OSSEVA FOR POSTGRESQL
Your Postgres version is EOL. Your data isn't going anywhere.
OSSeva ships CVE patches for PostgreSQL 11, 12, and 13 past their community end-of-life dates — with migration planning, configuration audits, and audit-ready compliance documentation.
Why now
PostgreSQL 11 EOL: November 2023
PostgreSQL 11 passed community EOL in November 2023. 12 follows in November 2024, 13 in November 2025. Unpatched CVEs in your primary datastore are a direct compliance failure.
Migration is costly and risky
Major-version Postgres migrations touch every application query. A rushed migration introduces regression risk. OSSeva gives you time to do the migration right while keeping your current version patched.
Oracle exit customers need a landing zone
Enterprises migrating off Oracle Database frequently land on PostgreSQL. Those migrations take 12–24 months. OSSeva supports the Postgres version you landed on while your team finishes the migration.
Versions covered
All versions below receive active CVE patches from OSSeva. Version numbers in monospace are exact release identifiers.
| Version | Status | Active CVEs |
|---|---|---|
| 11.x | Extended | Clean |
| 12.x | Extended | Clean |
| 13.x | Extended | Clean |
| 14.x | Current | Clean |
| 15.x | Current | Clean |
| 16.x | Current | Clean |
What you get
Three tiers — pick the level of engagement that matches your team's operational needs and compliance requirements.
OSSeva Patch
CVE remediation for EOL PostgreSQL versions.
- Quarterly security patches for covered versions
- Signed packages for RPM / DEB / tarball
- Extension compatibility validation
- Vulnerability disclosure notifications
- Migration planning
OSSeva Assure
Patches plus migration roadmap and compliance documentation.
- Everything in Patch
- Major-version migration planning
- Performance and vacuum configuration audit
- Compliance attestation package
- Oracle-to-Postgres migration design
- 24/7 managed operations
OSSeva Operate
Full DBA-level managed operations for your Postgres fleet.
- Everything in Assure
- 24/7 replication and failover monitoring
- Automated VACUUM and analyze tuning
- 15-minute P1 incident response SLA
- Point-in-time recovery testing
- Quarterly capacity reviews
All tiers priced per cluster/application — not per core. Contact for pricing →
How it installs
OSSeva artifacts arrive via your existing package infrastructure. Pull the patched version the same way you pull upstream today — just from the OSSeva registry.
curl -fsSL https://packages.osseva.io/gpg | sudo gpg --dearmor -o /usr/share/keyrings/osseva.gpg
echo "deb [signed-by=/usr/share/keyrings/osseva.gpg] https://packages.osseva.io/postgresql $(lsb_release -cs) main" \
| sudo tee /etc/apt/sources.list.d/osseva-postgresql.list
sudo apt update && sudo apt install postgresql-13-ossevaCompliance library
Frequently asked questions
Do your patches include extension compatibility?↓
Yes. Each OSSeva PostgreSQL release includes validated compatibility testing against the 30 most-used Postgres extensions (PostGIS, pg_partman, pgvector, TimescaleDB, etc.).
Can you help us migrate from Oracle Database?↓
Yes — Oracle-to-Postgres migration design is included in OSSeva Assure. We scope the schema conversion, query compatibility analysis, and application-layer migration strategy.
Ready to get PostgreSQL patched and supported?
Start with a 45-minute discovery call. We confirm your version coverage, scope the engagement, and have you onboarded within your first quarter.