PostgreSQL has released security updates for versions 14 through 18, addressing eleven vulnerabilities, including memory corruption and SQL injection flaws. Database operators can apply these updates without the need for dumping and reloading their databases, simply by replacing the binaries and restarting the service. It is crucial for users of version 14 to plan an upgrade soon, as official support will end in November 2026, leaving them vulnerable to unpatched issues. Additionally, the updates improve query planning and timezone handling, which could enhance performance and prevent unexpected behavior during maintenance

PostgreSQL 18.4, 17.10, 16.14, 15.18, and 14.23 released

The PostgreSQL team just dropped mandatory security updates for versions fourteen through eighteen, patching eleven vulnerabilities that range from memory corruption flaws to SQL injection holes in replication commands. Database operators can skip the usual dump and reload dance since these minor releases are fully cumulative and only require swapping out the binaries before restarting the service. Several of the fixed bugs quietly break query planning edge cases and timezone handling, so applying this patch now prevents nasty surprises during routine maintenance windows. Anyone still running version fourteen should start planning an upgrade immediately since official support ends next November and leaving that legacy build online is just asking for trouble.

PostgreSQL 18.4, 17.10, 16.14, 15.18, and 14.23 released @ Linux Compatible