Updated postgresql15 & postgresql13 packages fix security vulnerabilities
Publication date: 08 Sep 2025Modification date: 08 Sep 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-8713 , CVE-2025-8714 , CVE-2025-8715
Description
PostgreSQL optimizer statistics can expose sampled data within a view,
partition, or child table. (CVE-2025-8713)
PostgreSQL pg_dump lets superuser of origin server execute arbitrary
code in psql client. (CVE-2025-8714)
PostgreSQL pg_dump newline in object name executes arbitrary code in
psql client and in restore target server. (CVE-2025-8715)
References
- https://bugs.mageia.org/show_bug.cgi?id=34608
- https://www.postgresql.org/about/news/postgresql-176-1610-1514-1419-1322-and-18-beta-3-released-3118/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8713
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8714
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8715
SRPMS
9/core
- postgresql15-15.14-1.mga9
- postgresql13-13.22-1.mga9