[CLSA-2026:1779494089] Fix of 7 CVEs

Type:

security

Severity:

Low

Release date:

2026-05-22 23:54:53 UTC

Description:

   * SECURITY UPDATE: PostgreSQL 2026-05-14 security batch (CVE-2026-6473,
     6474, 6475, 6477, 6478, 6479, 6637). Backports adapted from upstream
     REL_14_STABLE to PG 12 source.
     - debian/patches/CVE-2026-6473.patch: integer wraparound in ts_headline
       and ltree lquery parsing; bound StartSel/StopSel/FragmentDelimiter to
       PG_INT16_MAX and add overflow checks in parse_lquery (no
       pg_add_u16_overflow() in PG 12, manual PG_UINT16_MAX compare).
     - debian/patches/CVE-2026-6474.patch: externally-controlled format
       string in timeofday() via pg_strftime() with crafted timezones; guard
       against unsafe conditions.
     - debian/patches/CVE-2026-6475.patch: symlink following in
       pg_basebackup plain format and in pg_rewind allowing origin
       superuser to overwrite local files.
     - debian/patches/CVE-2026-6477.patch: mark PQfn() unsafe and fix
       overrun in libpq lo_export/lo_read/lo_lseek64/lo_tell64 frontend
       LO interface.
     - debian/patches/CVE-2026-6478.patch: covert timing channel in MD5
       password comparison; replace memcmp with timingsafe_bcmp in SCRAM
       and MD5 password verification paths.
     - debian/patches/CVE-2026-6479.patch: uncontrolled recursion in
       ProcessStartupPacket() via alternating SSL/GSS negotiation requests.
     - debian/patches/CVE-2026-6637.patch: stack buffer overflow in the
       refint contrib module with attacker-controlled column names.
     - CVE-2026-6473
     - CVE-2026-6474
     - CVE-2026-6475
     - CVE-2026-6477
     - CVE-2026-6478
     - CVE-2026-6479
     - CVE-2026-6637

Updated packages:

libecpg-compat3_12.22-0ubuntu0.20.04.4+tuxcare.els1_amd64.deb
sha:4a50b6f64a3f182fd1d04a8b0ae33523faabc307
libecpg-dev_12.22-0ubuntu0.20.04.4+tuxcare.els1_amd64.deb
sha:bb4c1e589ebce55682ec54d50b227b1d9fe811d1
libecpg6_12.22-0ubuntu0.20.04.4+tuxcare.els1_amd64.deb
sha:0647ca28a1978f6c7ecb9da696c1844c5be9b4aa
libpgtypes3_12.22-0ubuntu0.20.04.4+tuxcare.els1_amd64.deb
sha:2d7f3f5ffa7423e0f40e4a37f2d0392f44e4113b
libpq-dev_12.22-0ubuntu0.20.04.4+tuxcare.els1_amd64.deb
sha:0fb1953b9811a69f0c90b615416e20e7f1df437d
libpq5_12.22-0ubuntu0.20.04.4+tuxcare.els1_amd64.deb
sha:931a6ace1391bac815b62323abdaf7b753c3dac2
postgresql-12_12.22-0ubuntu0.20.04.4+tuxcare.els1_amd64.deb
sha:6fc773c7e5c9c44fa78eafbed313a8f2fa804772
postgresql-client-12_12.22-0ubuntu0.20.04.4+tuxcare.els1_amd64.deb
sha:d062d6110fa57aabb233e275ead58c02a598e9c1
postgresql-doc-12_12.22-0ubuntu0.20.04.4+tuxcare.els1_all.deb
sha:31920e95ff7e1c7c648117db43387047397c5a30
postgresql-plperl-12_12.22-0ubuntu0.20.04.4+tuxcare.els1_amd64.deb
sha:fe0bd1c8935d7c11e4ff7d6c029a2225a04c3267
postgresql-plpython3-12_12.22-0ubuntu0.20.04.4+tuxcare.els1_amd64.deb
sha:97af786ff20983014b3176f8801502651c76442f
postgresql-pltcl-12_12.22-0ubuntu0.20.04.4+tuxcare.els1_amd64.deb
sha:269d1f184a28ce91f183b4f13e911b72768ae85b
postgresql-server-dev-12_12.22-0ubuntu0.20.04.4+tuxcare.els1_amd64.deb
sha:cb8b3dea6603db0aa1ffd515f2d6baa6dcae3f9f

Notes:

This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.