Home / mailings [SECURITY] [DSA 6269-1] postgresql-15 security update
Posted on 14 May 2026
Debian Security Advisory- -------------------------------------------------------------------------
Debian Security Advisory DSA-6269-1 security@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
May 14, 2026 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : postgresql-15
CVE ID : CVE-2026-6472 CVE-2026-6473 CVE-2026-6474 CVE-2026-6475
CVE-2026-6477 CVE-2026-6478 CVE-2026-6479 CVE-2026-6637
Multiple security issues were discovered in PostgreSQL, which may result
in authorisation bypass, execution of arbitrary code, information
disclosure, privilege escalation, SQL injection or denial of service.
For the oldstable distribution (bookworm), these problems have been fixed
in version 15.18-0+deb12u1.
We recommend that you upgrade your postgresql-15 packages.
For the detailed security status of postgresql-15 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/postgresql-15
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org
