Red Hat Product Errata RHSA-2025:1745 - Security Advisory
Issued:
2025-02-20
Updated:
2025-02-20

RHSA-2025:1745 - Security Advisory

Synopsis

Important: libpq security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for libpq is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The libpq package provides the PostgreSQL client library, which allows client programs to connect to PostgreSQL servers.

Security Fix(es):

  • postgresql: PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding validation (CVE-2025-1094)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.6 x86_64
  • Red Hat Enterprise Linux Server - AUS 8.6 x86_64
  • Red Hat Enterprise Linux Server - TUS 8.6 x86_64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6 x86_64

Fixes

  • BZ - 2345548 - CVE-2025-1094 postgresql: PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding validation

Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.6

SRPM
libpq-13.20-1.el8_6.src.rpm SHA-256: 2d9c285e3ac9841b44fdba82df80fee1975662512f1be3b716ad441f5b15426c
x86_64
libpq-13.20-1.el8_6.i686.rpm SHA-256: 86e36695c9a32de4b5df5026532ffad5e6b9f4d89a061cc5e2dafec0cf078b49
libpq-13.20-1.el8_6.x86_64.rpm SHA-256: 5b0ad043658041d286ef5b162fc79546a1b67ef0dfe8987fd852ef8f73744f8a
libpq-debuginfo-13.20-1.el8_6.i686.rpm SHA-256: 017696a1cae9981b3a02b41bc9f56f8b451af2b36523ed50bad4811734d4f897
libpq-debuginfo-13.20-1.el8_6.x86_64.rpm SHA-256: 018aa836e788cdd24cef57c6f3eb7cfb12aea798d8af9c375dd4692a07e24379
libpq-debugsource-13.20-1.el8_6.i686.rpm SHA-256: 67e1ef7b88de950e43e91ea8d5c061db6564599677baf998c543771e2ea4ccbb
libpq-debugsource-13.20-1.el8_6.x86_64.rpm SHA-256: 381c8c5a4cd8e5e28b5169de0c7d1b57aeb9b83c20c2e880dda8c1676d673729
libpq-devel-13.20-1.el8_6.i686.rpm SHA-256: a3cb12c3220133bfc070f0fcfe706065d5d8b70197df78c04a1a07588d5b7e15
libpq-devel-13.20-1.el8_6.x86_64.rpm SHA-256: 84a49b4e1e508653ad48472e8f5b56a1f9c5fcf5e10d3d94bd7afaae1be82dda
libpq-devel-debuginfo-13.20-1.el8_6.i686.rpm SHA-256: 8af00ee646368cbeb9933e6e2cbf82c2636bda7d5906f9562d0d25794796390b
libpq-devel-debuginfo-13.20-1.el8_6.x86_64.rpm SHA-256: 39df0717f6c9860329d8fd3b55fbaa494053d2207ef2c701d5073b407e4a0649

Red Hat Enterprise Linux Server - AUS 8.6

SRPM
libpq-13.20-1.el8_6.src.rpm SHA-256: 2d9c285e3ac9841b44fdba82df80fee1975662512f1be3b716ad441f5b15426c
x86_64
libpq-13.20-1.el8_6.i686.rpm SHA-256: 86e36695c9a32de4b5df5026532ffad5e6b9f4d89a061cc5e2dafec0cf078b49
libpq-13.20-1.el8_6.x86_64.rpm SHA-256: 5b0ad043658041d286ef5b162fc79546a1b67ef0dfe8987fd852ef8f73744f8a
libpq-debuginfo-13.20-1.el8_6.i686.rpm SHA-256: 017696a1cae9981b3a02b41bc9f56f8b451af2b36523ed50bad4811734d4f897
libpq-debuginfo-13.20-1.el8_6.x86_64.rpm SHA-256: 018aa836e788cdd24cef57c6f3eb7cfb12aea798d8af9c375dd4692a07e24379
libpq-debugsource-13.20-1.el8_6.i686.rpm SHA-256: 67e1ef7b88de950e43e91ea8d5c061db6564599677baf998c543771e2ea4ccbb
libpq-debugsource-13.20-1.el8_6.x86_64.rpm SHA-256: 381c8c5a4cd8e5e28b5169de0c7d1b57aeb9b83c20c2e880dda8c1676d673729
libpq-devel-13.20-1.el8_6.i686.rpm SHA-256: a3cb12c3220133bfc070f0fcfe706065d5d8b70197df78c04a1a07588d5b7e15
libpq-devel-13.20-1.el8_6.x86_64.rpm SHA-256: 84a49b4e1e508653ad48472e8f5b56a1f9c5fcf5e10d3d94bd7afaae1be82dda
libpq-devel-debuginfo-13.20-1.el8_6.i686.rpm SHA-256: 8af00ee646368cbeb9933e6e2cbf82c2636bda7d5906f9562d0d25794796390b
libpq-devel-debuginfo-13.20-1.el8_6.x86_64.rpm SHA-256: 39df0717f6c9860329d8fd3b55fbaa494053d2207ef2c701d5073b407e4a0649

Red Hat Enterprise Linux Server - TUS 8.6

SRPM
libpq-13.20-1.el8_6.src.rpm SHA-256: 2d9c285e3ac9841b44fdba82df80fee1975662512f1be3b716ad441f5b15426c
x86_64
libpq-13.20-1.el8_6.i686.rpm SHA-256: 86e36695c9a32de4b5df5026532ffad5e6b9f4d89a061cc5e2dafec0cf078b49
libpq-13.20-1.el8_6.x86_64.rpm SHA-256: 5b0ad043658041d286ef5b162fc79546a1b67ef0dfe8987fd852ef8f73744f8a
libpq-debuginfo-13.20-1.el8_6.i686.rpm SHA-256: 017696a1cae9981b3a02b41bc9f56f8b451af2b36523ed50bad4811734d4f897
libpq-debuginfo-13.20-1.el8_6.x86_64.rpm SHA-256: 018aa836e788cdd24cef57c6f3eb7cfb12aea798d8af9c375dd4692a07e24379
libpq-debugsource-13.20-1.el8_6.i686.rpm SHA-256: 67e1ef7b88de950e43e91ea8d5c061db6564599677baf998c543771e2ea4ccbb
libpq-debugsource-13.20-1.el8_6.x86_64.rpm SHA-256: 381c8c5a4cd8e5e28b5169de0c7d1b57aeb9b83c20c2e880dda8c1676d673729
libpq-devel-13.20-1.el8_6.i686.rpm SHA-256: a3cb12c3220133bfc070f0fcfe706065d5d8b70197df78c04a1a07588d5b7e15
libpq-devel-13.20-1.el8_6.x86_64.rpm SHA-256: 84a49b4e1e508653ad48472e8f5b56a1f9c5fcf5e10d3d94bd7afaae1be82dda
libpq-devel-debuginfo-13.20-1.el8_6.i686.rpm SHA-256: 8af00ee646368cbeb9933e6e2cbf82c2636bda7d5906f9562d0d25794796390b
libpq-devel-debuginfo-13.20-1.el8_6.x86_64.rpm SHA-256: 39df0717f6c9860329d8fd3b55fbaa494053d2207ef2c701d5073b407e4a0649

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6

SRPM
libpq-13.20-1.el8_6.src.rpm SHA-256: 2d9c285e3ac9841b44fdba82df80fee1975662512f1be3b716ad441f5b15426c
ppc64le
libpq-13.20-1.el8_6.ppc64le.rpm SHA-256: f5a0ede4f40b3f3b4a5959e328431bf681455da68029763f00978bf9c7b81720
libpq-debuginfo-13.20-1.el8_6.ppc64le.rpm SHA-256: 33b2e1cc0cadbe8ab6c02f935096b2a99137597d440859fcf17649beb9aa277f
libpq-debugsource-13.20-1.el8_6.ppc64le.rpm SHA-256: 576cdaa014bd01f9da1f326a8cb9ce08b04dc071576a482ad7e17e973b6b7c20
libpq-devel-13.20-1.el8_6.ppc64le.rpm SHA-256: 781e5273db5cbb6ae5179e50fc68806ba75dd1afda2a4f4f6e42b3d40fd8c371
libpq-devel-debuginfo-13.20-1.el8_6.ppc64le.rpm SHA-256: 1c65a6f106c17771244865ae45bb23a625dc7f9349761ba31268c1c1a6e8250a

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6

SRPM
libpq-13.20-1.el8_6.src.rpm SHA-256: 2d9c285e3ac9841b44fdba82df80fee1975662512f1be3b716ad441f5b15426c
x86_64
libpq-13.20-1.el8_6.i686.rpm SHA-256: 86e36695c9a32de4b5df5026532ffad5e6b9f4d89a061cc5e2dafec0cf078b49
libpq-13.20-1.el8_6.x86_64.rpm SHA-256: 5b0ad043658041d286ef5b162fc79546a1b67ef0dfe8987fd852ef8f73744f8a
libpq-debuginfo-13.20-1.el8_6.i686.rpm SHA-256: 017696a1cae9981b3a02b41bc9f56f8b451af2b36523ed50bad4811734d4f897
libpq-debuginfo-13.20-1.el8_6.x86_64.rpm SHA-256: 018aa836e788cdd24cef57c6f3eb7cfb12aea798d8af9c375dd4692a07e24379
libpq-debugsource-13.20-1.el8_6.i686.rpm SHA-256: 67e1ef7b88de950e43e91ea8d5c061db6564599677baf998c543771e2ea4ccbb
libpq-debugsource-13.20-1.el8_6.x86_64.rpm SHA-256: 381c8c5a4cd8e5e28b5169de0c7d1b57aeb9b83c20c2e880dda8c1676d673729
libpq-devel-13.20-1.el8_6.i686.rpm SHA-256: a3cb12c3220133bfc070f0fcfe706065d5d8b70197df78c04a1a07588d5b7e15
libpq-devel-13.20-1.el8_6.x86_64.rpm SHA-256: 84a49b4e1e508653ad48472e8f5b56a1f9c5fcf5e10d3d94bd7afaae1be82dda
libpq-devel-debuginfo-13.20-1.el8_6.i686.rpm SHA-256: 8af00ee646368cbeb9933e6e2cbf82c2636bda7d5906f9562d0d25794796390b
libpq-devel-debuginfo-13.20-1.el8_6.x86_64.rpm SHA-256: 39df0717f6c9860329d8fd3b55fbaa494053d2207ef2c701d5073b407e4a0649

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.