresql17-llvmjit-17.10-150600.13.27.1 * postgresql17-test-17.10-150600.13.27.1 * postgresql17-llvmjit-debuginfo-17.10-150600.13.27.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64) * postgresql17-contrib-debuginfo-17.10-150600.13.27.1 * postgresql17-debugsource-17.10-150600.13.27.1 * postgresql17-server-devel-17.10-150600.13.27.1 * postgresql17-devel-debuginfo-17.10-150600.13.27.1 * postgresql17-plpython-17.10-150600.13.27.1 * postgresql17-debuginfo-17.10-150600.13.27.1 * postgresql17-plperl-17.10-150600.13.27.1 * postgresql17-plpython-debuginfo-17.10-150600.13.27.1 * postgresql17-server-17.10-150600.13.27.1 * postgresql17-plperl-debuginfo-17.10-150600.13.27.1 * postgresql17-contrib-17.10-150600.13.27.1 * postgresql17-pltcl-17.10-150600.13.27.1 * postgresql17-server-debuginfo-17.10-150600.13.27.1 * postgresql17-server-devel-debuginfo-17.10-150600.13.27.1 * postgresql17-devel-17.10-150600.13.27.1 * postgresql17-pltcl-debuginfo-17.10-150600.13.27.1 * postgresql17-17.10-150600.13.27.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (noarch) * postgresql17-docs-17.10-150600.13.27.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) * postgresql17-contrib-debuginfo-17.10-150600.13.27.1 * postgresql17-debugsource-17.10-150600.13.27.1 * postgresql17-server-devel-17.10-150600.13.27.1 * postgresql17-devel-debuginfo-17.10-150600.13.27.1 * postgresql17-plpython-17.10-150600.13.27.1 * postgresql17-debuginfo-17.10-150600.13.27.1 * postgresql17-plperl-17.10-150600.13.27.1 * postgresql17-plpython-debuginfo-17.10-150600.13.27.1 * postgresql17-server-17.10-150600.13.27.1 * postgresql17-plperl-debuginfo-17.10-150600.13.27.1 * postgresql17-contrib-17.10-150600.13.27.1 * postgresql17-pltcl-17.10-150600.13.27.1 * postgresql17-server-debuginfo-17.10-150600.13.27.1 * postgresql17-server-devel-debuginfo-17.10-150600.13.27.1 * postgresql17-devel-17.10-150600.13.27.1 * postgresql17-pltcl-debuginfo-17.10-150600.13.27.1 * postgresql17-17.10-150600.13.27.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (noarch) * postgresql17-docs-17.10-150600.13.27.1 ## References: * https://www.suse.com/security/cve/CVE-2026-6472.html * https://www.suse.com/security/cve/CVE-2026-6473.html * https://www.suse.com/security/cve/CVE-2026-6474.html *https://www.suse.com/security/cve/CVE-2026-6475.html * https://www.suse.com/security/cve/CVE-2026-6476.html * https://www.suse.com/security/cve/CVE-2026-6477.html * https://www.suse.com/security/cve/CVE-2026-6478.html * https://www.suse.com/security/cve/CVE-2026-6479.html * https://www.suse.com/security/cve/CVE-2026-6637.html * https://www.suse.com/security/cve/CVE-2026-6638.html * https://bugzilla.suse.com/show_bug.cgi?id=1245875 * https://bugzilla.suse.com/show_bug.cgi?id=1263804 * https://bugzilla.suse.com/show_bug.cgi?id=1265172 * https://bugzilla.suse.com/show_bug.cgi?id=1265173 * https://bugzilla.suse.com/show_bug.cgi?id=1265174 * https://bugzilla.suse.com/show_bug.cgi?id=1265175 * https://bugzilla.suse.com/show_bug.cgi?id=1265176 * https://bugzilla.suse.com/show_bug.cgi?id=1265177 * https://bugzilla.suse.com/show_bug.cgi?id=1265178 * https://bugzilla.suse.com/show_bug.cgi?id=1265179 * https://bugzilla.suse.com/show_bug.cgi?id=1265181 * https://bugzilla.suse.com/show_bug.cgi?id=1265182 * https://jira.suse.com/browse/PED-14825 . Important security update for openSUSE PostgreSQL 17 fixing 10 issues. Install now to enhance security.. PostgreSQL Update, SUSE Patch, Linux Security, OpenSUSE Advisory, Security Fixes. . Severity: Important. LinuxSecurity.com Team
May 18, 2026
•Important
OpenSUSE
202
security advisorybuffer overrunimportantopenSUSE Leap 16.0 PostgreSQL17 Important Security Update 2026-20388-1
An update that solves 4 vulnerabilities and has 5 bug fixes can now be installed.. openSUSE security update: security update for postgresql17 ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20388-1 Rating: important References: * bsc#1258008 * bsc#1258009 * bsc#1258010 * bsc#1258011 * bsc#1258754 Cross-References: * CVE-2026-2003 * CVE-2026-2004 * CVE-2026-2005 * CVE-2026-2006 CVSS scores: * CVE-2026-2003 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2026-2004 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-2005 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-2006 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: openSUSE Leap 16.0 ------------------------------------------------------------- An update that solves 4 vulnerabilities and has 5 bug fixes can now be installed. Description: This update for postgresql17 fixes the following issues: - Update to version 17.9. (bsc#1258754) - CVE-2026-2003: Guard against unexpected dimensions of oidvector/int2vector (bsc#1258008) - CVE-2026-2004: Harden selectivity estimators against being attached to operators that accept unexpected data types. (bsc#1258009) - CVE-2026-2005: Fix buffer overrun in contrib/pgcrypto's PGP decryption functions. (bsc#1258010) - CVE-2026-2006: Fix inadequate validation of multibyte character lengths. (bsc#1258011) Patch instructions: To install this openSUSE security update use the suse recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 16.0 zypper in -t patch openSUSE-Leap-16.0-406=1 Package List: - openSUSE Leap 16.0: postgresql17-17.9-160000.1.1 postgresql17-contrib-17.9-160000.1.1 postgresql17-devel-17.9-160000.1.1 postgresql17-docs-17.9-160000.1.1 postgresql17-llvmjit-17.9-160000.1.1 postgresql17-llvmjit-devel-17.9-160000.1.1 postgresql17-plperl-17.9-160000.1.1 postgresql17-plpython-17.9-160000.1.1 postgresql17-pltcl-17.9-160000.1.1 postgresql17-server-17.9-160000.1.1 postgresql17-server-devel-17.9-160000.1.1 postgresql17-test-17.9-160000.1.1 References: * https://www.suse.com/security/cve/CVE-2026-2003.html * https://www.suse.com/security/cve/CVE-2026-2004.html * https://www.suse.com/security/cve/CVE-2026-2005.html * https://www.suse.com/security/cve/CVE-2026-2006.html . Available now are important updates for openSUSE Leap 16.0, addressing critical security issues in postgresql17.. opensuse security, postgresql17 update, important patch, database security. . Severity: Important. LinuxSecurity.com Team
Mar 25, 2026
•Important
OpenSUSE
202
security advisorybuffer overflowcode executionopenSUSE 15.6 postgresql17 Important Security Fix 2026-0883-1
An update that solves four vulnerabilities and has one security fix can now be installed.. # Security update for postgresql17 Announcement ID: SUSE-SU-2026:0883-1 Release Date: 2026-03-12T10:20:22Z Rating: important References: * bsc#1258008 * bsc#1258009 * bsc#1258010 * bsc#1258011 * bsc#1258754 Cross-References: * CVE-2026-2003 * CVE-2026-2004 * CVE-2026-2005 * CVE-2026-2006 CVSS scores: * CVE-2026-2003 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2026-2003 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2026-2004 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-2004 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-2005 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-2005 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-2006 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-2006 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP7 * openSUSE Leap 15.6 * Server Applications Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Package Hub 15 15-SP7 An update that solves four vulnerabilities and has one security fix can now be installed. ## Description: This update for postgresql17 fixes the following issues: Update to version 17.9 (bsc#1258754). Security issues fixed: * CVE-2026-2003: improper validation of type "oidvector" may allow disclose a few bytes of server memory (bsc#1258008). * CVE-2026-2004: intarray missing validation of type of input to selectivity estimator could lead to arbitrary code execution (bsc#1258009). *CVE-2026-2005: buffer overrun in contrib/pgcrypto's PGP decryption functions could lead to arbitrary code execution (bsc#1258010). * CVE-2026-2006: inadequate validation of multibyte character lengths could lead to arbitrary code execution (bsc#1258011). Regression fixes: * the substring() function raises an error "invalid byte sequence for encoding" on non-ASCII text values if the source of that value is a database column (caused by CVE-2026-2006 fix). * a standby may halt and return an error "could not access status of transaction". ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2026-883=1 SUSE-2026-883=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-883=1 * SUSE Package Hub 15 15-SP7 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-883=1 * Server Applications Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP7-2026-883=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-883=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-883=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * postgresql17-plpython-debuginfo-17.9-150600.13.24.1 * postgresql17-devel-debuginfo-17.9-150600.13.24.1 * postgresql17-contrib-debuginfo-17.9-150600.13.24.1 * postgresql17-contrib-17.9-150600.13.24.1 * postgresql17-plpython-17.9-150600.13.24.1 * postgresql17-llvmjit-17.9-150600.13.24.1 * postgresql17-debuginfo-17.9-150600.13.24.1 * postgresql17-plperl-debuginfo-17.9-150600.13.24.1 * postgresql17-server-devel-debuginfo-17.9-150600.13.24.1 *postgresql17-devel-17.9-150600.13.24.1 * postgresql17-server-devel-17.9-150600.13.24.1 * postgresql17-llvmjit-devel-17.9-150600.13.24.1 * postgresql17-debugsource-17.9-150600.13.24.1 * postgresql17-plperl-17.9-150600.13.24.1 * postgresql17-llvmjit-debuginfo-17.9-150600.13.24.1 * postgresql17-server-17.9-150600.13.24.1 * postgresql17-test-17.9-150600.13.24.1 * postgresql17-pltcl-debuginfo-17.9-150600.13.24.1 * postgresql17-17.9-150600.13.24.1 * postgresql17-server-debuginfo-17.9-150600.13.24.1 * postgresql17-pltcl-17.9-150600.13.24.1 * openSUSE Leap 15.6 (noarch) * postgresql17-docs-17.9-150600.13.24.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * postgresql17-debuginfo-17.9-150600.13.24.1 * postgresql17-debugsource-17.9-150600.13.24.1 * postgresql17-17.9-150600.13.24.1 * SUSE Package Hub 15 15-SP7 (aarch64 ppc64le s390x x86_64) * postgresql17-debuginfo-17.9-150600.13.24.1 * postgresql17-test-17.9-150600.13.24.1 * postgresql17-llvmjit-debuginfo-17.9-150600.13.24.1 * postgresql17-llvmjit-devel-17.9-150600.13.24.1 * postgresql17-debugsource-17.9-150600.13.24.1 * postgresql17-llvmjit-17.9-150600.13.24.1 * Server Applications Module 15-SP7 (aarch64 ppc64le s390x x86_64) * postgresql17-plpython-debuginfo-17.9-150600.13.24.1 * postgresql17-debuginfo-17.9-150600.13.24.1 * postgresql17-server-17.9-150600.13.24.1 * postgresql17-plperl-debuginfo-17.9-150600.13.24.1 * postgresql17-server-devel-debuginfo-17.9-150600.13.24.1 * postgresql17-devel-17.9-150600.13.24.1 * postgresql17-devel-debuginfo-17.9-150600.13.24.1 * postgresql17-pltcl-debuginfo-17.9-150600.13.24.1 * postgresql17-server-devel-17.9-150600.13.24.1 * postgresql17-server-debuginfo-17.9-150600.13.24.1 * postgresql17-pltcl-17.9-150600.13.24.1 * postgresql17-debugsource-17.9-150600.13.24.1 * postgresql17-contrib-debuginfo-17.9-150600.13.24.1 * postgresql17-contrib-17.9-150600.13.24.1 *postgresql17-plpython-17.9-150600.13.24.1 * postgresql17-plperl-17.9-150600.13.24.1 * Server Applications Module 15-SP7 (noarch) * postgresql17-docs-17.9-150600.13.24.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64) * postgresql17-plpython-debuginfo-17.9-150600.13.24.1 * postgresql17-debuginfo-17.9-150600.13.24.1 * postgresql17-server-17.9-150600.13.24.1 * postgresql17-plperl-debuginfo-17.9-150600.13.24.1 * postgresql17-server-devel-debuginfo-17.9-150600.13.24.1 * postgresql17-devel-17.9-150600.13.24.1 * postgresql17-devel-debuginfo-17.9-150600.13.24.1 * postgresql17-pltcl-debuginfo-17.9-150600.13.24.1 * postgresql17-server-devel-17.9-150600.13.24.1 * postgresql17-17.9-150600.13.24.1 * postgresql17-server-debuginfo-17.9-150600.13.24.1 * postgresql17-pltcl-17.9-150600.13.24.1 * postgresql17-debugsource-17.9-150600.13.24.1 * postgresql17-contrib-debuginfo-17.9-150600.13.24.1 * postgresql17-contrib-17.9-150600.13.24.1 * postgresql17-plpython-17.9-150600.13.24.1 * postgresql17-plperl-17.9-150600.13.24.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (noarch) * postgresql17-docs-17.9-150600.13.24.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) * postgresql17-plpython-debuginfo-17.9-150600.13.24.1 * postgresql17-debuginfo-17.9-150600.13.24.1 * postgresql17-server-17.9-150600.13.24.1 * postgresql17-plperl-debuginfo-17.9-150600.13.24.1 * postgresql17-server-devel-debuginfo-17.9-150600.13.24.1 * postgresql17-devel-17.9-150600.13.24.1 * postgresql17-devel-debuginfo-17.9-150600.13.24.1 * postgresql17-pltcl-debuginfo-17.9-150600.13.24.1 * postgresql17-server-devel-17.9-150600.13.24.1 * postgresql17-17.9-150600.13.24.1 * postgresql17-server-debuginfo-17.9-150600.13.24.1 * postgresql17-pltcl-17.9-150600.13.24.1 * postgresql17-debugsource-17.9-150600.13.24.1 * postgresql17-contrib-debuginfo-17.9-150600.13.24.1 *postgresql17-contrib-17.9-150600.13.24.1 * postgresql17-plpython-17.9-150600.13.24.1 * postgresql17-plperl-17.9-150600.13.24.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (noarch) * postgresql17-docs-17.9-150600.13.24.1 ## References: * https://www.suse.com/security/cve/CVE-2026-2003.html * https://www.suse.com/security/cve/CVE-2026-2004.html * https://www.suse.com/security/cve/CVE-2026-2005.html * https://www.suse.com/security/cve/CVE-2026-2006.html * https://bugzilla.suse.com/show_bug.cgi?id=1258008 * https://bugzilla.suse.com/show_bug.cgi?id=1258009 * https://bugzilla.suse.com/show_bug.cgi?id=1258010 * https://bugzilla.suse.com/show_bug.cgi?id=1258011 * https://bugzilla.suse.com/show_bug.cgi?id=1258754 . This important update for openSUSE fixes four issues in postgresql17, enhancing system security and stability.. patch installation, software vulnerabilities, system security updates. . Severity: Important. LinuxSecurity.com Team
Mar 12, 2026
•Important
OpenSUSE
100
security advisorySuSEarbitrary code executionSUSE postgresql17 Important Security Fix 2026-0883-1 CVE-2026-2004
An update that solves four vulnerabilities and has one security fix can now be installed.. # Security update for postgresql17 Announcement ID: SUSE-SU-2026:0883-1 Release Date: 2026-03-12T10:20:22Z Rating: important References: * bsc#1258008 * bsc#1258009 * bsc#1258010 * bsc#1258011 * bsc#1258754 Cross-References: * CVE-2026-2003 * CVE-2026-2004 * CVE-2026-2005 * CVE-2026-2006 CVSS scores: * CVE-2026-2003 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2026-2003 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2026-2004 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-2004 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-2005 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-2005 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-2006 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-2006 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP7 * openSUSE Leap 15.6 * Server Applications Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Package Hub 15 15-SP7 An update that solves four vulnerabilities and has one security fix can now be installed. ## Description: This update for postgresql17 fixes the following issues: Update to version 17.9 (bsc#1258754). Security issues fixed: * CVE-2026-2003: improper validation of type "oidvector" may allow disclose a few bytes of server memory (bsc#1258008). * CVE-2026-2004: intarray missing validation of type of input to selectivity estimator could lead to arbitrary code execution (bsc#1258009). *CVE-2026-2005: buffer overrun in contrib/pgcrypto's PGP decryption functions could lead to arbitrary code execution (bsc#1258010). * CVE-2026-2006: inadequate validation of multibyte character lengths could lead to arbitrary code execution (bsc#1258011). Regression fixes: * the substring() function raises an error "invalid byte sequence for encoding" on non-ASCII text values if the source of that value is a database column (caused by CVE-2026-2006 fix). * a standby may halt and return an error "could not access status of transaction". ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2026-883=1 SUSE-2026-883=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-883=1 * SUSE Package Hub 15 15-SP7 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-883=1 * Server Applications Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP7-2026-883=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-883=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-883=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * postgresql17-plpython-debuginfo-17.9-150600.13.24.1 * postgresql17-devel-debuginfo-17.9-150600.13.24.1 * postgresql17-contrib-debuginfo-17.9-150600.13.24.1 * postgresql17-contrib-17.9-150600.13.24.1 * postgresql17-plpython-17.9-150600.13.24.1 * postgresql17-llvmjit-17.9-150600.13.24.1 * postgresql17-debuginfo-17.9-150600.13.24.1 * postgresql17-plperl-debuginfo-17.9-150600.13.24.1 * postgresql17-server-devel-debuginfo-17.9-150600.13.24.1 *postgresql17-devel-17.9-150600.13.24.1 * postgresql17-server-devel-17.9-150600.13.24.1 * postgresql17-llvmjit-devel-17.9-150600.13.24.1 * postgresql17-debugsource-17.9-150600.13.24.1 * postgresql17-plperl-17.9-150600.13.24.1 * postgresql17-llvmjit-debuginfo-17.9-150600.13.24.1 * postgresql17-server-17.9-150600.13.24.1 * postgresql17-test-17.9-150600.13.24.1 * postgresql17-pltcl-debuginfo-17.9-150600.13.24.1 * postgresql17-17.9-150600.13.24.1 * postgresql17-server-debuginfo-17.9-150600.13.24.1 * postgresql17-pltcl-17.9-150600.13.24.1 * openSUSE Leap 15.6 (noarch) * postgresql17-docs-17.9-150600.13.24.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * postgresql17-debuginfo-17.9-150600.13.24.1 * postgresql17-debugsource-17.9-150600.13.24.1 * postgresql17-17.9-150600.13.24.1 * SUSE Package Hub 15 15-SP7 (aarch64 ppc64le s390x x86_64) * postgresql17-debuginfo-17.9-150600.13.24.1 * postgresql17-test-17.9-150600.13.24.1 * postgresql17-llvmjit-debuginfo-17.9-150600.13.24.1 * postgresql17-llvmjit-devel-17.9-150600.13.24.1 * postgresql17-debugsource-17.9-150600.13.24.1 * postgresql17-llvmjit-17.9-150600.13.24.1 * Server Applications Module 15-SP7 (aarch64 ppc64le s390x x86_64) * postgresql17-plpython-debuginfo-17.9-150600.13.24.1 * postgresql17-debuginfo-17.9-150600.13.24.1 * postgresql17-server-17.9-150600.13.24.1 * postgresql17-plperl-debuginfo-17.9-150600.13.24.1 * postgresql17-server-devel-debuginfo-17.9-150600.13.24.1 * postgresql17-devel-17.9-150600.13.24.1 * postgresql17-devel-debuginfo-17.9-150600.13.24.1 * postgresql17-pltcl-debuginfo-17.9-150600.13.24.1 * postgresql17-server-devel-17.9-150600.13.24.1 * postgresql17-server-debuginfo-17.9-150600.13.24.1 * postgresql17-pltcl-17.9-150600.13.24.1 * postgresql17-debugsource-17.9-150600.13.24.1 * postgresql17-contrib-debuginfo-17.9-150600.13.24.1 * postgresql17-contrib-17.9-150600.13.24.1 *postgresql17-plpython-17.9-150600.13.24.1 * postgresql17-plperl-17.9-150600.13.24.1 * Server Applications Module 15-SP7 (noarch) * postgresql17-docs-17.9-150600.13.24.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64) * postgresql17-plpython-debuginfo-17.9-150600.13.24.1 * postgresql17-debuginfo-17.9-150600.13.24.1 * postgresql17-server-17.9-150600.13.24.1 * postgresql17-plperl-debuginfo-17.9-150600.13.24.1 * postgresql17-server-devel-debuginfo-17.9-150600.13.24.1 * postgresql17-devel-17.9-150600.13.24.1 * postgresql17-devel-debuginfo-17.9-150600.13.24.1 * postgresql17-pltcl-debuginfo-17.9-150600.13.24.1 * postgresql17-server-devel-17.9-150600.13.24.1 * postgresql17-17.9-150600.13.24.1 * postgresql17-server-debuginfo-17.9-150600.13.24.1 * postgresql17-pltcl-17.9-150600.13.24.1 * postgresql17-debugsource-17.9-150600.13.24.1 * postgresql17-contrib-debuginfo-17.9-150600.13.24.1 * postgresql17-contrib-17.9-150600.13.24.1 * postgresql17-plpython-17.9-150600.13.24.1 * postgresql17-plperl-17.9-150600.13.24.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (noarch) * postgresql17-docs-17.9-150600.13.24.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) * postgresql17-plpython-debuginfo-17.9-150600.13.24.1 * postgresql17-debuginfo-17.9-150600.13.24.1 * postgresql17-server-17.9-150600.13.24.1 * postgresql17-plperl-debuginfo-17.9-150600.13.24.1 * postgresql17-server-devel-debuginfo-17.9-150600.13.24.1 * postgresql17-devel-17.9-150600.13.24.1 * postgresql17-devel-debuginfo-17.9-150600.13.24.1 * postgresql17-pltcl-debuginfo-17.9-150600.13.24.1 * postgresql17-server-devel-17.9-150600.13.24.1 * postgresql17-17.9-150600.13.24.1 * postgresql17-server-debuginfo-17.9-150600.13.24.1 * postgresql17-pltcl-17.9-150600.13.24.1 * postgresql17-debugsource-17.9-150600.13.24.1 * postgresql17-contrib-debuginfo-17.9-150600.13.24.1 *postgresql17-contrib-17.9-150600.13.24.1 * postgresql17-plpython-17.9-150600.13.24.1 * postgresql17-plperl-17.9-150600.13.24.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (noarch) * postgresql17-docs-17.9-150600.13.24.1 ## References: * https://www.suse.com/security/cve/CVE-2026-2003.html * https://www.suse.com/security/cve/CVE-2026-2004.html * https://www.suse.com/security/cve/CVE-2026-2005.html * https://www.suse.com/security/cve/CVE-2026-2006.html * https://bugzilla.suse.com/show_bug.cgi?id=1258008 * https://bugzilla.suse.com/show_bug.cgi?id=1258009 * https://bugzilla.suse.com/show_bug.cgi?id=1258010 * https://bugzilla.suse.com/show_bug.cgi?id=1258011 * https://bugzilla.suse.com/show_bug.cgi?id=1258754 . This update resolves four flaws in postgresql17 that could allow code execution vulnerabilities in SUSE systems.. postgresql17 security fix SUSE update. . Severity: Important. LinuxSecurity.com Team
Mar 12, 2026
•Important
SuSE
100
security advisorySuSEimportantSUSE 2026 Important PostgreSQL17 Security Update CVE-2026-2006
An update that solves one vulnerability and has one security fix can now be installed.. # Security update for postgresql17 Announcement ID: SUSE-SU-2026:0787-1 Release Date: 2026-03-03T14:48:35Z Rating: important References: * bsc#1258011 * bsc#1258754 Cross-References: * CVE-2026-2006 CVSS scores: * CVE-2026-2006 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-2006 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for postgresql17 fixes the following issue: Update to version 17.9 (bsc#1258754). Regression fixes: * the substring() function raises an error "invalid byte sequence for encoding" on non-ASCII text values if the source of that value is a database column (caused by CVE-2026-2006 fix). * a standby may halt and return an error "could not access status of transaction". ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-787=1 * SUSELinux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-787=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-787=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-787=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-787=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-787=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-787=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-787=1 ## Package List: * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * postgresql17-debuginfo-17.9-150200.5.25.1 * postgresql17-debugsource-17.9-150200.5.25.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * postgresql17-debuginfo-17.9-150200.5.25.1 * postgresql17-debugsource-17.9-150200.5.25.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * postgresql17-plperl-17.9-150200.5.25.1 * postgresql17-server-debuginfo-17.9-150200.5.25.1 * postgresql17-pltcl-debuginfo-17.9-150200.5.25.1 * postgresql17-server-devel-debuginfo-17.9-150200.5.25.1 * postgresql17-server-17.9-150200.5.25.1 * postgresql17-17.9-150200.5.25.1 * postgresql17-devel-17.9-150200.5.25.1 * postgresql17-plpython-17.9-150200.5.25.1 * postgresql17-plpython-debuginfo-17.9-150200.5.25.1 * postgresql17-contrib-17.9-150200.5.25.1 * postgresql17-contrib-debuginfo-17.9-150200.5.25.1 * postgresql17-plperl-debuginfo-17.9-150200.5.25.1 * postgresql17-debuginfo-17.9-150200.5.25.1 *postgresql17-pltcl-17.9-150200.5.25.1 * postgresql17-devel-debuginfo-17.9-150200.5.25.1 * postgresql17-server-devel-17.9-150200.5.25.1 * postgresql17-debugsource-17.9-150200.5.25.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * postgresql17-docs-17.9-150200.5.25.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * postgresql17-plperl-17.9-150200.5.25.1 * postgresql17-server-debuginfo-17.9-150200.5.25.1 * postgresql17-pltcl-debuginfo-17.9-150200.5.25.1 * postgresql17-server-devel-debuginfo-17.9-150200.5.25.1 * postgresql17-server-17.9-150200.5.25.1 * postgresql17-17.9-150200.5.25.1 * postgresql17-devel-17.9-150200.5.25.1 * postgresql17-plpython-17.9-150200.5.25.1 * postgresql17-plpython-debuginfo-17.9-150200.5.25.1 * postgresql17-contrib-17.9-150200.5.25.1 * postgresql17-contrib-debuginfo-17.9-150200.5.25.1 * postgresql17-plperl-debuginfo-17.9-150200.5.25.1 * postgresql17-debuginfo-17.9-150200.5.25.1 * postgresql17-pltcl-17.9-150200.5.25.1 * postgresql17-devel-debuginfo-17.9-150200.5.25.1 * postgresql17-server-devel-17.9-150200.5.25.1 * postgresql17-debugsource-17.9-150200.5.25.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * postgresql17-docs-17.9-150200.5.25.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * postgresql17-debuginfo-17.9-150200.5.25.1 * postgresql17-debugsource-17.9-150200.5.25.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * postgresql17-plperl-17.9-150200.5.25.1 * postgresql17-server-debuginfo-17.9-150200.5.25.1 * postgresql17-pltcl-debuginfo-17.9-150200.5.25.1 * postgresql17-server-devel-debuginfo-17.9-150200.5.25.1 * postgresql17-server-17.9-150200.5.25.1 * postgresql17-17.9-150200.5.25.1 * postgresql17-devel-17.9-150200.5.25.1 * postgresql17-llvmjit-devel-17.9-150200.5.25.1 *postgresql17-plpython-17.9-150200.5.25.1 * postgresql17-contrib-17.9-150200.5.25.1 * postgresql17-plpython-debuginfo-17.9-150200.5.25.1 * postgresql17-contrib-debuginfo-17.9-150200.5.25.1 * postgresql17-llvmjit-17.9-150200.5.25.1 * postgresql17-plperl-debuginfo-17.9-150200.5.25.1 * postgresql17-debuginfo-17.9-150200.5.25.1 * postgresql17-pltcl-17.9-150200.5.25.1 * postgresql17-devel-debuginfo-17.9-150200.5.25.1 * postgresql17-server-devel-17.9-150200.5.25.1 * postgresql17-debugsource-17.9-150200.5.25.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * postgresql17-docs-17.9-150200.5.25.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * postgresql17-debuginfo-17.9-150200.5.25.1 * postgresql17-debugsource-17.9-150200.5.25.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * postgresql17-plperl-17.9-150200.5.25.1 * postgresql17-server-debuginfo-17.9-150200.5.25.1 * postgresql17-pltcl-debuginfo-17.9-150200.5.25.1 * postgresql17-server-devel-debuginfo-17.9-150200.5.25.1 * postgresql17-server-17.9-150200.5.25.1 * postgresql17-17.9-150200.5.25.1 * postgresql17-devel-17.9-150200.5.25.1 * postgresql17-llvmjit-devel-17.9-150200.5.25.1 * postgresql17-plpython-17.9-150200.5.25.1 * postgresql17-contrib-17.9-150200.5.25.1 * postgresql17-plpython-debuginfo-17.9-150200.5.25.1 * postgresql17-contrib-debuginfo-17.9-150200.5.25.1 * postgresql17-llvmjit-17.9-150200.5.25.1 * postgresql17-plperl-debuginfo-17.9-150200.5.25.1 * postgresql17-debuginfo-17.9-150200.5.25.1 * postgresql17-pltcl-17.9-150200.5.25.1 * postgresql17-devel-debuginfo-17.9-150200.5.25.1 * postgresql17-server-devel-17.9-150200.5.25.1 * postgresql17-debugsource-17.9-150200.5.25.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * postgresql17-docs-17.9-150200.5.25.1 ## References: * https://www.suse.com/security/cve/CVE-2026-2006.html *https://bugzilla.suse.com/show_bug.cgi?id=1258011 * https://bugzilla.suse.com/show_bug.cgi?id=1258754 . An important SUSE security advisory for postgresql17 addressing CVE-2026-2006 with a critical fix available now.. SUSE security advisory, postgresql17 update, CVE-2026-2006, important security fix. . Severity: Important. LinuxSecurity.com Team
Mar 03, 2026
•Important
SuSE
100
security advisorySuSEcode executionSUSE PostgreSQL17 Essential Security Patch CVE-2026-2004 2026-0587-2
An update that solves four vulnerabilities can now be installed.. # Security update for postgresql17 Announcement ID: SUSE-SU-2026:0586-1 Release Date: 2026-02-20T10:04:18Z Rating: important References: * bsc#1258008 * bsc#1258009 * bsc#1258010 * bsc#1258011 Cross-References: * CVE-2026-2003 * CVE-2026-2004 * CVE-2026-2005 * CVE-2026-2006 CVSS scores: * CVE-2026-2003 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2026-2004 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-2005 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-2006 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves four vulnerabilities can now be installed. ## Description: This update for postgresql17 fixes the following issues: Update to version 17.8. Security issues fixed: * CVE-2026-2003: improper validation of type "oidvector" may allow disclose a few bytes of server memory (bsc#1258008). * CVE-2026-2004: intarray missing validation of type of input to selectivity estimator could lead to arbitrary code execution (bsc#1258009). * CVE-2026-2005: buffer overrun in contrib/pgcrypto's PGP decryption functions could lead to arbitrary code execution (bsc#1258010). * CVE-2026-2006: inadequate validationof multibyte character lengths could lead to arbitrary code execution (bsc#1258011). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-586=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-586=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-586=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-586=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-586=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-586=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-586=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-586=1 ## Package List: * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * postgresql17-debugsource-17.8-150200.5.22.1 * postgresql17-debuginfo-17.8-150200.5.22.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * postgresql17-debugsource-17.8-150200.5.22.1 * postgresql17-debuginfo-17.8-150200.5.22.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * postgresql17-contrib-debuginfo-17.8-150200.5.22.1 * postgresql17-debuginfo-17.8-150200.5.22.1 * postgresql17-plperl-debuginfo-17.8-150200.5.22.1 * postgresql17-server-devel-debuginfo-17.8-150200.5.22.1 *postgresql17-devel-17.8-150200.5.22.1 * postgresql17-server-debuginfo-17.8-150200.5.22.1 * postgresql17-debugsource-17.8-150200.5.22.1 * postgresql17-pltcl-17.8-150200.5.22.1 * postgresql17-17.8-150200.5.22.1 * postgresql17-plperl-17.8-150200.5.22.1 * postgresql17-plpython-debuginfo-17.8-150200.5.22.1 * postgresql17-server-17.8-150200.5.22.1 * postgresql17-pltcl-debuginfo-17.8-150200.5.22.1 * postgresql17-plpython-17.8-150200.5.22.1 * postgresql17-server-devel-17.8-150200.5.22.1 * postgresql17-contrib-17.8-150200.5.22.1 * postgresql17-devel-debuginfo-17.8-150200.5.22.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * postgresql17-docs-17.8-150200.5.22.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * postgresql17-contrib-debuginfo-17.8-150200.5.22.1 * postgresql17-debuginfo-17.8-150200.5.22.1 * postgresql17-plperl-debuginfo-17.8-150200.5.22.1 * postgresql17-server-devel-debuginfo-17.8-150200.5.22.1 * postgresql17-devel-17.8-150200.5.22.1 * postgresql17-server-debuginfo-17.8-150200.5.22.1 * postgresql17-debugsource-17.8-150200.5.22.1 * postgresql17-pltcl-17.8-150200.5.22.1 * postgresql17-17.8-150200.5.22.1 * postgresql17-plperl-17.8-150200.5.22.1 * postgresql17-plpython-debuginfo-17.8-150200.5.22.1 * postgresql17-server-17.8-150200.5.22.1 * postgresql17-pltcl-debuginfo-17.8-150200.5.22.1 * postgresql17-plpython-17.8-150200.5.22.1 * postgresql17-server-devel-17.8-150200.5.22.1 * postgresql17-contrib-17.8-150200.5.22.1 * postgresql17-devel-debuginfo-17.8-150200.5.22.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * postgresql17-docs-17.8-150200.5.22.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * postgresql17-debugsource-17.8-150200.5.22.1 * postgresql17-debuginfo-17.8-150200.5.22.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * postgresql17-contrib-debuginfo-17.8-150200.5.22.1 * postgresql17-debuginfo-17.8-150200.5.22.1 * postgresql17-plperl-debuginfo-17.8-150200.5.22.1 * postgresql17-server-devel-debuginfo-17.8-150200.5.22.1 * postgresql17-devel-17.8-150200.5.22.1 * postgresql17-server-debuginfo-17.8-150200.5.22.1 * postgresql17-debugsource-17.8-150200.5.22.1 * postgresql17-pltcl-17.8-150200.5.22.1 * postgresql17-17.8-150200.5.22.1 * postgresql17-plperl-17.8-150200.5.22.1 * postgresql17-plpython-debuginfo-17.8-150200.5.22.1 * postgresql17-server-17.8-150200.5.22.1 * postgresql17-pltcl-debuginfo-17.8-150200.5.22.1 * postgresql17-llvmjit-17.8-150200.5.22.1 * postgresql17-plpython-17.8-150200.5.22.1 * postgresql17-contrib-17.8-150200.5.22.1 * postgresql17-server-devel-17.8-150200.5.22.1 * postgresql17-devel-debuginfo-17.8-150200.5.22.1 * postgresql17-llvmjit-devel-17.8-150200.5.22.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * postgresql17-docs-17.8-150200.5.22.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * postgresql17-debugsource-17.8-150200.5.22.1 * postgresql17-debuginfo-17.8-150200.5.22.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * postgresql17-contrib-debuginfo-17.8-150200.5.22.1 * postgresql17-debuginfo-17.8-150200.5.22.1 * postgresql17-plperl-debuginfo-17.8-150200.5.22.1 * postgresql17-server-devel-debuginfo-17.8-150200.5.22.1 * postgresql17-devel-17.8-150200.5.22.1 * postgresql17-server-debuginfo-17.8-150200.5.22.1 * postgresql17-debugsource-17.8-150200.5.22.1 * postgresql17-pltcl-17.8-150200.5.22.1 * postgresql17-17.8-150200.5.22.1 * postgresql17-plperl-17.8-150200.5.22.1 * postgresql17-plpython-debuginfo-17.8-150200.5.22.1 * postgresql17-server-17.8-150200.5.22.1 * postgresql17-pltcl-debuginfo-17.8-150200.5.22.1 * postgresql17-llvmjit-17.8-150200.5.22.1 * postgresql17-plpython-17.8-150200.5.22.1 *postgresql17-contrib-17.8-150200.5.22.1 * postgresql17-server-devel-17.8-150200.5.22.1 * postgresql17-devel-debuginfo-17.8-150200.5.22.1 * postgresql17-llvmjit-devel-17.8-150200.5.22.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * postgresql17-docs-17.8-150200.5.22.1 ## References: * https://www.suse.com/security/cve/CVE-2026-2003.html * https://www.suse.com/security/cve/CVE-2026-2004.html * https://www.suse.com/security/cve/CVE-2026-2005.html * https://www.suse.com/security/cve/CVE-2026-2006.html * https://bugzilla.suse.com/show_bug.cgi?id=1258008 * https://bugzilla.suse.com/show_bug.cgi?id=1258009 * https://bugzilla.suse.com/show_bug.cgi?id=1258010 * https://bugzilla.suse.com/show_bug.cgi?id=1258011 . Important security update for postgresql17 fixes multiple issues including potential code execution vulnerabilities. Find detailed instructions.. Security Update, postgresql17, Important Vulnerability, SUSE Patch. . Severity: Important. LinuxSecurity.com Team
Feb 20, 2026
•Important
SuSE
202
security advisorymoderateOpenSUSEopenSUSE: PostgreSQL 17.7 Moderate Security Advisory 2025:15786-1
An update that solves 2 vulnerabilities can now be installed.. # postgresql17-17.7-1.1 on GA media Announcement ID: openSUSE-SU-2025:15786-1 Rating: moderate Cross-References: * CVE-2025-12817 * CVE-2025-12818 CVSS scores: * CVE-2025-12817 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2025-12817 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-12818 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-12818 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N Affected Products: * openSUSE Tumbleweed An update that solves 2 vulnerabilities can now be installed. ## Description: These are all security issues fixed in the postgresql17-17.7-1.1 package on the GA media of openSUSE Tumbleweed. ## Package List: * openSUSE Tumbleweed: * postgresql17 17.7-1.1 * postgresql17-contrib 17.7-1.1 * postgresql17-devel 17.7-1.1 * postgresql17-docs 17.7-1.1 * postgresql17-llvmjit 17.7-1.1 * postgresql17-llvmjit-devel 17.7-1.1 * postgresql17-plperl 17.7-1.1 * postgresql17-plpython 17.7-1.1 * postgresql17-pltcl 17.7-1.1 * postgresql17-server 17.7-1.1 * postgresql17-server-devel 17.7-1.1 * postgresql17-test 17.7-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-12817.html * https://www.suse.com/security/cve/CVE-2025-12818.html . Critical patch addresses two moderate vulnerabilities in openSUSE's PostgreSQL 17.7 package. Immediate action advised.. openSUSE PostgreSQL patch CVE-2025-12817 CVE-2025-12818 security update. . LinuxSecurity.com Team
Nov 29, 2025
OpenSUSE
202
security advisorymoderatedenial of serviceopenSUSE Tumbleweed: PostgreSQL Moderate Security Patch 2025:15580-1
An update that solves 18 vulnerabilities can now be installed.. # postgresql17-17.6-2.1 on GA media Announcement ID: openSUSE-SU-2025:15580-1 Rating: moderate Cross-References: * CVE-2020-25694 * CVE-2020-25695 * CVE-2020-25696 * CVE-2021-20229 * CVE-2021-23214 * CVE-2021-23222 * CVE-2021-32027 * CVE-2021-32028 * CVE-2021-32029 * CVE-2021-3393 * CVE-2022-1552 * CVE-2022-41862 * CVE-2023-2454 * CVE-2023-2455 * CVE-2023-5868 * CVE-2023-5869 * CVE-2023-5870 * CVE-2024-0985 CVSS scores: * CVE-2020-25694 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2020-25695 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2020-25696 ( SUSE ): 8 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2021-20229 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2021-23214 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2021-23222 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2021-32027 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-32028 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2021-32029 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2021-3393 ( SUSE ): 3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2022-1552 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-41862 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-2454 ( SUSE ): 6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N * CVE-2023-2455 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2023-5868 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2023-5869 ( SUSE ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2023-5870 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0985 ( SUSE ): 8 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H Affected Products: * openSUSE Tumbleweed An update that solves 18 vulnerabilities can now be installed. ##Description: These are all security issues fixed in the postgresql17-17.6-2.1 package on the GA media of openSUSE Tumbleweed. ## Package List: * openSUSE Tumbleweed: * postgresql17 17.6-2.1 * postgresql17-contrib 17.6-2.1 * postgresql17-devel 17.6-2.1 * postgresql17-docs 17.6-2.1 * postgresql17-llvmjit 17.6-2.1 * postgresql17-llvmjit-devel 17.6-2.1 * postgresql17-plperl 17.6-2.1 * postgresql17-plpython 17.6-2.1 * postgresql17-pltcl 17.6-2.1 * postgresql17-server 17.6-2.1 * postgresql17-server-devel 17.6-2.1 * postgresql17-test 17.6-2.1 ## References: * https://www.suse.com/security/cve/CVE-2020-25694.html * https://www.suse.com/security/cve/CVE-2020-25695.html * https://www.suse.com/security/cve/CVE-2020-25696.html * https://www.suse.com/security/cve/CVE-2021-20229.html * https://www.suse.com/security/cve/CVE-2021-23214.html * https://www.suse.com/security/cve/CVE-2021-23222.html * https://www.suse.com/security/cve/CVE-2021-32027.html * https://www.suse.com/security/cve/CVE-2021-32028.html * https://www.suse.com/security/cve/CVE-2021-32029.html * https://www.suse.com/security/cve/CVE-2021-3393.html * https://www.suse.com/security/cve/CVE-2022-1552.html * https://www.suse.com/security/cve/CVE-2022-41862.html * https://www.suse.com/security/cve/CVE-2023-2454.html * https://www.suse.com/security/cve/CVE-2023-2455.html * https://www.suse.com/security/cve/CVE-2023-5868.html * https://www.suse.com/security/cve/CVE-2023-5869.html * https://www.suse.com/security/cve/CVE-2023-5870.html * https://www.suse.com/security/cve/CVE-2024-0985.html . Installing updates for postgresql17 solves multiple vulnerabilities on openSUSE Tumbleweed, rated moderate severity.. openSUSE PostgreSQL vulnerability fix moderate. . LinuxSecurity.com Team
Sep 27, 2025
OpenSUSE
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!