PostgreSQL Project Releases Multiple Updates
The PostgreSQL Global Development Group has released updates for several supported versions of the open-source database. The new point releases include 18.2, 17.8, 16.12, 15.16, and 14.21. The updates focus on improving the reliability, robustness, and performance of the database system.
- This cumulative update fixes over 65 bugs and resolves 5 security vulnerabilities reported over the last several months. - The security patches address several high-severity issues, including remote code execution vulnerabilities in the `intarray` and `pgcrypto` extensions. - One specific vulnerability patched, CVE-2026-2003, affected versions 14 through 18 and could allow a database user to disclose a few bytes of server memory. - These types of "point" or "minor" releases occur at least every three months and do not require users to perform a full dump and reload of their database to apply the update. - A notable bug fix corrects inconsistent case-insensitive text matching in the `ltree` extension; users with indexes on an `ltree` column may need to reindex them after updating. - Each major PostgreSQL version receives support for five years; the end-of-life date for the oldest version updated, 14.x, is scheduled for November 2026. - Other fixes in the updates address incorrect handling of incremental backups for tables larger than 1GB and several issues with logical replication slots.
