RLSA-2026:3730

Security

Mirrored from RHSA-2026:3730

Issued at: 2026-03-06

Updated at: 2026-03-07

Synopsis

Important: postgresql security update

Description

PostgreSQL is an advanced object-relational database management system (DBMS).

Security Fix(es):

* postgresql: PostgreSQL missing validation of multibyte character length executes arbitrary code (CVE-2026-2006)

* postgresql: PostgreSQL intarray missing validation of type of input to selectivity estimator executes arbitrary code (CVE-2026-2004)

* postgresql: PostgreSQL pgcrypto heap buffer overflow executes arbitrary code (CVE-2026-2005)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected products

Rocky Linux 9 aarch64

Rocky Linux 9 ppc64le

Rocky Linux 9 s390x

Rocky Linux 9 x86_64

Fixes

2439324

2439325

2439326

2439322

CVEs

CVE-2026-2003

CVE-2026-2004

CVE-2026-2005

CVE-2026-2006

Affected packages

Rocky Linux 9 aarch64 - AppStream

postgresql-0:13.23-2.el9_7.aarch64.rpm

postgresql-0:13.23-2.el9_7.src.rpm

postgresql-contrib-0:13.23-2.el9_7.aarch64.rpm

postgresql-contrib-debuginfo-0:13.23-2.el9_7.aarch64.rpm

postgresql-debuginfo-0:13.23-2.el9_7.aarch64.rpm

postgresql-debugsource-0:13.23-2.el9_7.aarch64.rpm

postgresql-plperl-0:13.23-2.el9_7.aarch64.rpm

postgresql-plperl-debuginfo-0:13.23-2.el9_7.aarch64.rpm

postgresql-plpython3-0:13.23-2.el9_7.aarch64.rpm

postgresql-plpython3-debuginfo-0:13.23-2.el9_7.aarch64.rpm

postgresql-pltcl-0:13.23-2.el9_7.aarch64.rpm

postgresql-pltcl-debuginfo-0:13.23-2.el9_7.aarch64.rpm

postgresql-private-libs-0:13.23-2.el9_7.aarch64.rpm

postgresql-private-libs-debuginfo-0:13.23-2.el9_7.aarch64.rpm

postgresql-server-0:13.23-2.el9_7.aarch64.rpm

postgresql-server-debuginfo-0:13.23-2.el9_7.aarch64.rpm

postgresql-upgrade-0:13.23-2.el9_7.aarch64.rpm

postgresql-upgrade-debuginfo-0:13.23-2.el9_7.aarch64.rpm

Rocky Linux 9 ppc64le - AppStream

postgresql-0:13.23-2.el9_7.ppc64le.rpm

postgresql-0:13.23-2.el9_7.src.rpm

postgresql-contrib-0:13.23-2.el9_7.ppc64le.rpm

postgresql-contrib-debuginfo-0:13.23-2.el9_7.ppc64le.rpm

postgresql-debuginfo-0:13.23-2.el9_7.ppc64le.rpm

postgresql-debugsource-0:13.23-2.el9_7.ppc64le.rpm

postgresql-plperl-0:13.23-2.el9_7.ppc64le.rpm

postgresql-plperl-debuginfo-0:13.23-2.el9_7.ppc64le.rpm

postgresql-plpython3-0:13.23-2.el9_7.ppc64le.rpm

postgresql-plpython3-debuginfo-0:13.23-2.el9_7.ppc64le.rpm

postgresql-pltcl-0:13.23-2.el9_7.ppc64le.rpm

postgresql-pltcl-debuginfo-0:13.23-2.el9_7.ppc64le.rpm

postgresql-private-libs-0:13.23-2.el9_7.ppc64le.rpm

postgresql-private-libs-debuginfo-0:13.23-2.el9_7.ppc64le.rpm

postgresql-server-0:13.23-2.el9_7.ppc64le.rpm

postgresql-server-debuginfo-0:13.23-2.el9_7.ppc64le.rpm

postgresql-upgrade-0:13.23-2.el9_7.ppc64le.rpm

postgresql-upgrade-debuginfo-0:13.23-2.el9_7.ppc64le.rpm

Rocky Linux 9 s390x - AppStream

postgresql-0:13.23-2.el9_7.s390x.rpm

postgresql-0:13.23-2.el9_7.src.rpm

postgresql-contrib-0:13.23-2.el9_7.s390x.rpm

postgresql-contrib-debuginfo-0:13.23-2.el9_7.s390x.rpm

postgresql-debuginfo-0:13.23-2.el9_7.s390x.rpm

postgresql-debugsource-0:13.23-2.el9_7.s390x.rpm

postgresql-plperl-0:13.23-2.el9_7.s390x.rpm

postgresql-plperl-debuginfo-0:13.23-2.el9_7.s390x.rpm

postgresql-plpython3-0:13.23-2.el9_7.s390x.rpm

postgresql-plpython3-debuginfo-0:13.23-2.el9_7.s390x.rpm

postgresql-pltcl-0:13.23-2.el9_7.s390x.rpm

postgresql-pltcl-debuginfo-0:13.23-2.el9_7.s390x.rpm

postgresql-private-libs-0:13.23-2.el9_7.s390x.rpm

postgresql-private-libs-debuginfo-0:13.23-2.el9_7.s390x.rpm

postgresql-server-0:13.23-2.el9_7.s390x.rpm

postgresql-server-debuginfo-0:13.23-2.el9_7.s390x.rpm

postgresql-upgrade-0:13.23-2.el9_7.s390x.rpm

postgresql-upgrade-debuginfo-0:13.23-2.el9_7.s390x.rpm

Rocky Linux 9 x86_64 - AppStream

postgresql-0:13.23-2.el9_7.src.rpm

postgresql-0:13.23-2.el9_7.x86_64.rpm

postgresql-contrib-0:13.23-2.el9_7.x86_64.rpm

postgresql-contrib-debuginfo-0:13.23-2.el9_7.x86_64.rpm

postgresql-debuginfo-0:13.23-2.el9_7.x86_64.rpm

postgresql-debugsource-0:13.23-2.el9_7.x86_64.rpm

postgresql-plperl-0:13.23-2.el9_7.x86_64.rpm

postgresql-plperl-debuginfo-0:13.23-2.el9_7.x86_64.rpm

postgresql-plpython3-0:13.23-2.el9_7.x86_64.rpm

postgresql-plpython3-debuginfo-0:13.23-2.el9_7.x86_64.rpm

postgresql-pltcl-0:13.23-2.el9_7.x86_64.rpm

postgresql-pltcl-debuginfo-0:13.23-2.el9_7.x86_64.rpm

postgresql-private-libs-0:13.23-2.el9_7.x86_64.rpm

postgresql-private-libs-debuginfo-0:13.23-2.el9_7.x86_64.rpm

postgresql-server-0:13.23-2.el9_7.x86_64.rpm

postgresql-server-debuginfo-0:13.23-2.el9_7.x86_64.rpm

postgresql-upgrade-0:13.23-2.el9_7.x86_64.rpm

postgresql-upgrade-debuginfo-0:13.23-2.el9_7.x86_64.rpm

Rocky Linux 9 aarch64 - CRB

postgresql-docs-0:13.23-2.el9_7.aarch64.rpm

postgresql-docs-debuginfo-0:13.23-2.el9_7.aarch64.rpm

postgresql-private-devel-0:13.23-2.el9_7.aarch64.rpm

postgresql-server-devel-0:13.23-2.el9_7.aarch64.rpm

postgresql-server-devel-debuginfo-0:13.23-2.el9_7.aarch64.rpm

postgresql-static-0:13.23-2.el9_7.aarch64.rpm

postgresql-test-0:13.23-2.el9_7.aarch64.rpm

postgresql-test-debuginfo-0:13.23-2.el9_7.aarch64.rpm

postgresql-test-rpm-macros-0:13.23-2.el9_7.noarch.rpm

postgresql-upgrade-devel-0:13.23-2.el9_7.aarch64.rpm

postgresql-upgrade-devel-debuginfo-0:13.23-2.el9_7.aarch64.rpm

Rocky Linux 9 ppc64le - CRB

postgresql-docs-0:13.23-2.el9_7.ppc64le.rpm

postgresql-docs-debuginfo-0:13.23-2.el9_7.ppc64le.rpm

postgresql-private-devel-0:13.23-2.el9_7.ppc64le.rpm

postgresql-server-devel-0:13.23-2.el9_7.ppc64le.rpm

postgresql-server-devel-debuginfo-0:13.23-2.el9_7.ppc64le.rpm

postgresql-static-0:13.23-2.el9_7.ppc64le.rpm

postgresql-test-0:13.23-2.el9_7.ppc64le.rpm

postgresql-test-debuginfo-0:13.23-2.el9_7.ppc64le.rpm

postgresql-test-rpm-macros-0:13.23-2.el9_7.noarch.rpm

postgresql-upgrade-devel-0:13.23-2.el9_7.ppc64le.rpm

postgresql-upgrade-devel-debuginfo-0:13.23-2.el9_7.ppc64le.rpm

Rocky Linux 9 s390x - CRB

postgresql-docs-0:13.23-2.el9_7.s390x.rpm

postgresql-docs-debuginfo-0:13.23-2.el9_7.s390x.rpm

postgresql-private-devel-0:13.23-2.el9_7.s390x.rpm

postgresql-server-devel-0:13.23-2.el9_7.s390x.rpm

postgresql-server-devel-debuginfo-0:13.23-2.el9_7.s390x.rpm

postgresql-static-0:13.23-2.el9_7.s390x.rpm

postgresql-test-0:13.23-2.el9_7.s390x.rpm

postgresql-test-debuginfo-0:13.23-2.el9_7.s390x.rpm

postgresql-test-rpm-macros-0:13.23-2.el9_7.noarch.rpm

postgresql-upgrade-devel-0:13.23-2.el9_7.s390x.rpm

postgresql-upgrade-devel-debuginfo-0:13.23-2.el9_7.s390x.rpm

Rocky Linux 9 x86_64 - CRB

postgresql-docs-0:13.23-2.el9_7.x86_64.rpm

postgresql-docs-debuginfo-0:13.23-2.el9_7.x86_64.rpm

postgresql-private-devel-0:13.23-2.el9_7.x86_64.rpm

postgresql-server-devel-0:13.23-2.el9_7.x86_64.rpm

postgresql-server-devel-debuginfo-0:13.23-2.el9_7.x86_64.rpm

postgresql-static-0:13.23-2.el9_7.x86_64.rpm

postgresql-test-0:13.23-2.el9_7.x86_64.rpm

postgresql-test-debuginfo-0:13.23-2.el9_7.x86_64.rpm

postgresql-test-rpm-macros-0:13.23-2.el9_7.noarch.rpm

postgresql-upgrade-devel-0:13.23-2.el9_7.x86_64.rpm

postgresql-upgrade-devel-debuginfo-0:13.23-2.el9_7.x86_64.rpm