RLSA-2026:3887

Security

Mirrored from RHSA-2026:3887

Issued at: 2026-03-06

Updated at: 2026-03-07

Synopsis

Important: postgresql16 security update

Description

PostgreSQL is an advanced Object-Relational database management system (DBMS). The base postgresql package contains the client programs that you'll need to access a PostgreSQL DBMS server, as well as HTML documentation for the whole system. These client programs can be located on the same machine as the PostgreSQL server, or on a remote machine that accesses a PostgreSQL server over a network connection. The PostgreSQL server can be found in the postgresql-server sub-package.

Security Fix(es):

* postgresql: PostgreSQL missing validation of multibyte character length executes arbitrary code (CVE-2026-2006)

* postgresql: PostgreSQL intarray missing validation of type of input to selectivity estimator executes arbitrary code (CVE-2026-2004)

* postgresql: PostgreSQL pgcrypto heap buffer overflow executes arbitrary code (CVE-2026-2005)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected products

Rocky Linux 10 aarch64

Rocky Linux 10 ppc64le

Rocky Linux 10 s390x

Rocky Linux 10 x86_64

Fixes

2439326

2439324

2439325

2439322

CVEs

CVE-2026-2003

CVE-2026-2004

CVE-2026-2005

CVE-2026-2006

Affected packages

Rocky Linux 10 aarch64 - AppStream

postgresql-contrib-0:16.13-1.el10_1.aarch64.rpm

postgresql-docs-0:16.13-1.el10_1.aarch64.rpm

postgresql-server-debuginfo-0:16.13-1.el10_1.aarch64.rpm

postgresql-test-debuginfo-0:16.13-1.el10_1.aarch64.rpm

postgresql-server-devel-0:16.13-1.el10_1.aarch64.rpm

postgresql-test-0:16.13-1.el10_1.aarch64.rpm

postgresql-plpython3-debuginfo-0:16.13-1.el10_1.aarch64.rpm

postgresql16-0:16.13-1.el10_1.src.rpm

postgresql-pltcl-debuginfo-0:16.13-1.el10_1.aarch64.rpm

postgresql-private-libs-0:16.13-1.el10_1.aarch64.rpm

postgresql-server-0:16.13-1.el10_1.aarch64.rpm

postgresql-docs-debuginfo-0:16.13-1.el10_1.aarch64.rpm

postgresql-upgrade-debuginfo-0:16.13-1.el10_1.aarch64.rpm

postgresql-debuginfo-0:16.13-1.el10_1.aarch64.rpm

postgresql-upgrade-devel-debuginfo-0:16.13-1.el10_1.aarch64.rpm

postgresql-upgrade-0:16.13-1.el10_1.aarch64.rpm

postgresql-plperl-debuginfo-0:16.13-1.el10_1.aarch64.rpm

postgresql-static-0:16.13-1.el10_1.aarch64.rpm

postgresql-private-libs-debuginfo-0:16.13-1.el10_1.aarch64.rpm

postgresql-server-devel-debuginfo-0:16.13-1.el10_1.aarch64.rpm

postgresql-plperl-0:16.13-1.el10_1.aarch64.rpm

postgresql-private-devel-0:16.13-1.el10_1.aarch64.rpm

postgresql16-debugsource-0:16.13-1.el10_1.aarch64.rpm

postgresql-0:16.13-1.el10_1.aarch64.rpm

postgresql-pltcl-0:16.13-1.el10_1.aarch64.rpm

postgresql-contrib-debuginfo-0:16.13-1.el10_1.aarch64.rpm

postgresql-plpython3-0:16.13-1.el10_1.aarch64.rpm

postgresql-upgrade-devel-0:16.13-1.el10_1.aarch64.rpm

postgresql16-debuginfo-0:16.13-1.el10_1.aarch64.rpm

Rocky Linux 10 ppc64le - AppStream

postgresql-plperl-0:16.13-1.el10_1.ppc64le.rpm

postgresql-private-libs-0:16.13-1.el10_1.ppc64le.rpm

postgresql-private-libs-debuginfo-0:16.13-1.el10_1.ppc64le.rpm

postgresql-plpython3-0:16.13-1.el10_1.ppc64le.rpm

postgresql16-debugsource-0:16.13-1.el10_1.ppc64le.rpm

postgresql-docs-debuginfo-0:16.13-1.el10_1.ppc64le.rpm

postgresql-plperl-debuginfo-0:16.13-1.el10_1.ppc64le.rpm

postgresql-server-debuginfo-0:16.13-1.el10_1.ppc64le.rpm

postgresql-upgrade-debuginfo-0:16.13-1.el10_1.ppc64le.rpm

postgresql-contrib-debuginfo-0:16.13-1.el10_1.ppc64le.rpm

postgresql-server-devel-debuginfo-0:16.13-1.el10_1.ppc64le.rpm

postgresql-docs-0:16.13-1.el10_1.ppc64le.rpm

postgresql16-0:16.13-1.el10_1.src.rpm

postgresql-plpython3-debuginfo-0:16.13-1.el10_1.ppc64le.rpm

postgresql-test-debuginfo-0:16.13-1.el10_1.ppc64le.rpm

postgresql-static-0:16.13-1.el10_1.ppc64le.rpm

postgresql-test-0:16.13-1.el10_1.ppc64le.rpm

postgresql16-debuginfo-0:16.13-1.el10_1.ppc64le.rpm

postgresql-upgrade-devel-debuginfo-0:16.13-1.el10_1.ppc64le.rpm

postgresql-contrib-0:16.13-1.el10_1.ppc64le.rpm

postgresql-pltcl-debuginfo-0:16.13-1.el10_1.ppc64le.rpm

postgresql-server-devel-0:16.13-1.el10_1.ppc64le.rpm

postgresql-0:16.13-1.el10_1.ppc64le.rpm

postgresql-debuginfo-0:16.13-1.el10_1.ppc64le.rpm

postgresql-upgrade-devel-0:16.13-1.el10_1.ppc64le.rpm

postgresql-server-0:16.13-1.el10_1.ppc64le.rpm

postgresql-upgrade-0:16.13-1.el10_1.ppc64le.rpm

postgresql-pltcl-0:16.13-1.el10_1.ppc64le.rpm

postgresql-private-devel-0:16.13-1.el10_1.ppc64le.rpm

Rocky Linux 10 s390x - AppStream

postgresql-contrib-0:16.13-1.el10_1.s390x.rpm

postgresql-upgrade-0:16.13-1.el10_1.s390x.rpm

postgresql-pltcl-0:16.13-1.el10_1.s390x.rpm

postgresql-docs-debuginfo-0:16.13-1.el10_1.s390x.rpm

postgresql-static-0:16.13-1.el10_1.s390x.rpm

postgresql-pltcl-debuginfo-0:16.13-1.el10_1.s390x.rpm

postgresql-plperl-debuginfo-0:16.13-1.el10_1.s390x.rpm

postgresql-upgrade-debuginfo-0:16.13-1.el10_1.s390x.rpm

postgresql-upgrade-devel-debuginfo-0:16.13-1.el10_1.s390x.rpm

postgresql-server-devel-0:16.13-1.el10_1.s390x.rpm

postgresql-plperl-0:16.13-1.el10_1.s390x.rpm

postgresql-upgrade-devel-0:16.13-1.el10_1.s390x.rpm

postgresql-test-0:16.13-1.el10_1.s390x.rpm

postgresql-server-devel-debuginfo-0:16.13-1.el10_1.s390x.rpm

postgresql-docs-0:16.13-1.el10_1.s390x.rpm

postgresql16-0:16.13-1.el10_1.src.rpm

postgresql-private-devel-0:16.13-1.el10_1.s390x.rpm

postgresql-plpython3-debuginfo-0:16.13-1.el10_1.s390x.rpm

postgresql-server-debuginfo-0:16.13-1.el10_1.s390x.rpm

postgresql-contrib-debuginfo-0:16.13-1.el10_1.s390x.rpm

postgresql-0:16.13-1.el10_1.s390x.rpm

postgresql-test-debuginfo-0:16.13-1.el10_1.s390x.rpm

postgresql-server-0:16.13-1.el10_1.s390x.rpm

postgresql16-debuginfo-0:16.13-1.el10_1.s390x.rpm

postgresql16-debugsource-0:16.13-1.el10_1.s390x.rpm

postgresql-private-libs-0:16.13-1.el10_1.s390x.rpm

postgresql-debuginfo-0:16.13-1.el10_1.s390x.rpm

postgresql-plpython3-0:16.13-1.el10_1.s390x.rpm

postgresql-private-libs-debuginfo-0:16.13-1.el10_1.s390x.rpm

Rocky Linux 10 x86_64 - AppStream

postgresql-pltcl-debuginfo-0:16.13-1.el10_1.x86_64.rpm

postgresql-upgrade-0:16.13-1.el10_1.x86_64.rpm

postgresql-pltcl-0:16.13-1.el10_1.x86_64.rpm

postgresql-contrib-0:16.13-1.el10_1.x86_64.rpm

postgresql16-debuginfo-0:16.13-1.el10_1.x86_64.rpm

postgresql-server-devel-0:16.13-1.el10_1.x86_64.rpm

postgresql-server-0:16.13-1.el10_1.x86_64.rpm

postgresql-private-libs-debuginfo-0:16.13-1.el10_1.x86_64.rpm

postgresql-server-debuginfo-0:16.13-1.el10_1.x86_64.rpm

postgresql-docs-debuginfo-0:16.13-1.el10_1.x86_64.rpm

postgresql-contrib-debuginfo-0:16.13-1.el10_1.x86_64.rpm

postgresql-debuginfo-0:16.13-1.el10_1.x86_64.rpm

postgresql-plperl-debuginfo-0:16.13-1.el10_1.x86_64.rpm

postgresql16-0:16.13-1.el10_1.src.rpm

postgresql-private-devel-0:16.13-1.el10_1.x86_64.rpm

postgresql16-debugsource-0:16.13-1.el10_1.x86_64.rpm

postgresql-private-libs-0:16.13-1.el10_1.x86_64.rpm

postgresql-upgrade-debuginfo-0:16.13-1.el10_1.x86_64.rpm

postgresql-test-debuginfo-0:16.13-1.el10_1.x86_64.rpm

postgresql-server-devel-debuginfo-0:16.13-1.el10_1.x86_64.rpm

postgresql-upgrade-devel-0:16.13-1.el10_1.x86_64.rpm

postgresql-docs-0:16.13-1.el10_1.x86_64.rpm

postgresql-test-0:16.13-1.el10_1.x86_64.rpm

postgresql-plpython3-debuginfo-0:16.13-1.el10_1.x86_64.rpm

postgresql-plpython3-0:16.13-1.el10_1.x86_64.rpm

postgresql-plperl-0:16.13-1.el10_1.x86_64.rpm

postgresql-0:16.13-1.el10_1.x86_64.rpm

postgresql-upgrade-devel-debuginfo-0:16.13-1.el10_1.x86_64.rpm

postgresql-static-0:16.13-1.el10_1.x86_64.rpm

Rocky Linux 10 aarch64 - CRB

postgresql-test-rpm-macros-0:16.13-1.el10_1.noarch.rpm

Rocky Linux 10 ppc64le - CRB

postgresql-test-rpm-macros-0:16.13-1.el10_1.noarch.rpm

Rocky Linux 10 s390x - CRB

postgresql-test-rpm-macros-0:16.13-1.el10_1.noarch.rpm

Rocky Linux 10 x86_64 - CRB

postgresql-test-rpm-macros-0:16.13-1.el10_1.noarch.rpm