SUSE-CU-2025:6654-1: Security update of suse/postgres
sle-container-updates at lists.suse.com
sle-container-updates at lists.suse.com
Thu Aug 28 07:08:55 UTC 2025
SUSE Container Update Advisory: suse/postgres
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2025:6654-1
Container Tags : suse/postgres:16 , suse/postgres:16.10 , suse/postgres:16.10 , suse/postgres:16.10-74.24
Container Release : 74.24
Severity : important
Type : security
References : 1248119 1248120 1248122 CVE-2025-8713 CVE-2025-8714 CVE-2025-8715
-----------------------------------------------------------------
The container suse/postgres was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:3005-1
Released: Wed Aug 27 15:43:27 2025
Summary: Security update for postgresql16
Type: security
Severity: important
References: 1248119,1248120,1248122,CVE-2025-8713,CVE-2025-8714,CVE-2025-8715
This update for postgresql16 fixes the following issues:
Upgraded to 16.10:
* CVE-2025-8713: Fixed optimizer statistics exposing
sampled data within a view, partition, or child table
(bsc#1248120)
* CVE-2025-8714: Fixed untrusted data inclusion in pg_dump
allows superuser of origin server to execute arbitrary code
in psql client (bsc#1248122)
* CVE-2025-8715: Fixed improper neutralization of newlines
in pg_dump leading to arbitrary code execution in the psql
client and in the restore target server (bsc#1248119)
The following package changes have been done:
- postgresql16-16.10-150600.16.21.1 updated
- postgresql16-server-16.10-150600.16.21.1 updated
More information about the sle-container-updates
mailing list