[CLSA-2026:1783631480] Fix CVE(s): CVE-2026-6637
Type:
security
Severity:
Critical
Release date:
2026-07-09 21:11:37 UTC
Description:
* SECURITY UPDATE: Stack buffer overflow and SQL injection in contrib/spi refint - debian/patches/CVE-2026-6637.patch: replace unsafe stack buffers in check_foreign_key() and check_primary_key() with StringInfo and quote/escape key values via quote_literal_cstr() in internally generated SQL statements - CVE-2026-6637
CVEs fixed:
Updated packages:
  • libecpg-compat3-13_13.23-1~trixie+tuxcare.els9_amd64.deb
    sha:88c7a491191ebcc31629af6bd08f033e5ecdf003
  • libecpg-dev-13_13.23-1~trixie+tuxcare.els9_amd64.deb
    sha:3e5255de7913bf242bb461351e4f9c176b53c997
  • libecpg6-13_13.23-1~trixie+tuxcare.els9_amd64.deb
    sha:048084e5f2b142a2964d75a69b65648cdf2cf22a
  • libpgtypes3-13_13.23-1~trixie+tuxcare.els9_amd64.deb
    sha:2456fbebb5c275c34f281443f0e37c682f4ee8a0
  • libpq-dev-13_13.23-1~trixie+tuxcare.els9_amd64.deb
    sha:3cc9fc517108cf3e65ddaa2b48a36a3cccdfc630
  • libpq5-13_13.23-1~trixie+tuxcare.els9_amd64.deb
    sha:a29844fb3aabdbb58a01f1c393881c7383a1b7e8
  • postgresql13_13.23-1~trixie+tuxcare.els9_amd64.deb
    sha:4af180dbec2bde461ba49d0b8df6d77a52989c10
  • postgresql13-client_13.23-1~trixie+tuxcare.els9_amd64.deb
    sha:4fdf32415c80cc8aa621ae0ef1bb5421d3a335ad
  • postgresql13-doc_13.23-1~trixie+tuxcare.els9_all.deb
    sha:2a1c4316f671b3405f0c70a9fb0a554aa7e87041
  • postgresql13-plperl_13.23-1~trixie+tuxcare.els9_amd64.deb
    sha:22e908eb8e855e2c00786e11732f2ff445ad2552
  • postgresql13-plpython3_13.23-1~trixie+tuxcare.els9_amd64.deb
    sha:414681ae7bed139093643a033d1ce0e12ee5f24e
  • postgresql13-pltcl_13.23-1~trixie+tuxcare.els9_amd64.deb
    sha:1d9dd17ee2f4d3f61d0ce7ac8c1655f2b34fbbfb
  • postgresql13-server-dev_13.23-1~trixie+tuxcare.els9_amd64.deb
    sha:7deacc9aaa9d179d9249648f99625477dada3421
  • libecpg-compat3-13_13.23-1~trixie+tuxcare.els9_arm64.deb
    sha:898837209da38346f40e0f8afccfa2f14fbbdd47
  • libecpg-dev-13_13.23-1~trixie+tuxcare.els9_arm64.deb
    sha:7952463a9e83761daab1792f3a1795d9a2d3b706
  • libecpg6-13_13.23-1~trixie+tuxcare.els9_arm64.deb
    sha:751a473019ba2142637693f8c14afd744f6117de
  • libpgtypes3-13_13.23-1~trixie+tuxcare.els9_arm64.deb
    sha:fe6b52331816dce5db08fb59909ffc619feff86a
  • libpq-dev-13_13.23-1~trixie+tuxcare.els9_arm64.deb
    sha:8d5c779d85e5fec7d7d828266f530bbdf34dd015
  • libpq5-13_13.23-1~trixie+tuxcare.els9_arm64.deb
    sha:a5176f820695c4c75567006074d66ec45d6f6177
  • postgresql13_13.23-1~trixie+tuxcare.els9_arm64.deb
    sha:44f4bd196cc075abeec43935836fc1bb2ca4cd9d
  • postgresql13-client_13.23-1~trixie+tuxcare.els9_arm64.deb
    sha:b9a0f90894233a691a61f12c3b531acb50f27d51
  • postgresql13-doc_13.23-1~trixie+tuxcare.els9_all.deb
    sha:2a1c4316f671b3405f0c70a9fb0a554aa7e87041
  • postgresql13-plperl_13.23-1~trixie+tuxcare.els9_arm64.deb
    sha:7aeb326e83bd31603c5c41ff6727ec3f2d494957
  • postgresql13-plpython3_13.23-1~trixie+tuxcare.els9_arm64.deb
    sha:1bfa80320fbda1cf2fdf8b42cb8f7f491ebb5042
  • postgresql13-pltcl_13.23-1~trixie+tuxcare.els9_arm64.deb
    sha:93836b283dfdb7200bd2c4d734203b608dc0cd98
  • postgresql13-server-dev_13.23-1~trixie+tuxcare.els9_arm64.deb
    sha:53fbb41e06cf6641999909fb6fb93c85f43f93c0
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.