Home / mailings [SECURITY] [DSA 6270-1] postgresql-17 security update
Posted on 14 May 2026
Debian Security Advisory- -------------------------------------------------------------------------
Debian Security Advisory DSA-6270-1 security@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
May 14, 2026 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : postgresql-17
CVE ID : CVE-2026-6472 CVE-2026-6473 CVE-2026-6474 CVE-2026-6475
CVE-2026-6476 CVE-2026-6477 CVE-2026-6478 CVE-2026-6479
CVE-2026-6637 CVE-2026-6638
Multiple security issues were discovered in PostgreSQL, which may result
in authorisation bypass, execution of arbitrary code, information
disclosure, privilege escalation, SQL injection or denial of service.
For the stable distribution (trixie), these problems have been fixed in
version 17.10-0+deb13u1.
We recommend that you upgrade your postgresql-17 packages.
For the detailed security status of postgresql-17 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/postgresql-17
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org
