Release date:
2026-06-03 17:37:23 UTC
Description:
* SECURITY UPDATE: stack buffer overrun in libpq frontend large object interface via dangerous PQfn() with result_is_int=0
- debian/patches/CVE-2026-6477.patch: add buf_size parameter to
pqFunctionCall3() and introduce private PQnfn() wrapper to validate
that returned data fits in result_buf; update lo_read(), lo_lseek64()
and lo_tell64() to pass their buffer sizes in
src/interfaces/libpq/fe-exec.c, src/interfaces/libpq/fe-lobj.c,
src/interfaces/libpq/fe-protocol3.c, src/interfaces/libpq/libpq-int.h
and doc/src/sgml/libpq.sgml
- CVE-2026-6477
* SECURITY UPDATE: covert timing channel in MD5 password comparison allows recovery of user credentials via authentication timing observations
- debian/patches/CVE-2026-6478.patch: add timingsafe_bcmp() constant-time
comparison helper from upstream and replace timing-leaky memcmp()/strcmp()
in authentication paths (MD5 password verify, SCRAM ServerKey/StoredKey/
nonce checks, RADIUS response signature) in src/backend/libpq/auth.c,
src/backend/libpq/auth-scram.c, src/backend/libpq/crypt.c,
src/interfaces/libpq/fe-auth-scram.c, src/interfaces/libpq/Makefile,
src/include/port.h, src/port/Makefile and src/port/timingsafe_bcmp.c
- CVE-2026-6478
Updated packages:
-
libecpg-compat3-11_11.22-1~bookworm+tuxcare.els10_amd64.deb
sha:eb2a7637f8cbfc5a54e374c3959cb36b915678ef
-
libecpg-dev-11_11.22-1~bookworm+tuxcare.els10_amd64.deb
sha:64a431598c92f59f05b3676a64fb3ec92c7d52b5
-
libecpg6-11_11.22-1~bookworm+tuxcare.els10_amd64.deb
sha:054f37da2b2904a31d50a2336ba8dd3306f771df
-
libpgtypes3-11_11.22-1~bookworm+tuxcare.els10_amd64.deb
sha:84b7791b228ea402fde94a5d30f5170d4df7ac87
-
libpq-dev-11_11.22-1~bookworm+tuxcare.els10_amd64.deb
sha:7be1fdda47da6d0359aeae118960b611287f2763
-
libpq5-11_11.22-1~bookworm+tuxcare.els10_amd64.deb
sha:6db0afe735a4ad53ef5d372b81f9c01cec750147
-
postgresql11_11.22-1~bookworm+tuxcare.els10_amd64.deb
sha:6b324ce9f93dcbc77be97d1470edbcd028348669
-
postgresql11-client_11.22-1~bookworm+tuxcare.els10_amd64.deb
sha:1db9180add91b678aa8439585a90d03f27eb65c7
-
postgresql11-doc_11.22-1~bookworm+tuxcare.els10_all.deb
sha:8628e677590344833612f93440469534568f2301
-
postgresql11-plperl_11.22-1~bookworm+tuxcare.els10_amd64.deb
sha:3693a83d8f34d4eab6fcf81e33ee958c5bd3bb96
-
postgresql11-plpython3_11.22-1~bookworm+tuxcare.els10_amd64.deb
sha:856d60a41de70792ca692835a659846aac0f6433
-
postgresql11-pltcl_11.22-1~bookworm+tuxcare.els10_amd64.deb
sha:323bba8f37cb174d4a361909ab80aea5d7a54747
-
postgresql11-server-dev_11.22-1~bookworm+tuxcare.els10_amd64.deb
sha:ec761a17c1317131e96de1ee94548e46d459241c
-
libecpg-compat3-11_11.22-1~bookworm+tuxcare.els10_arm64.deb
sha:81f190d3df586ab0751f6b82a115df0c804708e4
-
libecpg-dev-11_11.22-1~bookworm+tuxcare.els10_arm64.deb
sha:5915a2b1d32e6d892ccde8d58524dda07f039125
-
libecpg6-11_11.22-1~bookworm+tuxcare.els10_arm64.deb
sha:b4cb7686deacf1dcef36cebd2b5f2bf98a89fa63
-
libpgtypes3-11_11.22-1~bookworm+tuxcare.els10_arm64.deb
sha:cf3127b2ab5edc2638e407650592fd3285b20d40
-
libpq-dev-11_11.22-1~bookworm+tuxcare.els10_arm64.deb
sha:fcbd21592bd7a8ff62e6f0f3cc97d614b7f22b27
-
libpq5-11_11.22-1~bookworm+tuxcare.els10_arm64.deb
sha:3d07746a4cc93ae7679ef48774b57ec81cc6bbbf
-
postgresql11_11.22-1~bookworm+tuxcare.els10_arm64.deb
sha:cc562f4d46bef33124b90917a3b7136dc3167c80
-
postgresql11-client_11.22-1~bookworm+tuxcare.els10_arm64.deb
sha:fe46ee759dc1b1300779c72c882cd2c8e9467c07
-
postgresql11-doc_11.22-1~bookworm+tuxcare.els10_all.deb
sha:8628e677590344833612f93440469534568f2301
-
postgresql11-plperl_11.22-1~bookworm+tuxcare.els10_arm64.deb
sha:cbdb41abc89d5b7467e6014b7649d1acbf8ec5ab
-
postgresql11-plpython3_11.22-1~bookworm+tuxcare.els10_arm64.deb
sha:4afeff8ca0d4a80c8330acb09f96cfbc5b815ded
-
postgresql11-pltcl_11.22-1~bookworm+tuxcare.els10_arm64.deb
sha:7864e91131fe78c4684df744415b6bf5855b4e8a
-
postgresql11-server-dev_11.22-1~bookworm+tuxcare.els10_arm64.deb
sha:d9e1881ff4c86e1474632da546a105233e927876
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
