Moderate: postgresql:16 security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:0519", "synopsis": "Moderate: postgresql:16 security update", "severity": "SEVERITY_MODERATE", "topic": "An update is available for pg_repack, module.postgresql, module.pgaudit, postgresql, postgres-decoderbufs, module.pg_repack, module.postgres-decoderbufs, pgaudit.\nThis update affects Rocky Linux 8.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "PostgreSQL is an advanced object-relational database management system (DBMS).\n\nSecurity Fix(es):\n\n* postgresql: CREATE STATISTICS does not check for schema CREATE privilege (CVE-2025-12817)\n\n* postgresql: libpq undersizes allocations, via integer wraparound (CVE-2025-12818)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 8"], "fixes": [{"ticket": "2414825", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2414825", "description": ""}, {"ticket": "2414826", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2414826", "description": ""}], "cves": [{"name": "CVE-2025-12817", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2025-12817", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "cvss3BaseScore": "4.3", "cwe": "CWE-862"}, {"name": "CVE-2025-12818", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2025-12818", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-190"}], "references": [], "publishedAt": "2026-01-14T09:08:51.675924Z", "rpms": {"Rocky Linux 8": {"nvras": ["pgaudit-0:16.0-1.module+el8.10.0+40057+c37a0e3d.aarch64.rpm","pgaudit-0:16.0-1.module+el8.10.0+40057+c37a0e3d.src.rpm", "pgaudit-0:16.0-1.module+el8.10.0+40057+c37a0e3d.x86_64.rpm", "pgaudit-debuginfo-0:16.0-1.module+el8.10.0+40057+c37a0e3d.aarch64.rpm", "pgaudit-debuginfo-0:16.0-1.module+el8.10.0+40057+c37a0e3d.x86_64.rpm", "pgaudit-debugsource-0:16.0-1.module+el8.10.0+40057+c37a0e3d.aarch64.rpm", "pgaudit-debugsource-0:16.0-1.module+el8.10.0+40057+c37a0e3d.x86_64.rpm", "pg_repack-0:1.5.1-1.module+el8.10.0+40057+c37a0e3d.aarch64.rpm", "pg_repack-0:1.5.1-1.module+el8.10.0+40057+c37a0e3d.src.rpm", "pg_repack-0:1.5.1-1.module+el8.10.0+40057+c37a0e3d.x86_64.rpm", "pg_repack-debuginfo-0:1.5.1-1.module+el8.10.0+40057+c37a0e3d.aarch64.rpm", "pg_repack-debuginfo-0:1.5.1-1.module+el8.10.0+40057+c37a0e3d.x86_64.rpm", "pg_repack-debugsource-0:1.5.1-1.module+el8.10.0+40057+c37a0e3d.aarch64.rpm", "pg_repack-debugsource-0:1.5.1-1.module+el8.10.0+40057+c37a0e3d.x86_64.rpm", "postgres-decoderbufs-0:2.4.0-1.Final.module+el8.10.0+40057+c37a0e3d.aarch64.rpm", "postgres-decoderbufs-0:2.4.0-1.Final.module+el8.10.0+40057+c37a0e3d.src.rpm", "postgres-decoderbufs-0:2.4.0-1.Final.module+el8.10.0+40057+c37a0e3d.x86_64.rpm", "postgres-decoderbufs-debuginfo-0:2.4.0-1.Final.module+el8.10.0+40057+c37a0e3d.aarch64.rpm", "postgres-decoderbufs-debuginfo-0:2.4.0-1.Final.module+el8.10.0+40057+c37a0e3d.x86_64.rpm", "postgres-decoderbufs-debugsource-0:2.4.0-1.Final.module+el8.10.0+40057+c37a0e3d.aarch64.rpm", "postgres-decoderbufs-debugsource-0:2.4.0-1.Final.module+el8.10.0+40057+c37a0e3d.x86_64.rpm", "postgresql-0:16.11-1.module+el8.10.0+40057+c37a0e3d.aarch64.rpm", "postgresql-0:16.11-1.module+el8.10.0+40057+c37a0e3d.src.rpm", "postgresql-0:16.11-1.module+el8.10.0+40057+c37a0e3d.x86_64.rpm", "postgresql-contrib-0:16.11-1.module+el8.10.0+40057+c37a0e3d.aarch64.rpm", "postgresql-contrib-0:16.11-1.module+el8.10.0+40057+c37a0e3d.x86_64.rpm", "postgresql-contrib-debuginfo-0:16.11-1.module+el8.10.0+40057+c37a0e3d.aarch64.rpm", "postgresql-contrib-debuginfo-0:16.11-1.module+el8.10.0+40057+c37a0e3d.x86_64.rpm","postgresql-debuginfo-0:16.11-1.module+el8.10.0+40057+c37a0e3d.aarch64.rpm", "postgresql-debuginfo-0:16.11-1.module+el8.10.0+40057+c37a0e3d.x86_64.rpm", "postgresql-debugsource-0:16.11-1.module+el8.10.0+40057+c37a0e3d.aarch64.rpm", "postgresql-debugsource-0:16.11-1.module+el8.10.0+40057+c37a0e3d.x86_64.rpm", "postgresql-docs-0:16.11-1.module+el8.10.0+40057+c37a0e3d.aarch64.rpm", "postgresql-docs-0:16.11-1.module+el8.10.0+40057+c37a0e3d.x86_64.rpm", "postgresql-docs-debuginfo-0:16.11-1.module+el8.10.0+40057+c37a0e3d.aarch64.rpm", "postgresql-docs-debuginfo-0:16.11-1.module+el8.10.0+40057+c37a0e3d.x86_64.rpm", "postgresql-plperl-0:16.11-1.module+el8.10.0+40057+c37a0e3d.aarch64.rpm", "postgresql-plperl-0:16.11-1.module+el8.10.0+40057+c37a0e3d.x86_64.rpm", "postgresql-plperl-debuginfo-0:16.11-1.module+el8.10.0+40057+c37a0e3d.aarch64.rpm", "postgresql-plperl-debuginfo-0:16.11-1.module+el8.10.0+40057+c37a0e3d.x86_64.rpm", "postgresql-plpython3-0:16.11-1.module+el8.10.0+40057+c37a0e3d.aarch64.rpm", "postgresql-plpython3-0:16.11-1.module+el8.10.0+40057+c37a0e3d.x86_64.rpm", "postgresql-plpython3-debuginfo-0:16.11-1.module+el8.10.0+40057+c37a0e3d.aarch64.rpm", "postgresql-plpython3-debuginfo-0:16.11-1.module+el8.10.0+40057+c37a0e3d.x86_64.rpm", "postgresql-pltcl-0:16.11-1.module+el8.10.0+40057+c37a0e3d.aarch64.rpm", "postgresql-pltcl-0:16.11-1.module+el8.10.0+40057+c37a0e3d.x86_64.rpm", "postgresql-pltcl-debuginfo-0:16.11-1.module+el8.10.0+40057+c37a0e3d.aarch64.rpm", "postgresql-pltcl-debuginfo-0:16.11-1.module+el8.10.0+40057+c37a0e3d.x86_64.rpm", "postgresql-private-devel-0:16.11-1.module+el8.10.0+40057+c37a0e3d.aarch64.rpm", "postgresql-private-devel-0:16.11-1.module+el8.10.0+40057+c37a0e3d.x86_64.rpm", "postgresql-private-libs-0:16.11-1.module+el8.10.0+40057+c37a0e3d.aarch64.rpm", "postgresql-private-libs-0:16.11-1.module+el8.10.0+40057+c37a0e3d.x86_64.rpm", "postgresql-private-libs-debuginfo-0:16.11-1.module+el8.10.0+40057+c37a0e3d.aarch64.rpm","postgresql-private-libs-debuginfo-0:16.11-1.module+el8.10.0+40057+c37a0e3d.x86_64.rpm", "postgresql-server-0:16.11-1.module+el8.10.0+40057+c37a0e3d.aarch64.rpm", "postgresql-server-0:16.11-1.module+el8.10.0+40057+c37a0e3d.x86_64.rpm", "postgresql-server-debuginfo-0:16.11-1.module+el8.10.0+40057+c37a0e3d.aarch64.rpm", "postgresql-server-debuginfo-0:16.11-1.module+el8.10.0+40057+c37a0e3d.x86_64.rpm", "postgresql-server-devel-0:16.11-1.module+el8.10.0+40057+c37a0e3d.aarch64.rpm", "postgresql-server-devel-0:16.11-1.module+el8.10.0+40057+c37a0e3d.x86_64.rpm", "postgresql-server-devel-debuginfo-0:16.11-1.module+el8.10.0+40057+c37a0e3d.aarch64.rpm", "postgresql-server-devel-debuginfo-0:16.11-1.module+el8.10.0+40057+c37a0e3d.x86_64.rpm", "postgresql-static-0:16.11-1.module+el8.10.0+40057+c37a0e3d.aarch64.rpm", "postgresql-static-0:16.11-1.module+el8.10.0+40057+c37a0e3d.x86_64.rpm", "postgresql-test-0:16.11-1.module+el8.10.0+40057+c37a0e3d.aarch64.rpm", "postgresql-test-0:16.11-1.module+el8.10.0+40057+c37a0e3d.x86_64.rpm", "postgresql-test-debuginfo-0:16.11-1.module+el8.10.0+40057+c37a0e3d.aarch64.rpm", "postgresql-test-debuginfo-0:16.11-1.module+el8.10.0+40057+c37a0e3d.x86_64.rpm", "postgresql-test-rpm-macros-0:16.11-1.module+el8.10.0+40057+c37a0e3d.noarch.rpm", "postgresql-upgrade-0:16.11-1.module+el8.10.0+40057+c37a0e3d.aarch64.rpm", "postgresql-upgrade-0:16.11-1.module+el8.10.0+40057+c37a0e3d.x86_64.rpm", "postgresql-upgrade-debuginfo-0:16.11-1.module+el8.10.0+40057+c37a0e3d.aarch64.rpm", "postgresql-upgrade-debuginfo-0:16.11-1.module+el8.10.0+40057+c37a0e3d.x86_64.rpm", "postgresql-upgrade-devel-0:16.11-1.module+el8.10.0+40057+c37a0e3d.aarch64.rpm", "postgresql-upgrade-devel-0:16.11-1.module+el8.10.0+40057+c37a0e3d.x86_64.rpm", "postgresql-upgrade-devel-debuginfo-0:16.11-1.module+el8.10.0+40057+c37a0e3d.aarch64.rpm", "postgresql-upgrade-devel-debuginfo-0:16.11-1.module+el8.10.0+40057+c37a0e3d.x86_64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. Moderate security updates for PostgreSQL on Rocky Linuxaddress specific issues affecting schema privileges and allocations.. Rocky Linux PostgreSQL Security Update CVE-2025-12817 CVE-2025-12818. . LinuxSecurity.com Team
Get the latest Linux and open source security news straight to your inbox.