Is PostgreSQL v12 out of support ?
Despite redhat has extended support until 2029, we are verifying that the latest security bugs are not reported and the latest available version is from December 2024 in the AlmaLinux repository
Red Hat Enterprise Linux Application Streams Life Cycle - Red Hat Customer Portal shows that the PostgreSQL v12 is in “RHEL 8 Full Life Application Streams Release Life Cycle”
which means that it gets the “Full Support” and “Maintenance Support” Phases described in Red Hat Enterprise Linux Life Cycle - Red Hat Customer Portal
The RHEL 8 is already in Maintenance Support Phase, i.e. receives only " Critical and Important impact" bug fixes.
You can go to Security Updates see what CVE Red Hat lists.
From there you can get to CVE’s page, like cve-details which describes CVE-2025-1094, suggests mitigations, and notes:
| Product | Component | State |
|---|---|---|
| Red Hat Enterprise Linux 8 | libpq | Fixed |
| Red Hat Enterprise Linux 8 | postgresql:12/postgresql | Not affected |
AlmaLinux 8 has libpq version 13.20-1.el8_10, the same version as Red Hat released for RHEL 8 in 2025-02-20. The lastest entries in its changelog:
# dnf -q rq --changelog libpq-13.20-1.el8_10.x86_64
Changelog for libpq-13.20-1.el8_10.x86_64
* Tue Feb 18 2025 Ales Nezbeda <anezbeda@redhat.com> - 13.20-1
- Update to 13.20
* Wed Jun 21 2023 Masahiro Matsuya <mmatsuya@redhat.com> - 13.11-1
- Rebase to 13.11
Resolves: #2171369
In other words, Red Hat says that the overall postgresql:12 is not affected by CVE-2025-1094 and AlmaLinux 8 has updated the related libpg during last week.
Now you have to check your list of CVEs.