SUSE Package Hub - SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2025-4371

Update Info

SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2025-4371

Security update for postgresql14

Type: security

Severity: important

Issued: 2025-12-11

Description:

This update for postgresql14 fixes the following issues:

Upgraded to 14.20:

- CVE-2025-12817: Fixed missing check for CREATE privileges on the schema in CREATE STATISTICS (bsc#1253332)
- CVE-2025-12818: Fixed integer overflow in allocation-size calculations within libpq (bsc#1253333)
  
Other fixes:

- Use %product_libs_llvm_ver to determine the LLVM version.
- Remove conditionals for obsolete PostgreSQL releases.
- Sync spec file from version 18.

References

CVE: CVE-2025-12818
CVE: CVE-2025-12817
Bugzilla: 1253333 VUL-0: CVE-2025-12818: postgresql: integer overflow in allocation-size calculations within libpq
Bugzilla: 1253332 VUL-0: CVE-2025-12817: postgresql: missing check for CREATE privileges on the schema in CREATE STATISTICS

Packages

postgresql14-14.20-150600.16.23.1