[SECURITY] [DSA 6269-1] postgresql-15 security update

[Moritz Muehlenhoff <jmm@debian.org>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-6269-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
May 14, 2026                          https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : postgresql-15
CVE ID         : CVE-2026-6472 CVE-2026-6473 CVE-2026-6474 CVE-2026-6475 
                 CVE-2026-6477 CVE-2026-6478 CVE-2026-6479 CVE-2026-6637

Multiple security issues were discovered in PostgreSQL, which may result
in authorisation bypass, execution of arbitrary code, information
disclosure, privilege escalation, SQL injection or denial of service.

For the oldstable distribution (bookworm), these problems have been fixed
in version 15.18-0+deb12u1.

We recommend that you upgrade your postgresql-15 packages.

For the detailed security status of postgresql-15 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/postgresql-15

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmoF2pEACgkQEMKTtsN8
TjamQQ//W5wJVI3CwW/jYa9PgJgwkYVbA/nj/0wwjOjWTcp4HlVkfUFcyjnmDa38
+C9HXJYXC0Kq5RMFSrUVAYwfCuuG4qhU8geV72dzJWFJvRjTyOGNmGi5mV9Hoj8X
xPwJppmwzXgrfrvX8LjuNtKehRldXGUXb9OPnWcbPt5U/lBWAzQTQxlvYZTmBBek
rhFUFzBpZh1MEedyUOPTmVXQCrWr7BY+GwbLGoXPtwGjdWKmbkVbXWcavD0Xzf38
mX09zKnSR9pG0w4ttWKX67ruAcPrvzyGKxSfwLigza0Q0AOW9Nr3fG8rhDgeryIu
9VTgC6bDqCbkOZk85gKZOobW0YyRJMYlf5DrCu5PpnlzOAM4rKSB3Sh63K7x9P36
dqPExv+yrD11b15aU43oFTP1i56k/FtMeCAIWU2Oawo/GkoEzCTMMt0Nbe1PmVsL
/DvGFKFFm3uGUmyKvUOJjvjSmYcziKUZs3p1AQNz8S/1jHHlqbNYRrolzkQAshC+
j/0uoQuAV3q9H3IDxd52zJ3P2pwz0IU36gxHS8WaSeB+u+QCPQFzK+uivsyJzZHq
sV7u/RRAs4dxCJChIY4jfjcPUdu8tt8rktTo6jeP8/0HIXybBjo+8SydEk5AElbV
X+/sLEWTWAGk32kQBaEUz11x7121TViyy9xFaBBQIBwqDcQB2hU=
=89Il
-----END PGP SIGNATURE-----