[ALSA-2026:28999] Important: postgresql:12 security update
Type:
security
Severity:
important
Release date:
2026-06-24
Description:
PostgreSQL is an advanced object-relational database management system (DBMS). Security Fix(es): * postgresql: PostgreSQL: Credential recovery via covert timing channel in MD5 password comparison (CVE-2026-6478) * postgresql: integer overflow can cause an undersized allocation and an out-of-bounds write (CVE-2026-6473) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 pgaudit-1.4.0-7.module_el8.10.0+3889+48cb11fb.alma.1.aarch64.rpm 8e29d61d3231b1e12894ddc5a5e2c015291450ca149ec9ddf4cf98a67be2c994
aarch64 pg_repack-1.4.6-3.module_el8.9.0+3704+f1f917ce.aarch64.rpm d387f0b4763bd897b8b7fb5e17c9c3614c6e23159b77e886164725f79f82cd13
aarch64 postgres-decoderbufs-0.10.0-2.module_el8.9.0+3704+f1f917ce.aarch64.rpm eaa32eea438e859ac3104060c211187f53da746e219021535b66046809df054d
ppc64le pg_repack-1.4.6-3.module_el8.9.0+3704+f1f917ce.ppc64le.rpm 0d8ef1ab493c2ac3716bff9672c30cf30ec7561f8bb9fdf63ddeea22f5799426
ppc64le postgres-decoderbufs-0.10.0-2.module_el8.9.0+3704+f1f917ce.ppc64le.rpm 747294e7a6924a34ad2b2223f2c8411a69f9dab6a120433af7e72b68f2714a45
ppc64le pgaudit-1.4.0-7.module_el8.9.0+3740+0e74851f.alma.1.ppc64le.rpm d35f381e2b4743a54701b9286c07d3e6300bd8ec3e5acc66430ed9bbcab16e57
s390x pgaudit-1.4.0-7.module_el8.9.0+3740+0e74851f.alma.1.s390x.rpm 05a6d09d675776fb9ab998aa9fb52890d6c4ecc40957331844fd2c42f555ebca
s390x pg_repack-1.4.6-3.module_el8.9.0+3704+f1f917ce.s390x.rpm 14fdf29fe5dd7075aaf956b75aec2c5028f78ea8c06a19b461fa970284284047
s390x postgres-decoderbufs-0.10.0-2.module_el8.9.0+3704+f1f917ce.s390x.rpm 8cd16a1e3af9b7e12bf6df8db5735aeeb762e32913e95ec5dabcb05c6ac34f39
x86_64 pgaudit-1.4.0-7.module_el8.10.0+3889+48cb11fb.alma.1.x86_64.rpm 669123aad2754ae8a52788cc4749307a85123933f5aa766784de4dab70ef22b3
x86_64 pg_repack-1.4.6-3.module_el8.9.0+3704+f1f917ce.x86_64.rpm 79b1ee8a01d145e00f93816e22ee5b777279d667c4c7d4f068951669fbb5acce
x86_64 postgres-decoderbufs-0.10.0-2.module_el8.9.0+3704+f1f917ce.x86_64.rpm a8d19208b505cfbbc7ecc872d442b5a099decece96f97199f82018ae38718267
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.