postgresql:12 security update

エラータID: AXSA:2025-9814:01

Release date: 
Monday, March 31, 2025 - 21:20
Subject: 
postgresql:12 security update
Affected Channels: 
Asianux Server 8 for x86_64
Severity: 
High
Description: 

PostgreSQL is an advanced object-relational database management system (DBMS).

Security Fix(es):

* postgresql: PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding validation (CVE-2025-1094)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2025-1094
Improper neutralization of quoting syntax in PostgreSQL libpq functions PQescapeLiteral(), PQescapeIdentifier(), PQescapeString(), and PQescapeStringConn() allows a database input provider to achieve SQL injection in certain usage patterns. Specifically, SQL injection requires the application to use the function result to construct input to psql, the PostgreSQL interactive terminal. Similarly, improper neutralization of quoting syntax in PostgreSQL command line utility programs allows a source of command line arguments to achieve SQL injection when client_encoding is BIG5 and server_encoding is one of EUC_TW or MULE_INTERNAL. Versions before PostgreSQL 17.3, 16.7, 15.11, 14.16, and 13.19 are affected.

Modularity name: "postgresql"
Stream name: "12"

Solution: 

Update packages.

Additional Info: 

N/A

Download: 

SRPMS
  1. pgaudit-1.4.0-7.module+el8+1858+fbedf1f0.ML.1.src.rpm
    MD5: e5f4c3ab7b46e62d4c07a02829d3caa6
    SHA-256: da69b9853a7328f7d6c1a35adcd32fb25207302e020ac7b312a5f8584506058a
    Size: 42.40 kB
  2. pg_repack-1.4.6-3.module+el8+1858+fbedf1f0.src.rpm
    MD5: 7046a942b2e0d58b4a02ce6790b8c5c9
    SHA-256: 7cd546379ed1b4e5784e632659ab1292b69a707f22069e52842ecdaaff751f50
    Size: 100.99 kB
  3. postgres-decoderbufs-0.10.0-2.module+el8+1858+fbedf1f0.src.rpm
    MD5: 815bd7fb2c9f988afeaca32b8fb84ec0
    SHA-256: e29407797f80223478d159f76d2bfe09e520bc711b7a5c22f519f53e5744cee7
    Size: 21.13 kB
  4. postgresql-12.22-3.module+el8+1858+fbedf1f0.src.rpm
    MD5: 954ddce9ca22e65565edcfbca3150811
    SHA-256: 5e911358744652601062f3f939bf23bfc5ea7a2758590d00bd38c6f12c3073ff
    Size: 46.73 MB

Asianux Server 8 for x86_64
  1. pgaudit-1.4.0-7.module+el8+1858+fbedf1f0.ML.1.x86_64.rpm
    MD5: 5b822db0b4af3d45b591449aca14db48
    SHA-256: 3132065d2d6e16cf7335ce134ecbe43ef09b34412a065bdf82b5f27c41c4eacf
    Size: 27.10 kB
  2. pgaudit-debugsource-1.4.0-7.module+el8+1858+fbedf1f0.ML.1.x86_64.rpm
    MD5: 2d2906e3d3381599b1e1aeb3020243b6
    SHA-256: 2f30334d4bd65031ff212d1f98581dff4b45b4cb7920afded26735149c8bf011
    Size: 23.04 kB
  3. pg_repack-1.4.6-3.module+el8+1858+fbedf1f0.x86_64.rpm
    MD5: f125a069a2a299888b0e45f46809a146
    SHA-256: 78cccbf93d39c53c2c774baf81ca682e7824f358f8b77414dd37f2fa61d96854
    Size: 89.17 kB
  4. pg_repack-debugsource-1.4.6-3.module+el8+1858+fbedf1f0.x86_64.rpm
    MD5: 751e117a6f536ca4352dbc6a67c76329
    SHA-256: 1113437a65978a2961263ae910686d522e220203c2f716afca3017a6e2167501
    Size: 49.69 kB
  5. postgres-decoderbufs-0.10.0-2.module+el8+1858+fbedf1f0.x86_64.rpm
    MD5: a7a9d21354d50868837eb75d0fb80e9d
    SHA-256: d5154bd9e75a7a0fef1c537a8755cea68b4671a4e4a4eb39b7fbc533784f458f
    Size: 21.83 kB
  6. postgres-decoderbufs-debugsource-0.10.0-2.module+el8+1858+fbedf1f0.x86_64.rpm
    MD5: 5496ff396158d15749791b8f65c14862
    SHA-256: 06d5cc3e35c691f00b797361f55d49649a82119e1b02eb88681b206aac9c2eb1
    Size: 16.81 kB
  7. postgresql-12.22-3.module+el8+1858+fbedf1f0.x86_64.rpm
    MD5: 4dd2a2b26050243f01744c8aa34ac61a
    SHA-256: 30b84cb74e2c244f92d533cbc11ddd54d0ff81b843adbf8f50fe379da1f31518
    Size: 1.52 MB
  8. postgresql-contrib-12.22-3.module+el8+1858+fbedf1f0.x86_64.rpm
    MD5: 04295a33da1856838ed994635b325c85
    SHA-256: f248f2a76c13a899d6767a4b190171e8c98a8b044594edc8d647a70eef88ccf1
    Size: 874.19 kB
  9. postgresql-debugsource-12.22-3.module+el8+1858+fbedf1f0.x86_64.rpm
    MD5: 49d6af6ef7bbe7050b540d6758ab12b6
    SHA-256: 475eb7dfa1566384f8694cf8644cbcaf68cadce8f318b01291ec67d2b7f7c785
    Size: 16.99 MB
  10. postgresql-docs-12.22-3.module+el8+1858+fbedf1f0.x86_64.rpm
    MD5: cb4d1531d121c0db1fe8fa865550cbf6
    SHA-256: 7fee395adc35001b0b02ea69f4fb496cf6b1b844c75569ce1629a20c37a0cd90
    Size: 9.85 MB
  11. postgresql-plperl-12.22-3.module+el8+1858+fbedf1f0.x86_64.rpm
    MD5: 46fa07aaec291e4fa8419e1a7c4dca35
    SHA-256: afc26169ce58d632ceeb3d1e162939c94d5bc91f34c4d2f6fcc1c2b0faecee14
    Size: 110.08 kB
  12. postgresql-plpython3-12.22-3.module+el8+1858+fbedf1f0.x86_64.rpm
    MD5: 5841f103d3f8921c65d9df961124002b
    SHA-256: b20d4587d1d0cfcae6682d2420124e867ffd9bf16528e1d0e262dc5ac47294c7
    Size: 130.09 kB
  13. postgresql-pltcl-12.22-3.module+el8+1858+fbedf1f0.x86_64.rpm
    MD5: afdcfc370da766482af6ccf498524416
    SHA-256: 88a32034bd2d54d9ceb8a9bc7fc82f622393a4b3cff5ca64cf476436beda0738
    Size: 85.52 kB
  14. postgresql-server-12.22-3.module+el8+1858+fbedf1f0.x86_64.rpm
    MD5: b40cb6637cdf8ccd5ba16305daf05ea3
    SHA-256: 8471ba40e3b28ef80fb9c7c3e4a32419fcb8e4c3ab59d6e004663e52fd8f7c77
    Size: 5.56 MB
  15. postgresql-server-devel-12.22-3.module+el8+1858+fbedf1f0.x86_64.rpm
    MD5: 4529fd27085680ee3b1c2ffa3760ed9d
    SHA-256: d0d9643a90ae9bb5910490b3654793c98655bb05a2721394be075f1e817a69bd
    Size: 1.23 MB
  16. postgresql-static-12.22-3.module+el8+1858+fbedf1f0.x86_64.rpm
    MD5: de1aa82d9416254dbf923b6e68579442
    SHA-256: a1c2651f14d848362ffd886ca5338c1bc5c452d4417d3454e9fbf1616c51dbeb
    Size: 175.30 kB
  17. postgresql-test-12.22-3.module+el8+1858+fbedf1f0.x86_64.rpm
    MD5: d68c88e65a9b8090f561e9af1ca53ba6
    SHA-256: 578574945edfaa260af09014ffebc10f550496105b91379cb114a96039efc9d2
    Size: 1.96 MB
  18. postgresql-test-rpm-macros-12.22-3.module+el8+1858+fbedf1f0.noarch.rpm
    MD5: 8d4ccd4b855c970390b82ef4071ea1fd
    SHA-256: 77163daeb7a0ed64249dae7203bc0727a7446292d09e8da500e281e31615ebfa
    Size: 53.27 kB
  19. postgresql-upgrade-12.22-3.module+el8+1858+fbedf1f0.x86_64.rpm
    MD5: bf084651b91cc075cc2cf4a3692f570b
    SHA-256: a2d76eca629396b41a46a976fe7c26f1c36e9b3e03b9bc5bd68d834c6ba9f949
    Size: 4.07 MB
  20. postgresql-upgrade-devel-12.22-3.module+el8+1858+fbedf1f0.x86_64.rpm
    MD5: ae08215f3672852c854f2c9dbffa5094
    SHA-256: 54b7d570fc8a271222c49718e25451b135ccc0b6f32ebf7863a5ebbc8edf988a
    Size: 1.13 MB