[CLSA-2026:1780418702] Fix CVE(s): CVE-2024-10976, CVE-2025-12817
Type:
security
Severity:
Moderate
Release date:
2026-06-02 16:45:16 UTC
Description:
* SECURITY UPDATE: stack buffer overflow and SQL injection in refint module - debian/patches/CVE-2026-6637.patch: replace fixed-size stack buffers with StringInfo and use quote_literal_cstr() for proper SQL escaping in check_primary_key() and check_foreign_key() - CVE-2026-6637
CVEs fixed:
Updated packages:
  • libecpg-compat3-11_11.22-1~bookworm+tuxcare.els8_amd64.deb
    sha:1c8fb0b613f0cd96facfa659ac5dffd64dcb131d
  • libecpg-dev-11_11.22-1~bookworm+tuxcare.els8_amd64.deb
    sha:829c295d9c3821fb76cdbdbcb1fdfd7454956411
  • libecpg6-11_11.22-1~bookworm+tuxcare.els8_amd64.deb
    sha:2a61164411dee21ac8fe791230072d7f430c704a
  • libpgtypes3-11_11.22-1~bookworm+tuxcare.els8_amd64.deb
    sha:bbc9995f2e0be7e7183347d797f66f13d61157ee
  • libpq-dev-11_11.22-1~bookworm+tuxcare.els8_amd64.deb
    sha:6ca5c687344fdc1e22985554af3a67af3fe159c8
  • libpq5-11_11.22-1~bookworm+tuxcare.els8_amd64.deb
    sha:af5bb8c3c297357e20f1d05e687d54505d0b4784
  • postgresql11_11.22-1~bookworm+tuxcare.els8_amd64.deb
    sha:e4f7909f9c8225cc0df9d3337a6d85646339f5f0
  • postgresql11-client_11.22-1~bookworm+tuxcare.els8_amd64.deb
    sha:a1e046ddb7457b5bf8b26af5cb5e4ae6812aa3d2
  • postgresql11-doc_11.22-1~bookworm+tuxcare.els8_all.deb
    sha:251376a2db032ae5c79e048fbf184d7e382558ba
  • postgresql11-plperl_11.22-1~bookworm+tuxcare.els8_amd64.deb
    sha:50fb7b21de5abc7afad7c9a548924b5ea8827ecc
  • postgresql11-plpython3_11.22-1~bookworm+tuxcare.els8_amd64.deb
    sha:7a05dcea3cbbc087dcbdb2b9316bc652e507a4d1
  • postgresql11-pltcl_11.22-1~bookworm+tuxcare.els8_amd64.deb
    sha:1eb7726fc3b55a6425f5273daf7b2d6e10ae4fd5
  • postgresql11-server-dev_11.22-1~bookworm+tuxcare.els8_amd64.deb
    sha:1be84bdd4000cda71aff4efe7d88d7d2d000c32f
  • libecpg-compat3-11_11.22-1~bookworm+tuxcare.els8_arm64.deb
    sha:f1f036e853549a7f9179960eb028b392e4f34572
  • libecpg-dev-11_11.22-1~bookworm+tuxcare.els8_arm64.deb
    sha:cae161d442706758a44b8de4beae75cb443ef610
  • libecpg6-11_11.22-1~bookworm+tuxcare.els8_arm64.deb
    sha:90c41390df1b88f163d7a265c14087af31663e7b
  • libpgtypes3-11_11.22-1~bookworm+tuxcare.els8_arm64.deb
    sha:76a0703cca15dde7908e26d69db4a4174cfae945
  • libpq-dev-11_11.22-1~bookworm+tuxcare.els8_arm64.deb
    sha:6a42091618363d7b03e404a36d2e4d68917b678f
  • libpq5-11_11.22-1~bookworm+tuxcare.els8_arm64.deb
    sha:9f8b328e7173a9e96e669915b06971c265e8bc3c
  • postgresql11_11.22-1~bookworm+tuxcare.els8_arm64.deb
    sha:48b286a99861d6cbd0a0ebd374c9c2ed3b30ef10
  • postgresql11-client_11.22-1~bookworm+tuxcare.els8_arm64.deb
    sha:0816422fa78b97badf33a8759cbef368b583c119
  • postgresql11-doc_11.22-1~bookworm+tuxcare.els8_all.deb
    sha:251376a2db032ae5c79e048fbf184d7e382558ba
  • postgresql11-plperl_11.22-1~bookworm+tuxcare.els8_arm64.deb
    sha:8a4461d969fa37be882a2103ceca26c8f6b904c5
  • postgresql11-plpython3_11.22-1~bookworm+tuxcare.els8_arm64.deb
    sha:4ff7da5e428e50ecb36b110e2fa895ab58ed07fc
  • postgresql11-pltcl_11.22-1~bookworm+tuxcare.els8_arm64.deb
    sha:5814e6b90c2b8a3ce2b3a0fa3b4f109581750482
  • postgresql11-server-dev_11.22-1~bookworm+tuxcare.els8_arm64.deb
    sha:c65244eb92a9c6844577250fd12007348e7784ed
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.