postgresql-13.23-1.el9_7

エラータID: AXSA:2026-036:01

Release date: 
Wednesday, January 14, 2026 - 16:08
Subject: 
postgresql-13.23-1.el9_7
Affected Channels: 
MIRACLE LINUX 9 for x86_64
Severity: 
Moderate
Description: 

PostgreSQL is an advanced object-relational database management system (DBMS).

Security Fix(es):

* postgresql: CREATE STATISTICS does not check for schema CREATE privilege (CVE-2025-12817)
* postgresql: libpq undersizes allocations, via integer wraparound (CVE-2025-12818)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2025-12817
Missing authorization in PostgreSQL CREATE STATISTICS command allows a table owner to achieve denial of service against other CREATE STATISTICS users by creating in any schema. A later CREATE STATISTICS for the same name, from a user having the CREATE privilege, would then fail. Versions before PostgreSQL 18.1, 17.7, 16.11, 15.15, 14.20, and 13.23 are affected.
CVE-2025-12818
Integer wraparound in multiple PostgreSQL libpq client library functions allows an application input provider or network peer to cause libpq to undersize an allocation and write out-of-bounds by hundreds of megabytes. This results in a segmentation fault for the application using libpq. Versions before PostgreSQL 18.1, 17.7, 16.11, 15.15, 14.20, and 13.23 are affected.

Solution: 

Update packages.

CVEs: 
CVE-2025-12817
Missing authorization in PostgreSQL CREATE STATISTICS command allows a table owner to achieve denial of service against other CREATE STATISTICS users by creating in any schema. A later CREATE STATISTICS for the same name, from a user having the CREATE privilege, would then fail. Versions before PostgreSQL 18.1, 17.7, 16.11, 15.15, 14.20, and 13.23 are affected.
CVE-2025-12818
Integer wraparound in multiple PostgreSQL libpq client library functions allows an application input provider or network peer to cause libpq to undersize an allocation and write out-of-bounds by hundreds of megabytes. This results in a segmentation fault for the application using libpq. Versions before PostgreSQL 18.1, 17.7, 16.11, 15.15, 14.20, and 13.23 are affected.
Additional Info: 

N/A

Download: 

SRPMS
  1. postgresql-13.23-1.el9_7.src.rpm
    MD5: 6239cab3edee1b297e9fee7316b711cf
    SHA-256: d999889f78d54cb4670a1b070a0adea9c78ee460bdd370cb6484133891b3f01e
    Size: 48.91 MB

Asianux Server 9 for x86_64
  1. postgresql-13.23-1.el9_7.x86_64.rpm
    MD5: 31c67ee84c0a0c4dc5399fae23c659af
    SHA-256: 0b331a3df6d9ea6acc8f249a909c16a086da0368242cb5fd22613285f4cffcf8
    Size: 1.62 MB
  2. postgresql-contrib-13.23-1.el9_7.x86_64.rpm
    MD5: 2ed97957e85456c80ebde4944fca64c5
    SHA-256: 48d98e6d2d8fd6b02fbfbcb24289c02d691c4f6194652b1b32f29c73084d5e1d
    Size: 884.90 kB
  3. postgresql-docs-13.23-1.el9_7.x86_64.rpm
    MD5: a1e5e62849fd0014e682c3efd9067cff
    SHA-256: 340effe687960c44b2523c5571d84569a043214220a4d1faae4180b0ef193ef6
    Size: 9.66 MB
  4. postgresql-plperl-13.23-1.el9_7.x86_64.rpm
    MD5: 177aa12b8bead1f904007179bd45c6da
    SHA-256: b910fcf8637fe48765ca1b7181c1552e6c2c4a881db2a75d3d7c8cce5a0d7991
    Size: 74.38 kB
  5. postgresql-plpython3-13.23-1.el9_7.x86_64.rpm
    MD5: 0b833e842e9fc4372aaec6f9f3f961b5
    SHA-256: e8980fb1a0bcc1c0271ef8ceaf95be15c0feb5ca0f975474789b250a5e6e870c
    Size: 93.62 kB
  6. postgresql-pltcl-13.23-1.el9_7.x86_64.rpm
    MD5: eec71b65c8953bb41ba4a29a19541bb0
    SHA-256: edaa9fad98a8db2f274d45030305c1f98742ebdd51c48f550331aaeac55d7b28
    Size: 48.52 kB
  7. postgresql-private-devel-13.23-1.el9_7.x86_64.rpm
    MD5: 6e09b9d6c5a20dbb5172d6b692ff4dcd
    SHA-256: 33e2343677cac377ee532d0a588995732235f33609e5375a91146f8257d9ac57
    Size: 63.26 kB
  8. postgresql-private-libs-13.23-1.el9_7.x86_64.rpm
    MD5: c933138f92af3e266c7fb81b8e9421f4
    SHA-256: c61765aca04c48a877ab488fe71df88c8193a06cf0e6d8f070a88ddfea1f12d4
    Size: 137.56 kB
  9. postgresql-server-13.23-1.el9_7.x86_64.rpm
    MD5: ad394f2da5db4c883c00d24e6eff35d0
    SHA-256: 272b4648b7c086a39b4fd432cab6f3cd16a38678958efdccc98b53f9cf3404d2
    Size: 5.76 MB
  10. postgresql-server-devel-13.23-1.el9_7.x86_64.rpm
    MD5: fe4a8402789822c5bb2ea01c3a365cb0
    SHA-256: 14d80acb6fb03d120f936256ff0a3066aa6e2dd4ec9c6e5c0c17c47544d92b69
    Size: 1.31 MB
  11. postgresql-static-13.23-1.el9_7.x86_64.rpm
    MD5: 9413752be1053a1658602538ec37c57d
    SHA-256: cca27f2653d450aa505380480d046a36553fc0360f6669a01b0936bd14a0b0bc
    Size: 125.54 kB
  12. postgresql-test-13.23-1.el9_7.x86_64.rpm
    MD5: 687b5d37e1006ce56f8bb8d796f6ad33
    SHA-256: 53b837125dc1e29f252c966a3ba67a6555435506f53301809099e006e841e98e
    Size: 1.53 MB
  13. postgresql-test-rpm-macros-13.23-1.el9_7.noarch.rpm
    MD5: 020e38f443ce3406934531f752bf2060
    SHA-256: 6414f5d39f9b7098e4c669737a5074c9dff77e450ac9e36b9c98cf135c063f7d
    Size: 9.29 kB
  14. postgresql-upgrade-13.23-1.el9_7.x86_64.rpm
    MD5: e2834f06ca75be9f0a2a23f8cb02aadc
    SHA-256: 3b6db0ead0cc8d0344cd3de7159de1de52f8e45eec657c5e6ec09288a31864ae
    Size: 4.60 MB
  15. postgresql-upgrade-devel-13.23-1.el9_7.x86_64.rpm
    MD5: 178c1da6b6ebdfd4f15e31bf2890105b
    SHA-256: f9096d6fab14d69e797ce1c776f194a7aedf6ae58c9d83ea58b5a5ce7fa6c354
    Size: 1.20 MB