CLSA-2026-1779697425

See a problem?

Import Source

https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.6esu/CLSA-2026-1779697425.json

JSON Data

https://api.osv.dev/v1/vulns/CLSA-2026-1779697425

Upstream

CVE-2026-6478

Published

2026-05-25T08:23:49Z

Modified

2026-06-01T00:32:54.782103920Z

Summary

postgresql: Fix of CVE-2026-6478

Details

CVE-2026-6478: backport upstream prerequisite that introduces the timingsafe_bcmp() constant-time memory comparison helper, then apply it to SCRAM and MD5 authentication paths that previously used memcmp() or strcmp() on password hashes, computed keys, and SCRAM nonces, to prevent timing-side-channel password recovery

References

https://errata.tuxcare.com/els_os/tuxcare9.6esu/CLSA-2026-1779697425.html

Affected packages

TuxCare:AlmaLinux:9.6

postgresql

Package

Name: postgresql
Purl: pkg:rpm/tuxcare/postgresql?distro=almalinux-9.6

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

13.23-1.el9_6.tuxcare.els7

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.6esu/CLSA-2026-1779697425.json"

postgresql-contrib

Package

Name: postgresql-contrib
Purl: pkg:rpm/tuxcare/postgresql-contrib?distro=almalinux-9.6

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

13.23-1.el9_6.tuxcare.els7

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.6esu/CLSA-2026-1779697425.json"

postgresql-docs

Package

Name: postgresql-docs
Purl: pkg:rpm/tuxcare/postgresql-docs?distro=almalinux-9.6

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

13.23-1.el9_6.tuxcare.els7

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.6esu/CLSA-2026-1779697425.json"

postgresql-plperl

Package

Name: postgresql-plperl
Purl: pkg:rpm/tuxcare/postgresql-plperl?distro=almalinux-9.6

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

13.23-1.el9_6.tuxcare.els7

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.6esu/CLSA-2026-1779697425.json"

postgresql-plpython3

Package

Name: postgresql-plpython3
Purl: pkg:rpm/tuxcare/postgresql-plpython3?distro=almalinux-9.6

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

13.23-1.el9_6.tuxcare.els7

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.6esu/CLSA-2026-1779697425.json"

postgresql-pltcl

Package

Name: postgresql-pltcl
Purl: pkg:rpm/tuxcare/postgresql-pltcl?distro=almalinux-9.6

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

13.23-1.el9_6.tuxcare.els7

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.6esu/CLSA-2026-1779697425.json"

postgresql-private-devel

Package

Name: postgresql-private-devel
Purl: pkg:rpm/tuxcare/postgresql-private-devel?distro=almalinux-9.6

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

13.23-1.el9_6.tuxcare.els7

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.6esu/CLSA-2026-1779697425.json"

postgresql-private-libs

Package

Name: postgresql-private-libs
Purl: pkg:rpm/tuxcare/postgresql-private-libs?distro=almalinux-9.6

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

13.23-1.el9_6.tuxcare.els7

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.6esu/CLSA-2026-1779697425.json"

postgresql-server

Package

Name: postgresql-server
Purl: pkg:rpm/tuxcare/postgresql-server?distro=almalinux-9.6

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

13.23-1.el9_6.tuxcare.els7

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.6esu/CLSA-2026-1779697425.json"

postgresql-server-devel

Package

Name: postgresql-server-devel
Purl: pkg:rpm/tuxcare/postgresql-server-devel?distro=almalinux-9.6

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

13.23-1.el9_6.tuxcare.els7

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.6esu/CLSA-2026-1779697425.json"

postgresql-static

Package

Name: postgresql-static
Purl: pkg:rpm/tuxcare/postgresql-static?distro=almalinux-9.6

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

13.23-1.el9_6.tuxcare.els7

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.6esu/CLSA-2026-1779697425.json"

postgresql-test

Package

Name: postgresql-test
Purl: pkg:rpm/tuxcare/postgresql-test?distro=almalinux-9.6

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

13.23-1.el9_6.tuxcare.els7

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.6esu/CLSA-2026-1779697425.json"

postgresql-test-rpm-macros

Package

Name: postgresql-test-rpm-macros
Purl: pkg:rpm/tuxcare/postgresql-test-rpm-macros?distro=almalinux-9.6

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

13.23-1.el9_6.tuxcare.els7

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.6esu/CLSA-2026-1779697425.json"

postgresql-upgrade

Package

Name: postgresql-upgrade
Purl: pkg:rpm/tuxcare/postgresql-upgrade?distro=almalinux-9.6

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

13.23-1.el9_6.tuxcare.els7

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.6esu/CLSA-2026-1779697425.json"

postgresql-upgrade-devel

Package

Name: postgresql-upgrade-devel
Purl: pkg:rpm/tuxcare/postgresql-upgrade-devel?distro=almalinux-9.6

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

13.23-1.el9_6.tuxcare.els7

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.6esu/CLSA-2026-1779697425.json"