Updated postgresql15 packages fix security vulnerabilities
Publication date: 17 Feb 2026Modification date: 17 Feb 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-2003 , CVE-2026-2004 , CVE-2026-2005 , CVE-2026-2006 , CVE-2026-2007
Description
PostgreSQL oidvector discloses a few bytes of memory. (CVE-2026-2003)
PostgreSQL intarray missing validation of type of input to selectivity
estimator executes arbitrary code. (CVE-2026-2004)
PostgreSQL pgcrypto heap buffer overflow executes arbitrary code.
(CVE-2026-2005)
PostgreSQL missing validation of multibyte character length executes
arbitrary code. (CVE-2026-2006)
PostgreSQL pg_trgm heap buffer overflow writes pattern onto server
memory. (CVE-2026-2007
References
- https://bugs.mageia.org/show_bug.cgi?id=35133
- https://www.postgresql.org/about/news/postgresql-182-178-1612-1516-and-1421-released-3235/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2003
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2004
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2005
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2006
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2007
SRPMS
9/core
- postgresql15-15.16-1.mga9