Issued:: 2025-02-20
Updated:: 2025-02-20

RHSA-2025:1720 - Security Advisory

Overview
Updated Packages

Synopsis

Important: libpq security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for libpq is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The libpq package provides the PostgreSQL client library, which allows client programs to connect to PostgreSQL servers.

Security Fix(es):

postgresql: PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding validation (CVE-2025-1094)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Enterprise Linux Server - AUS 8.2 x86_64

Fixes

BZ - 2345548 - CVE-2025-1094 postgresql: PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding validation

CVEs

CVE-2025-1094

References

https://access.redhat.com/security/updates/classification/#important

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server - AUS 8.2

SRPM
libpq-12.7-1.el8_2.2.src.rpm	SHA-256: f3cebdbddd8679d336e54eba90299db60bbbf0c49d1116fe4b810ec78f184d35
x86_64
libpq-12.7-1.el8_2.2.i686.rpm	SHA-256: 1493e7bd116da7ab0fbfb0f37b5b42236613c1b0b9148db421c115860a895338
libpq-12.7-1.el8_2.2.x86_64.rpm	SHA-256: 4433bb0426ef81eee6a539851fd7c1d90d4c482c1d442bb06305ade52841efaa
libpq-debuginfo-12.7-1.el8_2.2.i686.rpm	SHA-256: 4eba35c98384b35d2c3c3efa220591cfab895c4dd60734594be37641f2ed8a52
libpq-debuginfo-12.7-1.el8_2.2.x86_64.rpm	SHA-256: 45318a37ff72360eb0abc75d0045c3c2f5403300883117ef43b457e8a42652be
libpq-debugsource-12.7-1.el8_2.2.i686.rpm	SHA-256: 26b84a2054bb75e65be85976f9cba5c820ae793d1d2757cc4baccd28f2197880
libpq-debugsource-12.7-1.el8_2.2.x86_64.rpm	SHA-256: 27a6d7c6636278cf075da2f9f5069bdc2b816fc9eed006b5958753a040582a73
libpq-devel-12.7-1.el8_2.2.i686.rpm	SHA-256: a3e09f1614cf1cf8debf85a4ef5218b71a68f3583a315f729057cec7ca6d2fdf
libpq-devel-12.7-1.el8_2.2.x86_64.rpm	SHA-256: 4d08c0ef03107b1869ad95246273627d56e55e0fbe233611932bea8a812ffd9d
libpq-devel-debuginfo-12.7-1.el8_2.2.i686.rpm	SHA-256: 2b7c9714b039850d8da143a94a04534afb382551280cb35fe1675fd6fcf0e003
libpq-devel-debuginfo-12.7-1.el8_2.2.x86_64.rpm	SHA-256: d4cda5099824ddc7e054eedcf1e76a028ba1607f88eb294a07fb8819e5b271f1

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation