SUSE-SU-2026:0784-1

Опубликовано: 03 мар. 2026

Источник: suse-cvrf

Описание

Security update for postgresql16

This update for postgresql16 fixes the following issue:

Update to version 16.13 (bsc#1258754).

Regression fixes:

the substring() function raises an error 'invalid byte sequence for encoding' on non-ASCII text values if the source of that value is a database column (caused by CVE-2026-2006 fix).
a standby may halt and return an error 'could not access status of transaction'.

Список пакетов

SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS

postgresql16-16.13-150200.5.41.1

postgresql16-contrib-16.13-150200.5.41.1

postgresql16-devel-16.13-150200.5.41.1

postgresql16-docs-16.13-150200.5.41.1

postgresql16-plperl-16.13-150200.5.41.1

postgresql16-plpython-16.13-150200.5.41.1

postgresql16-pltcl-16.13-150200.5.41.1

postgresql16-server-16.13-150200.5.41.1

postgresql16-server-devel-16.13-150200.5.41.1

SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS

postgresql16-16.13-150200.5.41.1

postgresql16-contrib-16.13-150200.5.41.1

postgresql16-devel-16.13-150200.5.41.1

postgresql16-docs-16.13-150200.5.41.1

postgresql16-plperl-16.13-150200.5.41.1

postgresql16-plpython-16.13-150200.5.41.1

postgresql16-pltcl-16.13-150200.5.41.1

postgresql16-server-16.13-150200.5.41.1

postgresql16-server-devel-16.13-150200.5.41.1

SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS

postgresql16-16.13-150200.5.41.1

postgresql16-contrib-16.13-150200.5.41.1

postgresql16-devel-16.13-150200.5.41.1

postgresql16-docs-16.13-150200.5.41.1

postgresql16-plperl-16.13-150200.5.41.1

postgresql16-plpython-16.13-150200.5.41.1

postgresql16-pltcl-16.13-150200.5.41.1

postgresql16-server-16.13-150200.5.41.1

postgresql16-server-devel-16.13-150200.5.41.1

SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS

postgresql16-16.13-150200.5.41.1

postgresql16-contrib-16.13-150200.5.41.1

postgresql16-devel-16.13-150200.5.41.1

postgresql16-docs-16.13-150200.5.41.1

postgresql16-plperl-16.13-150200.5.41.1

postgresql16-plpython-16.13-150200.5.41.1

postgresql16-pltcl-16.13-150200.5.41.1

postgresql16-server-16.13-150200.5.41.1

postgresql16-server-devel-16.13-150200.5.41.1

SUSE Linux Enterprise Server 15 SP4-LTSS

postgresql16-16.13-150200.5.41.1

postgresql16-contrib-16.13-150200.5.41.1

postgresql16-devel-16.13-150200.5.41.1

postgresql16-docs-16.13-150200.5.41.1

postgresql16-plperl-16.13-150200.5.41.1

postgresql16-plpython-16.13-150200.5.41.1

postgresql16-pltcl-16.13-150200.5.41.1

postgresql16-server-16.13-150200.5.41.1

postgresql16-server-devel-16.13-150200.5.41.1

SUSE Linux Enterprise Server 15 SP5-LTSS

postgresql16-16.13-150200.5.41.1

postgresql16-contrib-16.13-150200.5.41.1

postgresql16-devel-16.13-150200.5.41.1

postgresql16-docs-16.13-150200.5.41.1

postgresql16-plperl-16.13-150200.5.41.1

postgresql16-plpython-16.13-150200.5.41.1

postgresql16-pltcl-16.13-150200.5.41.1

postgresql16-server-16.13-150200.5.41.1

postgresql16-server-devel-16.13-150200.5.41.1

SUSE Linux Enterprise Server for SAP Applications 15 SP4

postgresql16-16.13-150200.5.41.1

postgresql16-contrib-16.13-150200.5.41.1

postgresql16-devel-16.13-150200.5.41.1

postgresql16-docs-16.13-150200.5.41.1

postgresql16-plperl-16.13-150200.5.41.1

postgresql16-plpython-16.13-150200.5.41.1

postgresql16-pltcl-16.13-150200.5.41.1

postgresql16-server-16.13-150200.5.41.1

postgresql16-server-devel-16.13-150200.5.41.1

SUSE Linux Enterprise Server for SAP Applications 15 SP5

postgresql16-16.13-150200.5.41.1

postgresql16-contrib-16.13-150200.5.41.1

postgresql16-devel-16.13-150200.5.41.1

postgresql16-docs-16.13-150200.5.41.1

postgresql16-plperl-16.13-150200.5.41.1

postgresql16-plpython-16.13-150200.5.41.1

postgresql16-pltcl-16.13-150200.5.41.1

postgresql16-server-16.13-150200.5.41.1

postgresql16-server-devel-16.13-150200.5.41.1

Ссылки

https://www.suse.com/support/update/announcement/2026/suse-su-20260784-1/
Link for SUSE-SU-2026:0784-1
https://lists.suse.com/pipermail/sle-security-updates/2026-March/024534.html
E-Mail link for SUSE-SU-2026:0784-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1258011
SUSE Bug 1258011
https://bugzilla.suse.com/1258754
SUSE Bug 1258754
https://www.suse.com/security/cve/CVE-2026-2006/
SUSE CVE CVE-2026-2006 page

Описание

Missing validation of multibyte character length in PostgreSQL text manipulation allows a database user to issue crafted queries that achieve a buffer overrun. That suffices to execute arbitrary code as the operating system user running the database. Versions before PostgreSQL 18.2, 17.8, 16.12, 15.16, and 14.21 are affected.

Затронутые продукты

SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:postgresql16-16.13-150200.5.41.1

SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:postgresql16-contrib-16.13-150200.5.41.1

SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:postgresql16-devel-16.13-150200.5.41.1

SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:postgresql16-docs-16.13-150200.5.41.1

Ссылки

https://www.suse.com/security/cve/CVE-2026-2006.html
CVE-2026-2006
https://bugzilla.suse.com/1258011
SUSE Bug 1258011

SUSE-SU-2026:0784-1

Описание

Список пакетов

SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS

SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS

SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS

SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS

SUSE Linux Enterprise Server 15 SP4-LTSS

SUSE Linux Enterprise Server 15 SP5-LTSS

SUSE Linux Enterprise Server for SAP Applications 15 SP4

SUSE Linux Enterprise Server for SAP Applications 15 SP5

Ссылки

Уязвимость: CVE-2026-2006

Описание

Затронутые продукты

Ссылки