Release date:
2026-05-27 08:20:12 UTC
Description:
* SECURITY UPDATE: postgresql May-2026 CVE batch
- debian/patches/CVE-2026-6473.patch: integer overflow fixes across
multiple vulnerable sites: formatting.c size calculations (mul_size),
intarray/ltxtquery findoprnd() left-offset overflow with int16
check, ltree lquery numvar/totallen overflow with PG_UINT16_MAX
check, ts_headline option length overflow with per-option
ERRCODE_INVALID_PARAMETER_VALUE checks, array_agg
accumArrayResultArr() nitems overflow with MaxArraySize check, and
hstore_plperl/hstore_plpython palloc overflow via mul_size().
- debian/patches/CVE-2026-6474.patch: guard pg_strftime() callers and
ensure null-terminated output on overflow; split timeofday()
pg_strftime so the %Z timezone string is never embedded as a format
string in subsequent snprintf().
- debian/patches/CVE-2026-6475.patch: prevent path traversal in
pg_rewind via path_is_safe_for_extraction() helper.
- debian/patches/CVE-2026-6477.patch: harden PQfn()/pqFunctionCall3
against server-controlled buffer overruns in libpq large-object
interface (lo_read, lo_lseek64 and lo_tell64 callers).
- debian/patches/CVE-2026-6478.patch: add timingsafe_bcmp() helper and
apply it in MD5/RADIUS/plain auth paths to prevent timing-channel
leaks (SCRAM not in 9.5).
- debian/patches/CVE-2026-6479.patch: fix unbounded recursive handling
of SSL negotiation in ProcessStartupPacket() (convert recursive call
to goto-retry loop).
- debian/patches/CVE-2026-6637.patch: switch refint contrib
check_foreign_key to StringInfo and quote_literal_cstr() to prevent
SQL injection and stack buffer overruns.
- CVE-2026-6473
- CVE-2026-6474
- CVE-2026-6475
- CVE-2026-6477
- CVE-2026-6478
- CVE-2026-6479
- CVE-2026-6637
* debian/patches/fix-regress-tzdata-LMT.patch: refresh src/test/regress
expected output for date, timestamptz and horology tests so they match
the LMT abbreviation emitted by current tzdata for pre-1883 dates.
Updated packages:
-
libecpg-compat3_9.5.25-0ubuntu0.16.04.1+tuxcare.els13_amd64.deb
sha:c8534408197a57e035fc788e18469a1ea7f73a6f
-
libecpg-dev_9.5.25-0ubuntu0.16.04.1+tuxcare.els13_amd64.deb
sha:682533ab6a14429a5b698f308447beed8f651b7c
-
libecpg6_9.5.25-0ubuntu0.16.04.1+tuxcare.els13_amd64.deb
sha:39e587cb1b5c22418b3283b0afdd07402344b3c9
-
libpgtypes3_9.5.25-0ubuntu0.16.04.1+tuxcare.els13_amd64.deb
sha:f11b4d4a3fc1c92472a038515e58f145cc2b0fb8
-
libpq-dev_9.5.25-0ubuntu0.16.04.1+tuxcare.els13_amd64.deb
sha:64a56bfa105cdf4dfe2360cfefe93c7a74bcb632
-
libpq5_9.5.25-0ubuntu0.16.04.1+tuxcare.els13_amd64.deb
sha:ff09544cbfe8d31557eff6ffe461231b1b08d50b
-
postgresql-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els13_amd64.deb
sha:e0e3244b35510b0e143a5f12241137665d9d6ae7
-
postgresql-client-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els13_amd64.deb
sha:7c2f54409c2e40e9a3c5e708005fc7b806f08919
-
postgresql-contrib-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els13_amd64.deb
sha:73a8eb0f19afeb6b8bd42597305d9d5501e6535a
-
postgresql-doc-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els13_all.deb
sha:171d4aff0951f7f059ef6c5bc3f36be5541001fa
-
postgresql-plperl-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els13_amd64.deb
sha:c3c741a79849520af468155c2204641db560bdeb
-
postgresql-plpython-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els13_amd64.deb
sha:8def4b56d4be9752db212121d1e7e0ee94d88d8d
-
postgresql-plpython3-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els13_amd64.deb
sha:09258ca1604147bb24f9a8a176f4bb4f7779e252
-
postgresql-pltcl-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els13_amd64.deb
sha:c61fa314ad77837a84fcda1df02a2f925a84f6b5
-
postgresql-server-dev-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els13_amd64.deb
sha:07cd36b18a5fddbaeb01d0491a000febe610b5e4
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
