Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 2 articles for you...
202
security advisorySQL Injectionbuffer overflowopenSUSE postgresql18 Important Security Fix 2026-1944-1
An update that solves 11 vulnerabilities, contains one feature and has one security fix can now be installed.. # Security update for postgresql18 Announcement ID: SUSE-SU-2026:1944-1 Release Date: 2026-05-18T07:47:51Z Rating: important References: * bsc#1263804 * bsc#1265172 * bsc#1265173 * bsc#1265174 * bsc#1265175 * bsc#1265176 * bsc#1265177 * bsc#1265178 * bsc#1265179 * bsc#1265180 * bsc#1265181 * bsc#1265182 * jsc#PED-14820 Cross-References: * CVE-2026-6472 * CVE-2026-6473 * CVE-2026-6474 * CVE-2026-6475 * CVE-2026-6476 * CVE-2026-6477 * CVE-2026-6478 * CVE-2026-6479 * CVE-2026-6575 * CVE-2026-6637 * CVE-2026-6638 CVSS scores: * CVE-2026-6472 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2026-6472 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2026-6473 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-6473 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-6474 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2026-6474 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2026-6475 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-6475 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-6476 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-6476 ( NVD ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-6477 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-6477 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-6478 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2026-6478 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2026-6479 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-6479 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-6575 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2026-6575 (NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2026-6637 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-6637 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-6638 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N * CVE-2026-6638 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N Affected Products: * Basesystem Module 15-SP7 * openSUSE Leap 15.6 * Server Applications Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Package Hub 15 15-SP7 An update that solves 11 vulnerabilities, contains one feature and has one security fix can now be installed. ## Description: This update for postgresql18 fixes the following issues Update to version 18.4. Security issues: * CVE-2026-6472: ensure the user has CREATE privilege on the schema specified (bsc#1265172). * CVE-2026-6473: integer overflows in memory-allocation calculations (bsc#1265173). * CVE-2026-6474: Guard against malicious time zone names (bsc#1265174). * CVE-2026-6475: Prevent path traversal in pg_basebackup and pg_rewind (bsc#1265175). * CVE-2026-6476: Properly quote subscription names in pg_createsubscriber (bsc#1265176). * CVE-2026-6477: Mark PQfn() as unsafe, and avoid using it within libpq (bsc#1265177). * CVE-2026-6478: Use timing-safe string comparisons in authentication code (bsc#1265178). * CVE-2026-6479: Prevent unbounded recursion while processing startup packets (bsc#1265179). * CVE-2026-6575: Detect faulty input when restoring attribute MCV statistics (bsc#1265180). * CVE-2026-6637: Prevent SQL injection and buffer overruns in contrib/spi (bsc#1265181). * CVE-2026-6638: Properly quoteobject names in logical replication origin checks (bsc#1265182). Non security issue: * Get rid of update-alternatives for openSUSE/SLE 16.0 and newer to support immutable systems and transactional updates (jsc#PED-14820). * /usr/bin/pg_config is missing after migrating away from update-alternatives (bsc#1263804). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-1944=1 * Server Applications Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP7-2026-1944=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-1944=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-1944=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-1944=1 * SUSE Package Hub 15 15-SP7 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-1944=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * postgresql18-pltcl-18.4-150600.13.11.1 * postgresql18-18.4-150600.13.11.1 * postgresql18-devel-mini-debuginfo-18.4-150600.13.11.1 * postgresql18-plpython-18.4-150600.13.11.1 * postgresql18-llvmjit-18.4-150600.13.11.1 * postgresql18-server-devel-18.4-150600.13.11.1 * postgresql18-contrib-debuginfo-18.4-150600.13.11.1 * postgresql18-devel-debuginfo-18.4-150600.13.11.1 * postgresql18-plperl-18.4-150600.13.11.1 * postgresql18-mini-debugsource-18.4-150600.13.11.1 * libecpg6-18.4-150600.13.11.1 * postgresql18-llvmjit-devel-18.4-150600.13.11.1 * postgresql18-devel-18.4-150600.13.11.1 * postgresql18-contrib-18.4-150600.13.11.1 * postgresql18-test-18.4-150600.13.11.1 *postgresql18-plperl-debuginfo-18.4-150600.13.11.1 * postgresql18-server-debuginfo-18.4-150600.13.11.1 * libpq5-18.4-150600.13.11.1 * postgresql18-devel-mini-18.4-150600.13.11.1 * postgresql18-plpython-debuginfo-18.4-150600.13.11.1 * postgresql18-pltcl-debuginfo-18.4-150600.13.11.1 * postgresql18-debuginfo-18.4-150600.13.11.1 * postgresql18-server-18.4-150600.13.11.1 * libecpg6-debuginfo-18.4-150600.13.11.1 * postgresql18-server-devel-debuginfo-18.4-150600.13.11.1 * libpq5-debuginfo-18.4-150600.13.11.1 * postgresql18-debugsource-18.4-150600.13.11.1 * postgresql18-llvmjit-debuginfo-18.4-150600.13.11.1 * openSUSE Leap 15.6 (x86_64) * libpq5-32bit-18.4-150600.13.11.1 * libpq5-32bit-debuginfo-18.4-150600.13.11.1 * libecpg6-32bit-18.4-150600.13.11.1 * libecpg6-32bit-debuginfo-18.4-150600.13.11.1 * openSUSE Leap 15.6 (noarch) * postgresql18-docs-18.4-150600.13.11.1 * openSUSE Leap 15.6 (aarch64_ilp32) * libecpg6-64bit-18.4-150600.13.11.1 * libpq5-64bit-debuginfo-18.4-150600.13.11.1 * libecpg6-64bit-debuginfo-18.4-150600.13.11.1 * libpq5-64bit-18.4-150600.13.11.1 * Server Applications Module 15-SP7 (aarch64 ppc64le s390x x86_64) * libecpg6-debuginfo-18.4-150600.13.11.1 * postgresql18-devel-debuginfo-18.4-150600.13.11.1 * postgresql18-server-devel-debuginfo-18.4-150600.13.11.1 * postgresql18-server-18.4-150600.13.11.1 * postgresql18-plperl-18.4-150600.13.11.1 * postgresql18-server-debuginfo-18.4-150600.13.11.1 * postgresql18-pltcl-18.4-150600.13.11.1 * postgresql18-debugsource-18.4-150600.13.11.1 * postgresql18-contrib-debuginfo-18.4-150600.13.11.1 * postgresql18-plpython-debuginfo-18.4-150600.13.11.1 * postgresql18-debuginfo-18.4-150600.13.11.1 * postgresql18-pltcl-debuginfo-18.4-150600.13.11.1 * libecpg6-18.4-150600.13.11.1 * postgresql18-devel-18.4-150600.13.11.1 * postgresql18-plpython-18.4-150600.13.11.1 * postgresql18-contrib-18.4-150600.13.11.1 *postgresql18-server-devel-18.4-150600.13.11.1 * postgresql18-plperl-debuginfo-18.4-150600.13.11.1 * Server Applications Module 15-SP7 (noarch) * postgresql18-docs-18.4-150600.13.11.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64) * postgresql18-pltcl-18.4-150600.13.11.1 * postgresql18-18.4-150600.13.11.1 * postgresql18-plpython-18.4-150600.13.11.1 * postgresql18-server-devel-18.4-150600.13.11.1 * postgresql18-contrib-debuginfo-18.4-150600.13.11.1 * postgresql18-devel-debuginfo-18.4-150600.13.11.1 * postgresql18-plperl-18.4-150600.13.11.1 * libecpg6-18.4-150600.13.11.1 * postgresql18-devel-18.4-150600.13.11.1 * postgresql18-contrib-18.4-150600.13.11.1 * postgresql18-plperl-debuginfo-18.4-150600.13.11.1 * postgresql18-server-debuginfo-18.4-150600.13.11.1 * libpq5-18.4-150600.13.11.1 * postgresql18-plpython-debuginfo-18.4-150600.13.11.1 * postgresql18-pltcl-debuginfo-18.4-150600.13.11.1 * postgresql18-debuginfo-18.4-150600.13.11.1 * postgresql18-server-18.4-150600.13.11.1 * libecpg6-debuginfo-18.4-150600.13.11.1 * postgresql18-server-devel-debuginfo-18.4-150600.13.11.1 * libpq5-debuginfo-18.4-150600.13.11.1 * postgresql18-debugsource-18.4-150600.13.11.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (noarch) * postgresql18-docs-18.4-150600.13.11.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (x86_64) * libpq5-32bit-18.4-150600.13.11.1 * libpq5-32bit-debuginfo-18.4-150600.13.11.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) * postgresql18-pltcl-18.4-150600.13.11.1 * postgresql18-18.4-150600.13.11.1 * postgresql18-plpython-18.4-150600.13.11.1 * postgresql18-server-devel-18.4-150600.13.11.1 * postgresql18-contrib-debuginfo-18.4-150600.13.11.1 * postgresql18-devel-debuginfo-18.4-150600.13.11.1 * postgresql18-plperl-18.4-150600.13.11.1 * libecpg6-18.4-150600.13.11.1 * postgresql18-devel-18.4-150600.13.11.1 *postgresql18-contrib-18.4-150600.13.11.1 * postgresql18-plperl-debuginfo-18.4-150600.13.11.1 * postgresql18-server-debuginfo-18.4-150600.13.11.1 * libpq5-18.4-150600.13.11.1 * postgresql18-plpython-debuginfo-18.4-150600.13.11.1 * postgresql18-pltcl-debuginfo-18.4-150600.13.11.1 * postgresql18-debuginfo-18.4-150600.13.11.1 * postgresql18-server-18.4-150600.13.11.1 * libecpg6-debuginfo-18.4-150600.13.11.1 * postgresql18-server-devel-debuginfo-18.4-150600.13.11.1 * libpq5-debuginfo-18.4-150600.13.11.1 * postgresql18-debugsource-18.4-150600.13.11.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (noarch) * postgresql18-docs-18.4-150600.13.11.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (x86_64) * libpq5-32bit-18.4-150600.13.11.1 * libpq5-32bit-debuginfo-18.4-150600.13.11.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * libpq5-debuginfo-18.4-150600.13.11.1 * postgresql18-debugsource-18.4-150600.13.11.1 * libpq5-18.4-150600.13.11.1 * postgresql18-18.4-150600.13.11.1 * postgresql18-debuginfo-18.4-150600.13.11.1 * Basesystem Module 15-SP7 (x86_64) * libpq5-32bit-18.4-150600.13.11.1 * libpq5-32bit-debuginfo-18.4-150600.13.11.1 * SUSE Package Hub 15 15-SP7 (aarch64 ppc64le s390x x86_64) * postgresql18-llvmjit-debuginfo-18.4-150600.13.11.1 * postgresql18-llvmjit-devel-18.4-150600.13.11.1 * postgresql18-llvmjit-18.4-150600.13.11.1 * postgresql18-test-18.4-150600.13.11.1 ## References: * https://www.suse.com/security/cve/CVE-2026-6472.html * https://www.suse.com/security/cve/CVE-2026-6473.html * https://www.suse.com/security/cve/CVE-2026-6474.html * https://www.suse.com/security/cve/CVE-2026-6475.html * https://www.suse.com/security/cve/CVE-2026-6476.html * https://www.suse.com/security/cve/CVE-2026-6477.html * https://www.suse.com/security/cve/CVE-2026-6478.html * https://www.suse.com/security/cve/CVE-2026-6479.html *https://www.suse.com/security/cve/CVE-2026-6575.html * https://www.suse.com/security/cve/CVE-2026-6637.html * https://www.suse.com/security/cve/CVE-2026-6638.html * https://bugzilla.suse.com/show_bug.cgi?id=1263804 * https://bugzilla.suse.com/show_bug.cgi?id=1265172 * https://bugzilla.suse.com/show_bug.cgi?id=1265173 * https://bugzilla.suse.com/show_bug.cgi?id=1265174 * https://bugzilla.suse.com/show_bug.cgi?id=1265175 * https://bugzilla.suse.com/show_bug.cgi?id=1265176 * https://bugzilla.suse.com/show_bug.cgi?id=1265177 * https://bugzilla.suse.com/show_bug.cgi?id=1265178 * https://bugzilla.suse.com/show_bug.cgi?id=1265179 * https://bugzilla.suse.com/show_bug.cgi?id=1265180 * https://bugzilla.suse.com/show_bug.cgi?id=1265181 * https://bugzilla.suse.com/show_bug.cgi?id=1265182 * https://jira.suse.com/browse/PED-14820 . Update for postgresql18 resolves 11 vulnerabilities with one important fix and feature enhancement for openSUSE.. postgresql18 security patch, openSUSE update, important vulnerabilities fix. . Severity: Important. LinuxSecurity.com Team
May 18, 2026
•Important
OpenSUSE
100
security advisorySQL Injectionbuffer overrunopenSUSE postgresql18 Important Security Update SUSE-SU-2026-1944-1
An update that solves 11 vulnerabilities, contains one feature and has one security fix can now be installed.. # Security update for postgresql18 Announcement ID: SUSE-SU-2026:1944-1 Release Date: 2026-05-18T07:47:51Z Rating: important References: * bsc#1263804 * bsc#1265172 * bsc#1265173 * bsc#1265174 * bsc#1265175 * bsc#1265176 * bsc#1265177 * bsc#1265178 * bsc#1265179 * bsc#1265180 * bsc#1265181 * bsc#1265182 * jsc#PED-14820 Cross-References: * CVE-2026-6472 * CVE-2026-6473 * CVE-2026-6474 * CVE-2026-6475 * CVE-2026-6476 * CVE-2026-6477 * CVE-2026-6478 * CVE-2026-6479 * CVE-2026-6575 * CVE-2026-6637 * CVE-2026-6638 CVSS scores: * CVE-2026-6472 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2026-6472 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2026-6473 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-6473 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-6474 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2026-6474 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2026-6475 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-6475 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-6476 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-6476 ( NVD ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-6477 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-6477 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-6478 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2026-6478 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2026-6479 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-6479 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-6575 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2026-6575 (NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2026-6637 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-6637 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-6638 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N * CVE-2026-6638 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N Affected Products: * Basesystem Module 15-SP7 * openSUSE Leap 15.6 * Server Applications Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Package Hub 15 15-SP7 An update that solves 11 vulnerabilities, contains one feature and has one security fix can now be installed. ## Description: This update for postgresql18 fixes the following issues Update to version 18.4. Security issues: * CVE-2026-6472: ensure the user has CREATE privilege on the schema specified (bsc#1265172). * CVE-2026-6473: integer overflows in memory-allocation calculations (bsc#1265173). * CVE-2026-6474: Guard against malicious time zone names (bsc#1265174). * CVE-2026-6475: Prevent path traversal in pg_basebackup and pg_rewind (bsc#1265175). * CVE-2026-6476: Properly quote subscription names in pg_createsubscriber (bsc#1265176). * CVE-2026-6477: Mark PQfn() as unsafe, and avoid using it within libpq (bsc#1265177). * CVE-2026-6478: Use timing-safe string comparisons in authentication code (bsc#1265178). * CVE-2026-6479: Prevent unbounded recursion while processing startup packets (bsc#1265179). * CVE-2026-6575: Detect faulty input when restoring attribute MCV statistics (bsc#1265180). * CVE-2026-6637: Prevent SQL injection and buffer overruns in contrib/spi (bsc#1265181). * CVE-2026-6638: Properly quoteobject names in logical replication origin checks (bsc#1265182). Non security issue: * Get rid of update-alternatives for openSUSE/SLE 16.0 and newer to support immutable systems and transactional updates (jsc#PED-14820). * /usr/bin/pg_config is missing after migrating away from update-alternatives (bsc#1263804). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-1944=1 * Server Applications Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP7-2026-1944=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-1944=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-1944=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-1944=1 * SUSE Package Hub 15 15-SP7 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-1944=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * postgresql18-pltcl-18.4-150600.13.11.1 * postgresql18-18.4-150600.13.11.1 * postgresql18-devel-mini-debuginfo-18.4-150600.13.11.1 * postgresql18-plpython-18.4-150600.13.11.1 * postgresql18-llvmjit-18.4-150600.13.11.1 * postgresql18-server-devel-18.4-150600.13.11.1 * postgresql18-contrib-debuginfo-18.4-150600.13.11.1 * postgresql18-devel-debuginfo-18.4-150600.13.11.1 * postgresql18-plperl-18.4-150600.13.11.1 * postgresql18-mini-debugsource-18.4-150600.13.11.1 * libecpg6-18.4-150600.13.11.1 * postgresql18-llvmjit-devel-18.4-150600.13.11.1 * postgresql18-devel-18.4-150600.13.11.1 * postgresql18-contrib-18.4-150600.13.11.1 * postgresql18-test-18.4-150600.13.11.1 *postgresql18-plperl-debuginfo-18.4-150600.13.11.1 * postgresql18-server-debuginfo-18.4-150600.13.11.1 * libpq5-18.4-150600.13.11.1 * postgresql18-devel-mini-18.4-150600.13.11.1 * postgresql18-plpython-debuginfo-18.4-150600.13.11.1 * postgresql18-pltcl-debuginfo-18.4-150600.13.11.1 * postgresql18-debuginfo-18.4-150600.13.11.1 * postgresql18-server-18.4-150600.13.11.1 * libecpg6-debuginfo-18.4-150600.13.11.1 * postgresql18-server-devel-debuginfo-18.4-150600.13.11.1 * libpq5-debuginfo-18.4-150600.13.11.1 * postgresql18-debugsource-18.4-150600.13.11.1 * postgresql18-llvmjit-debuginfo-18.4-150600.13.11.1 * openSUSE Leap 15.6 (x86_64) * libpq5-32bit-18.4-150600.13.11.1 * libpq5-32bit-debuginfo-18.4-150600.13.11.1 * libecpg6-32bit-18.4-150600.13.11.1 * libecpg6-32bit-debuginfo-18.4-150600.13.11.1 * openSUSE Leap 15.6 (noarch) * postgresql18-docs-18.4-150600.13.11.1 * openSUSE Leap 15.6 (aarch64_ilp32) * libecpg6-64bit-18.4-150600.13.11.1 * libpq5-64bit-debuginfo-18.4-150600.13.11.1 * libecpg6-64bit-debuginfo-18.4-150600.13.11.1 * libpq5-64bit-18.4-150600.13.11.1 * Server Applications Module 15-SP7 (aarch64 ppc64le s390x x86_64) * libecpg6-debuginfo-18.4-150600.13.11.1 * postgresql18-devel-debuginfo-18.4-150600.13.11.1 * postgresql18-server-devel-debuginfo-18.4-150600.13.11.1 * postgresql18-server-18.4-150600.13.11.1 * postgresql18-plperl-18.4-150600.13.11.1 * postgresql18-server-debuginfo-18.4-150600.13.11.1 * postgresql18-pltcl-18.4-150600.13.11.1 * postgresql18-debugsource-18.4-150600.13.11.1 * postgresql18-contrib-debuginfo-18.4-150600.13.11.1 * postgresql18-plpython-debuginfo-18.4-150600.13.11.1 * postgresql18-debuginfo-18.4-150600.13.11.1 * postgresql18-pltcl-debuginfo-18.4-150600.13.11.1 * libecpg6-18.4-150600.13.11.1 * postgresql18-devel-18.4-150600.13.11.1 * postgresql18-plpython-18.4-150600.13.11.1 * postgresql18-contrib-18.4-150600.13.11.1 *postgresql18-server-devel-18.4-150600.13.11.1 * postgresql18-plperl-debuginfo-18.4-150600.13.11.1 * Server Applications Module 15-SP7 (noarch) * postgresql18-docs-18.4-150600.13.11.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64) * postgresql18-pltcl-18.4-150600.13.11.1 * postgresql18-18.4-150600.13.11.1 * postgresql18-plpython-18.4-150600.13.11.1 * postgresql18-server-devel-18.4-150600.13.11.1 * postgresql18-contrib-debuginfo-18.4-150600.13.11.1 * postgresql18-devel-debuginfo-18.4-150600.13.11.1 * postgresql18-plperl-18.4-150600.13.11.1 * libecpg6-18.4-150600.13.11.1 * postgresql18-devel-18.4-150600.13.11.1 * postgresql18-contrib-18.4-150600.13.11.1 * postgresql18-plperl-debuginfo-18.4-150600.13.11.1 * postgresql18-server-debuginfo-18.4-150600.13.11.1 * libpq5-18.4-150600.13.11.1 * postgresql18-plpython-debuginfo-18.4-150600.13.11.1 * postgresql18-pltcl-debuginfo-18.4-150600.13.11.1 * postgresql18-debuginfo-18.4-150600.13.11.1 * postgresql18-server-18.4-150600.13.11.1 * libecpg6-debuginfo-18.4-150600.13.11.1 * postgresql18-server-devel-debuginfo-18.4-150600.13.11.1 * libpq5-debuginfo-18.4-150600.13.11.1 * postgresql18-debugsource-18.4-150600.13.11.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (noarch) * postgresql18-docs-18.4-150600.13.11.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (x86_64) * libpq5-32bit-18.4-150600.13.11.1 * libpq5-32bit-debuginfo-18.4-150600.13.11.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) * postgresql18-pltcl-18.4-150600.13.11.1 * postgresql18-18.4-150600.13.11.1 * postgresql18-plpython-18.4-150600.13.11.1 * postgresql18-server-devel-18.4-150600.13.11.1 * postgresql18-contrib-debuginfo-18.4-150600.13.11.1 * postgresql18-devel-debuginfo-18.4-150600.13.11.1 * postgresql18-plperl-18.4-150600.13.11.1 * libecpg6-18.4-150600.13.11.1 * postgresql18-devel-18.4-150600.13.11.1 *postgresql18-contrib-18.4-150600.13.11.1 * postgresql18-plperl-debuginfo-18.4-150600.13.11.1 * postgresql18-server-debuginfo-18.4-150600.13.11.1 * libpq5-18.4-150600.13.11.1 * postgresql18-plpython-debuginfo-18.4-150600.13.11.1 * postgresql18-pltcl-debuginfo-18.4-150600.13.11.1 * postgresql18-debuginfo-18.4-150600.13.11.1 * postgresql18-server-18.4-150600.13.11.1 * libecpg6-debuginfo-18.4-150600.13.11.1 * postgresql18-server-devel-debuginfo-18.4-150600.13.11.1 * libpq5-debuginfo-18.4-150600.13.11.1 * postgresql18-debugsource-18.4-150600.13.11.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (noarch) * postgresql18-docs-18.4-150600.13.11.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (x86_64) * libpq5-32bit-18.4-150600.13.11.1 * libpq5-32bit-debuginfo-18.4-150600.13.11.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * libpq5-debuginfo-18.4-150600.13.11.1 * postgresql18-debugsource-18.4-150600.13.11.1 * libpq5-18.4-150600.13.11.1 * postgresql18-18.4-150600.13.11.1 * postgresql18-debuginfo-18.4-150600.13.11.1 * Basesystem Module 15-SP7 (x86_64) * libpq5-32bit-18.4-150600.13.11.1 * libpq5-32bit-debuginfo-18.4-150600.13.11.1 * SUSE Package Hub 15 15-SP7 (aarch64 ppc64le s390x x86_64) * postgresql18-llvmjit-debuginfo-18.4-150600.13.11.1 * postgresql18-llvmjit-devel-18.4-150600.13.11.1 * postgresql18-llvmjit-18.4-150600.13.11.1 * postgresql18-test-18.4-150600.13.11.1 ## References: * https://www.suse.com/security/cve/CVE-2026-6472.html * https://www.suse.com/security/cve/CVE-2026-6473.html * https://www.suse.com/security/cve/CVE-2026-6474.html * https://www.suse.com/security/cve/CVE-2026-6475.html * https://www.suse.com/security/cve/CVE-2026-6476.html * https://www.suse.com/security/cve/CVE-2026-6477.html * https://www.suse.com/security/cve/CVE-2026-6478.html * https://www.suse.com/security/cve/CVE-2026-6479.html *https://www.suse.com/security/cve/CVE-2026-6575.html * https://www.suse.com/security/cve/CVE-2026-6637.html * https://www.suse.com/security/cve/CVE-2026-6638.html * https://bugzilla.suse.com/show_bug.cgi?id=1263804 * https://bugzilla.suse.com/show_bug.cgi?id=1265172 * https://bugzilla.suse.com/show_bug.cgi?id=1265173 * https://bugzilla.suse.com/show_bug.cgi?id=1265174 * https://bugzilla.suse.com/show_bug.cgi?id=1265175 * https://bugzilla.suse.com/show_bug.cgi?id=1265176 * https://bugzilla.suse.com/show_bug.cgi?id=1265177 * https://bugzilla.suse.com/show_bug.cgi?id=1265178 * https://bugzilla.suse.com/show_bug.cgi?id=1265179 * https://bugzilla.suse.com/show_bug.cgi?id=1265180 * https://bugzilla.suse.com/show_bug.cgi?id=1265181 * https://bugzilla.suse.com/show_bug.cgi?id=1265182 * https://jira.suse.com/browse/PED-14820 . SUSE introduces important security update for postgresql18, fixing multiple issues including SQL injection vulnerabilities.. SUSE, PostgreSQL, Security Update, openSUSE, Vulnerabilities. . Severity: Important. LinuxSecurity.com Team
May 18, 2026
•Important
SuSE
100
security advisorySQL InjectionSuSESUSE PostgreSQL18 Major Fix for SQL Injection Memory Overflow 2026-1945-1
An update that solves 11 vulnerabilities, contains one feature and has one security fix can now be installed.. # Security update for postgresql18 Announcement ID: SUSE-SU-2026:1945-1 Release Date: 2026-05-18T07:48:50Z Rating: important References: * bsc#1263804 * bsc#1265172 * bsc#1265173 * bsc#1265174 * bsc#1265175 * bsc#1265176 * bsc#1265177 * bsc#1265178 * bsc#1265179 * bsc#1265180 * bsc#1265181 * bsc#1265182 * jsc#PED-14820 Cross-References: * CVE-2026-6472 * CVE-2026-6473 * CVE-2026-6474 * CVE-2026-6475 * CVE-2026-6476 * CVE-2026-6477 * CVE-2026-6478 * CVE-2026-6479 * CVE-2026-6575 * CVE-2026-6637 * CVE-2026-6638 CVSS scores: * CVE-2026-6472 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2026-6472 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2026-6473 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-6473 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-6474 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2026-6474 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2026-6475 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-6475 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-6476 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-6476 ( NVD ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-6477 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-6477 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-6478 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2026-6478 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2026-6479 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-6479 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-6575 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2026-6575 (NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2026-6637 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-6637 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-6638 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N * CVE-2026-6638 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves 11 vulnerabilities, contains one feature and has one security fix can now be installed. ## Description: This update for postgresql18 fixes the following issues Update to version 18.4. Security issues: * CVE-2026-6472: ensure the user has CREATE privilege on the schema specified (bsc#1265172). * CVE-2026-6473: integer overflows in memory-allocation calculations (bsc#1265173). * CVE-2026-6474: Guard against malicious time zone names (bsc#1265174). * CVE-2026-6475: Prevent path traversal in pg_basebackup and pg_rewind (bsc#1265175). * CVE-2026-6476: Properly quote subscription names in pg_createsubscriber (bsc#1265176). * CVE-2026-6477: Mark PQfn() as unsafe, and avoid using it within libpq (bsc#1265177). * CVE-2026-6478: Use timing-safe string comparisons in authentication code (bsc#1265178). * CVE-2026-6479: Prevent unbounded recursion while processing startup packets (bsc#1265179). *CVE-2026-6575: Detect faulty input when restoring attribute MCV statistics (bsc#1265180). * CVE-2026-6637: Prevent SQL injection and buffer overruns in contrib/spi (bsc#1265181). * CVE-2026-6638: Properly quote object names in logical replication origin checks (bsc#1265182). Non security issue: * Get rid of update-alternatives for openSUSE/SLE 16.0 and newer to support immutable systems and transactional updates (jsc#PED-14820). * /usr/bin/pg_config is missing after migrating away from update-alternatives (bsc#1263804). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-1945=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-1945=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-1945=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-1945=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-1945=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-1945=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-1945=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-1945=1 ## Package List: * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libecpg6-debuginfo-18.4-150200.5.12.1 * libecpg6-18.4-150200.5.12.1 * libpq5-debuginfo-18.4-150200.5.12.1 *postgresql18-debugsource-18.4-150200.5.12.1 * postgresql18-debuginfo-18.4-150200.5.12.1 * libpq5-18.4-150200.5.12.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * libpq5-32bit-18.4-150200.5.12.1 * libpq5-32bit-debuginfo-18.4-150200.5.12.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libecpg6-debuginfo-18.4-150200.5.12.1 * libecpg6-18.4-150200.5.12.1 * libpq5-debuginfo-18.4-150200.5.12.1 * postgresql18-debugsource-18.4-150200.5.12.1 * postgresql18-debuginfo-18.4-150200.5.12.1 * libpq5-18.4-150200.5.12.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * libpq5-32bit-18.4-150200.5.12.1 * libpq5-32bit-debuginfo-18.4-150200.5.12.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * libecpg6-debuginfo-18.4-150200.5.12.1 * libecpg6-18.4-150200.5.12.1 * libpq5-debuginfo-18.4-150200.5.12.1 * postgresql18-debugsource-18.4-150200.5.12.1 * postgresql18-debuginfo-18.4-150200.5.12.1 * libpq5-18.4-150200.5.12.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (x86_64) * libpq5-32bit-18.4-150200.5.12.1 * libpq5-32bit-debuginfo-18.4-150200.5.12.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * libecpg6-debuginfo-18.4-150200.5.12.1 * libecpg6-18.4-150200.5.12.1 * libpq5-debuginfo-18.4-150200.5.12.1 * postgresql18-debugsource-18.4-150200.5.12.1 * postgresql18-debuginfo-18.4-150200.5.12.1 * libpq5-18.4-150200.5.12.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (x86_64) * libpq5-32bit-18.4-150200.5.12.1 * libpq5-32bit-debuginfo-18.4-150200.5.12.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * libecpg6-debuginfo-18.4-150200.5.12.1 * libecpg6-18.4-150200.5.12.1 * libpq5-debuginfo-18.4-150200.5.12.1 * postgresql18-debugsource-18.4-150200.5.12.1 *postgresql18-debuginfo-18.4-150200.5.12.1 * libpq5-18.4-150200.5.12.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (x86_64) * libpq5-32bit-18.4-150200.5.12.1 * libpq5-32bit-debuginfo-18.4-150200.5.12.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * libecpg6-debuginfo-18.4-150200.5.12.1 * libecpg6-18.4-150200.5.12.1 * libpq5-debuginfo-18.4-150200.5.12.1 * postgresql18-debugsource-18.4-150200.5.12.1 * postgresql18-debuginfo-18.4-150200.5.12.1 * libpq5-18.4-150200.5.12.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (x86_64) * libpq5-32bit-18.4-150200.5.12.1 * libpq5-32bit-debuginfo-18.4-150200.5.12.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * libecpg6-debuginfo-18.4-150200.5.12.1 * libecpg6-18.4-150200.5.12.1 * libpq5-debuginfo-18.4-150200.5.12.1 * postgresql18-debugsource-18.4-150200.5.12.1 * postgresql18-debuginfo-18.4-150200.5.12.1 * libpq5-18.4-150200.5.12.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (x86_64) * libpq5-32bit-18.4-150200.5.12.1 * libpq5-32bit-debuginfo-18.4-150200.5.12.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libecpg6-debuginfo-18.4-150200.5.12.1 * libecpg6-18.4-150200.5.12.1 * libpq5-debuginfo-18.4-150200.5.12.1 * postgresql18-debugsource-18.4-150200.5.12.1 * postgresql18-debuginfo-18.4-150200.5.12.1 * libpq5-18.4-150200.5.12.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * libpq5-32bit-18.4-150200.5.12.1 * libpq5-32bit-debuginfo-18.4-150200.5.12.1 ## References: * https://www.suse.com/security/cve/CVE-2026-6472.html * https://www.suse.com/security/cve/CVE-2026-6473.html * https://www.suse.com/security/cve/CVE-2026-6474.html * https://www.suse.com/security/cve/CVE-2026-6475.html * https://www.suse.com/security/cve/CVE-2026-6476.html * https://www.suse.com/security/cve/CVE-2026-6477.html *https://www.suse.com/security/cve/CVE-2026-6478.html * https://www.suse.com/security/cve/CVE-2026-6479.html * https://www.suse.com/security/cve/CVE-2026-6575.html * https://www.suse.com/security/cve/CVE-2026-6637.html * https://www.suse.com/security/cve/CVE-2026-6638.html * https://bugzilla.suse.com/show_bug.cgi?id=1263804 * https://bugzilla.suse.com/show_bug.cgi?id=1265172 * https://bugzilla.suse.com/show_bug.cgi?id=1265173 * https://bugzilla.suse.com/show_bug.cgi?id=1265174 * https://bugzilla.suse.com/show_bug.cgi?id=1265175 * https://bugzilla.suse.com/show_bug.cgi?id=1265176 * https://bugzilla.suse.com/show_bug.cgi?id=1265177 * https://bugzilla.suse.com/show_bug.cgi?id=1265178 * https://bugzilla.suse.com/show_bug.cgi?id=1265179 * https://bugzilla.suse.com/show_bug.cgi?id=1265180 * https://bugzilla.suse.com/show_bug.cgi?id=1265181 * https://bugzilla.suse.com/show_bug.cgi?id=1265182 * https://jira.suse.com/browse/PED-14820 . A SUSE patch for postgresql18 resolves 11 issues including important security fixes. Essential updates recommended.. postgresql18 update sql injection memory overflow security patch. . Severity: Important. LinuxSecurity.com Team
May 18, 2026
•Important
SuSE
100
security advisorysecurity issueSuSESUSE Postgresql18 Important Issues Addressed 2026-1946-1
An update that solves 11 vulnerabilities, contains one feature and has one security fix can now be installed.. # Security update for postgresql18 Announcement ID: SUSE-SU-2026:1946-1 Release Date: 2026-05-18T07:49:01Z Rating: important References: * bsc#1263804 * bsc#1265172 * bsc#1265173 * bsc#1265174 * bsc#1265175 * bsc#1265176 * bsc#1265177 * bsc#1265178 * bsc#1265179 * bsc#1265180 * bsc#1265181 * bsc#1265182 * jsc#PED-14820 Cross-References: * CVE-2026-6472 * CVE-2026-6473 * CVE-2026-6474 * CVE-2026-6475 * CVE-2026-6476 * CVE-2026-6477 * CVE-2026-6478 * CVE-2026-6479 * CVE-2026-6575 * CVE-2026-6637 * CVE-2026-6638 CVSS scores: * CVE-2026-6472 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2026-6472 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2026-6473 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-6473 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-6474 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2026-6474 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2026-6475 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-6475 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-6476 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-6476 ( NVD ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-6477 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-6477 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-6478 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2026-6478 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2026-6479 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-6479 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-6575 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2026-6575 (NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2026-6637 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-6637 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-6638 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N * CVE-2026-6638 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves 11 vulnerabilities, contains one feature and has one security fix can now be installed. ## Description: This update for postgresql18 fixes the following issues Update to version 18.4. Security issues: * CVE-2026-6472: ensure the user has CREATE privilege on the schema specified (bsc#1265172). * CVE-2026-6473: integer overflows in memory-allocation calculations (bsc#1265173). * CVE-2026-6474: Guard against malicious time zone names (bsc#1265174). * CVE-2026-6475: Prevent path traversal in pg_basebackup and pg_rewind (bsc#1265175). * CVE-2026-6476: Properly quote subscription names in pg_createsubscriber (bsc#1265176). * CVE-2026-6477: Mark PQfn() as unsafe, and avoid using it within libpq (bsc#1265177). * CVE-2026-6478: Use timing-safe string comparisons in authentication code (bsc#1265178). * CVE-2026-6479: Prevent unbounded recursion while processing startup packets (bsc#1265179). * CVE-2026-6575: Detect faulty input when restoring attribute MCV statistics (bsc#1265180). * CVE-2026-6637: Prevent SQL injection and buffer overruns in contrib/spi (bsc#1265181). * CVE-2026-6638: Properly quote object names in logical replication origin checks (bsc#1265182). Non security issue: * Get rid of update-alternatives for openSUSE/SLE 16.0 and newer to support immutablesystems and transactional updates (jsc#PED-14820). * /usr/bin/pg_config is missing after migrating away from update-alternatives (bsc#1263804). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2026-1946=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2026-1946=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * libecpg6-debuginfo-18.4-8.12.1 * libpq5-18.4-8.12.1 * libpq5-debuginfo-18.4-8.12.1 * libecpg6-18.4-8.12.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (s390x x86_64) * libpq5-debuginfo-32bit-18.4-8.12.1 * libecpg6-32bit-18.4-8.12.1 * libpq5-32bit-18.4-8.12.1 * libecpg6-debuginfo-32bit-18.4-8.12.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * libpq5-18.4-8.12.1 * libecpg6-18.4-8.12.1 * libpq5-debuginfo-18.4-8.12.1 * libecpg6-debuginfo-32bit-18.4-8.12.1 * libpq5-32bit-18.4-8.12.1 * libpq5-debuginfo-32bit-18.4-8.12.1 * libecpg6-debuginfo-18.4-8.12.1 * libecpg6-32bit-18.4-8.12.1 ## References: * https://www.suse.com/security/cve/CVE-2026-6472.html * https://www.suse.com/security/cve/CVE-2026-6473.html * https://www.suse.com/security/cve/CVE-2026-6474.html * https://www.suse.com/security/cve/CVE-2026-6475.html * https://www.suse.com/security/cve/CVE-2026-6476.html * https://www.suse.com/security/cve/CVE-2026-6477.html * https://www.suse.com/security/cve/CVE-2026-6478.html * https://www.suse.com/security/cve/CVE-2026-6479.html * https://www.suse.com/security/cve/CVE-2026-6575.html * https://www.suse.com/security/cve/CVE-2026-6637.html * https://www.suse.com/security/cve/CVE-2026-6638.html *https://bugzilla.suse.com/show_bug.cgi?id=1263804 * https://bugzilla.suse.com/show_bug.cgi?id=1265172 * https://bugzilla.suse.com/show_bug.cgi?id=1265173 * https://bugzilla.suse.com/show_bug.cgi?id=1265174 * https://bugzilla.suse.com/show_bug.cgi?id=1265175 * https://bugzilla.suse.com/show_bug.cgi?id=1265176 * https://bugzilla.suse.com/show_bug.cgi?id=1265177 * https://bugzilla.suse.com/show_bug.cgi?id=1265178 * https://bugzilla.suse.com/show_bug.cgi?id=1265179 * https://bugzilla.suse.com/show_bug.cgi?id=1265180 * https://bugzilla.suse.com/show_bug.cgi?id=1265181 * https://bugzilla.suse.com/show_bug.cgi?id=1265182 * https://jira.suse.com/browse/PED-14820 . Patch for important issues in postgresql18 on SUSE addressing multiple vulnerabilities and enhancing security measures.. Security Update, PostgreSQL, Vulnerability Fixed, SUSE Patch. . Severity: Important. LinuxSecurity.com Team
May 18, 2026
•Important
SuSE
100
security advisorySuSEbuffer overrunSUSE Postgresql18 Important Buffer Overrun Fix Advisory 2026-20921-1
An update that solves five vulnerabilities and has one fix can now be installed.. # Security update for postgresql18 Announcement ID: SUSE-SU-2026:20921-1 Release Date: 2026-03-20T14:50:43Z Rating: important References: * bsc#1258008 * bsc#1258009 * bsc#1258010 * bsc#1258011 * bsc#1258012 * bsc#1258754 Cross-References: * CVE-2026-2003 * CVE-2026-2004 * CVE-2026-2005 * CVE-2026-2006 * CVE-2026-2007 CVSS scores: * CVE-2026-2003 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2026-2003 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2026-2004 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-2004 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-2005 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-2005 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-2006 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-2006 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-2007 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2026-2007 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H Affected Products: * SUSE Linux Enterprise Server - BCI 16.0 An update that solves five vulnerabilities and has one fix can now be installed. ## Description: This update for postgresql18 fixes the following issues: * Update to version 18.3. (bsc#1258754) * CVE-2026-2003: Guard against unexpected dimensions of oidvector/int2vector (bsc#1258008) * CVE-2026-2004: Harden selectivity estimators against being attached to operators that accept unexpected data types. (bsc#1258009) * CVE-2026-2005: Fix buffer overrun in contrib/pgcrypto's PGP decryption functions. (bsc#1258010) * CVE-2026-2006: Fix inadequate validation of multibyte character lengths. (bsc#1258011) * CVE-2026-2007: Harden contrib/pg_trgm against changes in string lowercasing behavior.(bsc#1258012) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server - BCI 16.0 zypper in -t patch SUSE-SLES-16.0-422=1 ## Package List: * SUSE Linux Enterprise Server - BCI 16.0 (aarch64 ppc64le s390x x86_64) * postgresql18-server-18.3-160000.1.1 * postgresql18-debuginfo-18.3-160000.1.1 * libpq5-debuginfo-18.3-160000.1.1 * postgresql18-server-debuginfo-18.3-160000.1.1 * postgresql18-server-devel-18.3-160000.1.1 * postgresql18-plperl-18.3-160000.1.1 * postgresql18-18.3-160000.1.1 * postgresql18-plpython-debuginfo-18.3-160000.1.1 * postgresql18-contrib-18.3-160000.1.1 * postgresql18-contrib-debuginfo-18.3-160000.1.1 * libecpg6-debuginfo-18.3-160000.1.1 * libecpg6-18.3-160000.1.1 * postgresql18-devel-18.3-160000.1.1 * postgresql18-pltcl-18.3-160000.1.1 * postgresql18-debugsource-18.3-160000.1.1 * postgresql18-devel-debuginfo-18.3-160000.1.1 * postgresql18-pltcl-debuginfo-18.3-160000.1.1 * libpq5-18.3-160000.1.1 * postgresql18-plpython-18.3-160000.1.1 * postgresql18-plperl-debuginfo-18.3-160000.1.1 * postgresql18-server-devel-debuginfo-18.3-160000.1.1 * SUSE Linux Enterprise Server - BCI 16.0 (noarch) * postgresql18-docs-18.3-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-2003.html * https://www.suse.com/security/cve/CVE-2026-2004.html * https://www.suse.com/security/cve/CVE-2026-2005.html * https://www.suse.com/security/cve/CVE-2026-2006.html * https://www.suse.com/security/cve/CVE-2026-2007.html * https://bugzilla.suse.com/show_bug.cgi?id=1258008 * https://bugzilla.suse.com/show_bug.cgi?id=1258009 * https://bugzilla.suse.com/show_bug.cgi?id=1258010 * https://bugzilla.suse.com/show_bug.cgi?id=1258011 * https://bugzilla.suse.com/show_bug.cgi?id=1258012 *https://bugzilla.suse.com/show_bug.cgi?id=1258754 . This important update for postgresql18 on SUSE addresses five issues and enhances security considerably.. Postgresql18 Security Update, SUSE Important Fix, Linux Patch Instructions, Buffer Overrun Fix. . Severity: Important. LinuxSecurity.com Team
Apr 01, 2026
•Important
SuSE
202
security advisorybuffer overrunarbitrary code executionopenSUSE postgresql18 Important Arbitrary Code Exec Vuln 2026-0881-1
An update that solves five vulnerabilities and has one security fix can now be installed.. # Security update for postgresql18 Announcement ID: SUSE-SU-2026:0881-1 Release Date: 2026-03-12T10:19:08Z Rating: important References: * bsc#1258008 * bsc#1258009 * bsc#1258010 * bsc#1258011 * bsc#1258012 * bsc#1258754 Cross-References: * CVE-2026-2003 * CVE-2026-2004 * CVE-2026-2005 * CVE-2026-2006 * CVE-2026-2007 CVSS scores: * CVE-2026-2003 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2026-2003 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2026-2004 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-2004 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-2005 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-2005 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-2006 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-2006 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-2007 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2026-2007 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H Affected Products: * Basesystem Module 15-SP7 * openSUSE Leap 15.6 * Server Applications Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Package Hub 15 15-SP7 An update that solves five vulnerabilities and has one security fix can now be installed. ## Description: This update for postgresql18 fixes the following issues: Update to version 18.3 (bsc#1258754). Security issues fixed: * CVE-2026-2003: improper validation of type "oidvector" may allow disclose a few bytesof server memory (bsc#1258008). * CVE-2026-2004: intarray missing validation of type of input to selectivity estimator could lead to arbitrary code execution (bsc#1258009). * CVE-2026-2005: buffer overrun in contrib/pgcrypto's PGP decryption functions could lead to arbitrary code execution (bsc#1258010). * CVE-2026-2006: inadequate validation of multibyte character lengths could lead to arbitrary code execution (bsc#1258011). * CVE-2026-2007: pg_trgm heap buffer overflow can cause to write pattern onto server memory (bsc#1258012). Regression fixes: * the substring() function raises an error "invalid byte sequence for encoding" on non-ASCII text values if the source of that value is a database column (caused by CVE-2026-2006 fix). * a standby may halt and return an error "could not access status of transaction". ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-881=1 openSUSE-SLE-15.6-2026-881=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-881=1 * SUSE Package Hub 15 15-SP7 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-881=1 * Server Applications Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP7-2026-881=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-881=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-881=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * postgresql18-server-18.3-150600.13.8.1 * postgresql18-plpython-18.3-150600.13.8.1 * postgresql18-plperl-18.3-150600.13.8.1 * postgresql18-server-debuginfo-18.3-150600.13.8.1 *postgresql18-devel-18.3-150600.13.8.1 * postgresql18-plpython-debuginfo-18.3-150600.13.8.1 * libecpg6-18.3-150600.13.8.1 * postgresql18-18.3-150600.13.8.1 * postgresql18-devel-mini-18.3-150600.13.8.1 * postgresql18-plperl-debuginfo-18.3-150600.13.8.1 * postgresql18-devel-debuginfo-18.3-150600.13.8.1 * postgresql18-devel-mini-debuginfo-18.3-150600.13.8.1 * libecpg6-debuginfo-18.3-150600.13.8.1 * postgresql18-debuginfo-18.3-150600.13.8.1 * postgresql18-llvmjit-debuginfo-18.3-150600.13.8.1 * postgresql18-llvmjit-devel-18.3-150600.13.8.1 * postgresql18-pltcl-debuginfo-18.3-150600.13.8.1 * postgresql18-server-devel-debuginfo-18.3-150600.13.8.1 * postgresql18-contrib-18.3-150600.13.8.1 * postgresql18-mini-debugsource-18.3-150600.13.8.1 * libpq5-debuginfo-18.3-150600.13.8.1 * postgresql18-contrib-debuginfo-18.3-150600.13.8.1 * postgresql18-pltcl-18.3-150600.13.8.1 * postgresql18-server-devel-18.3-150600.13.8.1 * postgresql18-test-18.3-150600.13.8.1 * postgresql18-llvmjit-18.3-150600.13.8.1 * postgresql18-debugsource-18.3-150600.13.8.1 * libpq5-18.3-150600.13.8.1 * openSUSE Leap 15.6 (x86_64) * libpq5-32bit-debuginfo-18.3-150600.13.8.1 * libecpg6-32bit-18.3-150600.13.8.1 * libecpg6-32bit-debuginfo-18.3-150600.13.8.1 * libpq5-32bit-18.3-150600.13.8.1 * openSUSE Leap 15.6 (noarch) * postgresql18-docs-18.3-150600.13.8.1 * openSUSE Leap 15.6 (aarch64_ilp32) * libecpg6-64bit-debuginfo-18.3-150600.13.8.1 * libecpg6-64bit-18.3-150600.13.8.1 * libpq5-64bit-debuginfo-18.3-150600.13.8.1 * libpq5-64bit-18.3-150600.13.8.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * libpq5-debuginfo-18.3-150600.13.8.1 * postgresql18-debuginfo-18.3-150600.13.8.1 * postgresql18-debugsource-18.3-150600.13.8.1 * postgresql18-18.3-150600.13.8.1 * libpq5-18.3-150600.13.8.1 * Basesystem Module 15-SP7 (x86_64) * libpq5-32bit-debuginfo-18.3-150600.13.8.1 *libpq5-32bit-18.3-150600.13.8.1 * SUSE Package Hub 15 15-SP7 (aarch64 ppc64le s390x x86_64) * postgresql18-test-18.3-150600.13.8.1 * postgresql18-llvmjit-18.3-150600.13.8.1 * postgresql18-llvmjit-debuginfo-18.3-150600.13.8.1 * postgresql18-llvmjit-devel-18.3-150600.13.8.1 * Server Applications Module 15-SP7 (aarch64 ppc64le s390x x86_64) * postgresql18-pltcl-debuginfo-18.3-150600.13.8.1 * postgresql18-plpython-18.3-150600.13.8.1 * postgresql18-server-18.3-150600.13.8.1 * postgresql18-plperl-debuginfo-18.3-150600.13.8.1 * postgresql18-devel-debuginfo-18.3-150600.13.8.1 * postgresql18-plperl-18.3-150600.13.8.1 * postgresql18-server-devel-debuginfo-18.3-150600.13.8.1 * postgresql18-server-debuginfo-18.3-150600.13.8.1 * postgresql18-debuginfo-18.3-150600.13.8.1 * libecpg6-debuginfo-18.3-150600.13.8.1 * postgresql18-contrib-debuginfo-18.3-150600.13.8.1 * postgresql18-devel-18.3-150600.13.8.1 * postgresql18-plpython-debuginfo-18.3-150600.13.8.1 * postgresql18-pltcl-18.3-150600.13.8.1 * postgresql18-server-devel-18.3-150600.13.8.1 * postgresql18-contrib-18.3-150600.13.8.1 * libecpg6-18.3-150600.13.8.1 * postgresql18-debugsource-18.3-150600.13.8.1 * Server Applications Module 15-SP7 (noarch) * postgresql18-docs-18.3-150600.13.8.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64) * postgresql18-server-18.3-150600.13.8.1 * postgresql18-plpython-18.3-150600.13.8.1 * postgresql18-plperl-18.3-150600.13.8.1 * postgresql18-server-debuginfo-18.3-150600.13.8.1 * postgresql18-devel-18.3-150600.13.8.1 * postgresql18-plpython-debuginfo-18.3-150600.13.8.1 * libecpg6-18.3-150600.13.8.1 * postgresql18-18.3-150600.13.8.1 * postgresql18-plperl-debuginfo-18.3-150600.13.8.1 * postgresql18-devel-debuginfo-18.3-150600.13.8.1 * libecpg6-debuginfo-18.3-150600.13.8.1 * postgresql18-debuginfo-18.3-150600.13.8.1 * postgresql18-pltcl-debuginfo-18.3-150600.13.8.1 *postgresql18-server-devel-debuginfo-18.3-150600.13.8.1 * postgresql18-contrib-18.3-150600.13.8.1 * libpq5-debuginfo-18.3-150600.13.8.1 * postgresql18-contrib-debuginfo-18.3-150600.13.8.1 * postgresql18-pltcl-18.3-150600.13.8.1 * postgresql18-server-devel-18.3-150600.13.8.1 * postgresql18-debugsource-18.3-150600.13.8.1 * libpq5-18.3-150600.13.8.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (noarch) * postgresql18-docs-18.3-150600.13.8.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (x86_64) * libpq5-32bit-debuginfo-18.3-150600.13.8.1 * libpq5-32bit-18.3-150600.13.8.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) * postgresql18-server-18.3-150600.13.8.1 * postgresql18-plpython-18.3-150600.13.8.1 * postgresql18-plperl-18.3-150600.13.8.1 * postgresql18-server-debuginfo-18.3-150600.13.8.1 * postgresql18-devel-18.3-150600.13.8.1 * postgresql18-plpython-debuginfo-18.3-150600.13.8.1 * libecpg6-18.3-150600.13.8.1 * postgresql18-18.3-150600.13.8.1 * postgresql18-plperl-debuginfo-18.3-150600.13.8.1 * postgresql18-devel-debuginfo-18.3-150600.13.8.1 * libecpg6-debuginfo-18.3-150600.13.8.1 * postgresql18-debuginfo-18.3-150600.13.8.1 * postgresql18-pltcl-debuginfo-18.3-150600.13.8.1 * postgresql18-server-devel-debuginfo-18.3-150600.13.8.1 * postgresql18-contrib-18.3-150600.13.8.1 * libpq5-debuginfo-18.3-150600.13.8.1 * postgresql18-contrib-debuginfo-18.3-150600.13.8.1 * postgresql18-pltcl-18.3-150600.13.8.1 * postgresql18-server-devel-18.3-150600.13.8.1 * postgresql18-debugsource-18.3-150600.13.8.1 * libpq5-18.3-150600.13.8.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (noarch) * postgresql18-docs-18.3-150600.13.8.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (x86_64) * libpq5-32bit-debuginfo-18.3-150600.13.8.1 * libpq5-32bit-18.3-150600.13.8.1 ## References: * https://www.suse.com/security/cve/CVE-2026-2003.html *https://www.suse.com/security/cve/CVE-2026-2004.html * https://www.suse.com/security/cve/CVE-2026-2005.html * https://www.suse.com/security/cve/CVE-2026-2006.html * https://www.suse.com/security/cve/CVE-2026-2007.html * https://bugzilla.suse.com/show_bug.cgi?id=1258008 * https://bugzilla.suse.com/show_bug.cgi?id=1258009 * https://bugzilla.suse.com/show_bug.cgi?id=1258010 * https://bugzilla.suse.com/show_bug.cgi?id=1258011 * https://bugzilla.suse.com/show_bug.cgi?id=1258012 * https://bugzilla.suse.com/show_bug.cgi?id=1258754 . This update corrects five issues for postgresql18 on openSUSE, enhancing system security.. postgresql security openSUSE vulnerabilities fix. . Severity: Important. LinuxSecurity.com Team
Mar 12, 2026
•Important
OpenSUSE
100
security advisorySuSEarbitrary code executionSUSE 15 SP7 PostgreSQL 18 Important Security Fix Advisory 2026-0881-1
An update that solves five vulnerabilities and has one security fix can now be installed.. # Security update for postgresql18 Announcement ID: SUSE-SU-2026:0881-1 Release Date: 2026-03-12T10:19:08Z Rating: important References: * bsc#1258008 * bsc#1258009 * bsc#1258010 * bsc#1258011 * bsc#1258012 * bsc#1258754 Cross-References: * CVE-2026-2003 * CVE-2026-2004 * CVE-2026-2005 * CVE-2026-2006 * CVE-2026-2007 CVSS scores: * CVE-2026-2003 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2026-2003 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2026-2004 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-2004 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-2005 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-2005 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-2006 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-2006 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-2007 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2026-2007 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H Affected Products: * Basesystem Module 15-SP7 * openSUSE Leap 15.6 * Server Applications Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Package Hub 15 15-SP7 An update that solves five vulnerabilities and has one security fix can now be installed. ## Description: This update for postgresql18 fixes the following issues: Update to version 18.3 (bsc#1258754). Security issues fixed: * CVE-2026-2003: improper validation of type "oidvector" may allow disclose a few bytesof server memory (bsc#1258008). * CVE-2026-2004: intarray missing validation of type of input to selectivity estimator could lead to arbitrary code execution (bsc#1258009). * CVE-2026-2005: buffer overrun in contrib/pgcrypto's PGP decryption functions could lead to arbitrary code execution (bsc#1258010). * CVE-2026-2006: inadequate validation of multibyte character lengths could lead to arbitrary code execution (bsc#1258011). * CVE-2026-2007: pg_trgm heap buffer overflow can cause to write pattern onto server memory (bsc#1258012). Regression fixes: * the substring() function raises an error "invalid byte sequence for encoding" on non-ASCII text values if the source of that value is a database column (caused by CVE-2026-2006 fix). * a standby may halt and return an error "could not access status of transaction". ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-881=1 openSUSE-SLE-15.6-2026-881=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-881=1 * SUSE Package Hub 15 15-SP7 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-881=1 * Server Applications Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP7-2026-881=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-881=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-881=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * postgresql18-server-18.3-150600.13.8.1 * postgresql18-plpython-18.3-150600.13.8.1 * postgresql18-plperl-18.3-150600.13.8.1 * postgresql18-server-debuginfo-18.3-150600.13.8.1 *postgresql18-devel-18.3-150600.13.8.1 * postgresql18-plpython-debuginfo-18.3-150600.13.8.1 * libecpg6-18.3-150600.13.8.1 * postgresql18-18.3-150600.13.8.1 * postgresql18-devel-mini-18.3-150600.13.8.1 * postgresql18-plperl-debuginfo-18.3-150600.13.8.1 * postgresql18-devel-debuginfo-18.3-150600.13.8.1 * postgresql18-devel-mini-debuginfo-18.3-150600.13.8.1 * libecpg6-debuginfo-18.3-150600.13.8.1 * postgresql18-debuginfo-18.3-150600.13.8.1 * postgresql18-llvmjit-debuginfo-18.3-150600.13.8.1 * postgresql18-llvmjit-devel-18.3-150600.13.8.1 * postgresql18-pltcl-debuginfo-18.3-150600.13.8.1 * postgresql18-server-devel-debuginfo-18.3-150600.13.8.1 * postgresql18-contrib-18.3-150600.13.8.1 * postgresql18-mini-debugsource-18.3-150600.13.8.1 * libpq5-debuginfo-18.3-150600.13.8.1 * postgresql18-contrib-debuginfo-18.3-150600.13.8.1 * postgresql18-pltcl-18.3-150600.13.8.1 * postgresql18-server-devel-18.3-150600.13.8.1 * postgresql18-test-18.3-150600.13.8.1 * postgresql18-llvmjit-18.3-150600.13.8.1 * postgresql18-debugsource-18.3-150600.13.8.1 * libpq5-18.3-150600.13.8.1 * openSUSE Leap 15.6 (x86_64) * libpq5-32bit-debuginfo-18.3-150600.13.8.1 * libecpg6-32bit-18.3-150600.13.8.1 * libecpg6-32bit-debuginfo-18.3-150600.13.8.1 * libpq5-32bit-18.3-150600.13.8.1 * openSUSE Leap 15.6 (noarch) * postgresql18-docs-18.3-150600.13.8.1 * openSUSE Leap 15.6 (aarch64_ilp32) * libecpg6-64bit-debuginfo-18.3-150600.13.8.1 * libecpg6-64bit-18.3-150600.13.8.1 * libpq5-64bit-debuginfo-18.3-150600.13.8.1 * libpq5-64bit-18.3-150600.13.8.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * libpq5-debuginfo-18.3-150600.13.8.1 * postgresql18-debuginfo-18.3-150600.13.8.1 * postgresql18-debugsource-18.3-150600.13.8.1 * postgresql18-18.3-150600.13.8.1 * libpq5-18.3-150600.13.8.1 * Basesystem Module 15-SP7 (x86_64) * libpq5-32bit-debuginfo-18.3-150600.13.8.1 *libpq5-32bit-18.3-150600.13.8.1 * SUSE Package Hub 15 15-SP7 (aarch64 ppc64le s390x x86_64) * postgresql18-test-18.3-150600.13.8.1 * postgresql18-llvmjit-18.3-150600.13.8.1 * postgresql18-llvmjit-debuginfo-18.3-150600.13.8.1 * postgresql18-llvmjit-devel-18.3-150600.13.8.1 * Server Applications Module 15-SP7 (aarch64 ppc64le s390x x86_64) * postgresql18-pltcl-debuginfo-18.3-150600.13.8.1 * postgresql18-plpython-18.3-150600.13.8.1 * postgresql18-server-18.3-150600.13.8.1 * postgresql18-plperl-debuginfo-18.3-150600.13.8.1 * postgresql18-devel-debuginfo-18.3-150600.13.8.1 * postgresql18-plperl-18.3-150600.13.8.1 * postgresql18-server-devel-debuginfo-18.3-150600.13.8.1 * postgresql18-server-debuginfo-18.3-150600.13.8.1 * postgresql18-debuginfo-18.3-150600.13.8.1 * libecpg6-debuginfo-18.3-150600.13.8.1 * postgresql18-contrib-debuginfo-18.3-150600.13.8.1 * postgresql18-devel-18.3-150600.13.8.1 * postgresql18-plpython-debuginfo-18.3-150600.13.8.1 * postgresql18-pltcl-18.3-150600.13.8.1 * postgresql18-server-devel-18.3-150600.13.8.1 * postgresql18-contrib-18.3-150600.13.8.1 * libecpg6-18.3-150600.13.8.1 * postgresql18-debugsource-18.3-150600.13.8.1 * Server Applications Module 15-SP7 (noarch) * postgresql18-docs-18.3-150600.13.8.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64) * postgresql18-server-18.3-150600.13.8.1 * postgresql18-plpython-18.3-150600.13.8.1 * postgresql18-plperl-18.3-150600.13.8.1 * postgresql18-server-debuginfo-18.3-150600.13.8.1 * postgresql18-devel-18.3-150600.13.8.1 * postgresql18-plpython-debuginfo-18.3-150600.13.8.1 * libecpg6-18.3-150600.13.8.1 * postgresql18-18.3-150600.13.8.1 * postgresql18-plperl-debuginfo-18.3-150600.13.8.1 * postgresql18-devel-debuginfo-18.3-150600.13.8.1 * libecpg6-debuginfo-18.3-150600.13.8.1 * postgresql18-debuginfo-18.3-150600.13.8.1 * postgresql18-pltcl-debuginfo-18.3-150600.13.8.1 *postgresql18-server-devel-debuginfo-18.3-150600.13.8.1 * postgresql18-contrib-18.3-150600.13.8.1 * libpq5-debuginfo-18.3-150600.13.8.1 * postgresql18-contrib-debuginfo-18.3-150600.13.8.1 * postgresql18-pltcl-18.3-150600.13.8.1 * postgresql18-server-devel-18.3-150600.13.8.1 * postgresql18-debugsource-18.3-150600.13.8.1 * libpq5-18.3-150600.13.8.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (noarch) * postgresql18-docs-18.3-150600.13.8.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (x86_64) * libpq5-32bit-debuginfo-18.3-150600.13.8.1 * libpq5-32bit-18.3-150600.13.8.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) * postgresql18-server-18.3-150600.13.8.1 * postgresql18-plpython-18.3-150600.13.8.1 * postgresql18-plperl-18.3-150600.13.8.1 * postgresql18-server-debuginfo-18.3-150600.13.8.1 * postgresql18-devel-18.3-150600.13.8.1 * postgresql18-plpython-debuginfo-18.3-150600.13.8.1 * libecpg6-18.3-150600.13.8.1 * postgresql18-18.3-150600.13.8.1 * postgresql18-plperl-debuginfo-18.3-150600.13.8.1 * postgresql18-devel-debuginfo-18.3-150600.13.8.1 * libecpg6-debuginfo-18.3-150600.13.8.1 * postgresql18-debuginfo-18.3-150600.13.8.1 * postgresql18-pltcl-debuginfo-18.3-150600.13.8.1 * postgresql18-server-devel-debuginfo-18.3-150600.13.8.1 * postgresql18-contrib-18.3-150600.13.8.1 * libpq5-debuginfo-18.3-150600.13.8.1 * postgresql18-contrib-debuginfo-18.3-150600.13.8.1 * postgresql18-pltcl-18.3-150600.13.8.1 * postgresql18-server-devel-18.3-150600.13.8.1 * postgresql18-debugsource-18.3-150600.13.8.1 * libpq5-18.3-150600.13.8.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (noarch) * postgresql18-docs-18.3-150600.13.8.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (x86_64) * libpq5-32bit-debuginfo-18.3-150600.13.8.1 * libpq5-32bit-18.3-150600.13.8.1 ## References: * https://www.suse.com/security/cve/CVE-2026-2003.html *https://www.suse.com/security/cve/CVE-2026-2004.html * https://www.suse.com/security/cve/CVE-2026-2005.html * https://www.suse.com/security/cve/CVE-2026-2006.html * https://www.suse.com/security/cve/CVE-2026-2007.html * https://bugzilla.suse.com/show_bug.cgi?id=1258008 * https://bugzilla.suse.com/show_bug.cgi?id=1258009 * https://bugzilla.suse.com/show_bug.cgi?id=1258010 * https://bugzilla.suse.com/show_bug.cgi?id=1258011 * https://bugzilla.suse.com/show_bug.cgi?id=1258012 * https://bugzilla.suse.com/show_bug.cgi?id=1258754 . Critical SUSE update for postgresql18 enhances security by addressing multiple significant vulnerabilities.. SUSE PostgreSQL Update 2026 Important Security. . Severity: Important. LinuxSecurity.com Team
Mar 12, 2026
•Important
SuSE
100
security advisorysecurity issueSuSESUSE Postgresql18 Important Security Update CVE-2026-2006 DoS Threat
An update that solves one vulnerability and has one security fix can now be installed.. # Security update for postgresql18 Announcement ID: SUSE-SU-2026:0769-1 Release Date: 2026-03-03T13:11:51Z Rating: important References: * bsc#1258011 * bsc#1258754 Cross-References: * CVE-2026-2006 CVSS scores: * CVE-2026-2006 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-2006 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for postgresql18 fixes the following issue: Update to version 18.3 (bsc#1258754). Regression fixes: * the substring() function raises an error "invalid byte sequence for encoding" on non-ASCII text values if the source of that value is a database column (caused by CVE-2026-2006 fix). * a standby may halt and return an error "could not access status of transaction". ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-769=1 * SUSELinux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-769=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-769=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-769=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-769=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-769=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-769=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-769=1 ## Package List: * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libpq5-debuginfo-18.3-150200.5.9.1 * libecpg6-18.3-150200.5.9.1 * postgresql18-debuginfo-18.3-150200.5.9.1 * postgresql18-debugsource-18.3-150200.5.9.1 * libecpg6-debuginfo-18.3-150200.5.9.1 * libpq5-18.3-150200.5.9.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * libpq5-32bit-debuginfo-18.3-150200.5.9.1 * libpq5-32bit-18.3-150200.5.9.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libpq5-debuginfo-18.3-150200.5.9.1 * libecpg6-18.3-150200.5.9.1 * postgresql18-debuginfo-18.3-150200.5.9.1 * postgresql18-debugsource-18.3-150200.5.9.1 * libecpg6-debuginfo-18.3-150200.5.9.1 * libpq5-18.3-150200.5.9.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * libpq5-32bit-debuginfo-18.3-150200.5.9.1 * libpq5-32bit-18.3-150200.5.9.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * libpq5-debuginfo-18.3-150200.5.9.1 *libecpg6-18.3-150200.5.9.1 * postgresql18-debuginfo-18.3-150200.5.9.1 * postgresql18-debugsource-18.3-150200.5.9.1 * libecpg6-debuginfo-18.3-150200.5.9.1 * libpq5-18.3-150200.5.9.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (x86_64) * libpq5-32bit-debuginfo-18.3-150200.5.9.1 * libpq5-32bit-18.3-150200.5.9.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * libpq5-debuginfo-18.3-150200.5.9.1 * libecpg6-18.3-150200.5.9.1 * postgresql18-debuginfo-18.3-150200.5.9.1 * postgresql18-debugsource-18.3-150200.5.9.1 * libecpg6-debuginfo-18.3-150200.5.9.1 * libpq5-18.3-150200.5.9.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (x86_64) * libpq5-32bit-debuginfo-18.3-150200.5.9.1 * libpq5-32bit-18.3-150200.5.9.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * libpq5-debuginfo-18.3-150200.5.9.1 * libecpg6-18.3-150200.5.9.1 * postgresql18-debuginfo-18.3-150200.5.9.1 * postgresql18-debugsource-18.3-150200.5.9.1 * libecpg6-debuginfo-18.3-150200.5.9.1 * libpq5-18.3-150200.5.9.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (x86_64) * libpq5-32bit-debuginfo-18.3-150200.5.9.1 * libpq5-32bit-18.3-150200.5.9.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * libpq5-debuginfo-18.3-150200.5.9.1 * libecpg6-18.3-150200.5.9.1 * postgresql18-debuginfo-18.3-150200.5.9.1 * postgresql18-debugsource-18.3-150200.5.9.1 * libecpg6-debuginfo-18.3-150200.5.9.1 * libpq5-18.3-150200.5.9.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (x86_64) * libpq5-32bit-debuginfo-18.3-150200.5.9.1 * libpq5-32bit-18.3-150200.5.9.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libpq5-debuginfo-18.3-150200.5.9.1 * libecpg6-18.3-150200.5.9.1 * postgresql18-debuginfo-18.3-150200.5.9.1 * postgresql18-debugsource-18.3-150200.5.9.1 *libecpg6-debuginfo-18.3-150200.5.9.1 * libpq5-18.3-150200.5.9.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * libpq5-32bit-debuginfo-18.3-150200.5.9.1 * libpq5-32bit-18.3-150200.5.9.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * libpq5-debuginfo-18.3-150200.5.9.1 * libecpg6-18.3-150200.5.9.1 * postgresql18-debuginfo-18.3-150200.5.9.1 * postgresql18-debugsource-18.3-150200.5.9.1 * libecpg6-debuginfo-18.3-150200.5.9.1 * libpq5-18.3-150200.5.9.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (x86_64) * libpq5-32bit-debuginfo-18.3-150200.5.9.1 * libpq5-32bit-18.3-150200.5.9.1 ## References: * https://www.suse.com/security/cve/CVE-2026-2006.html * https://bugzilla.suse.com/show_bug.cgi?id=1258011 * https://bugzilla.suse.com/show_bug.cgi?id=1258754 . An important security advisory for SUSE regarding postgresql18 addresses a vulnerability that requires immediate attention. Stay secure!. SUSE Postgresql18 Security Update Importance Threat. . Severity: Important. LinuxSecurity.com Team
Mar 03, 2026
•Important
SuSE
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!