[J65nko]

From http://h-online.com/-1349959

Quote:

The PostgreSQL developers have released minor version updates for all active branches of their open source SQL database. Versions 9.1.1, 9.0.5, 8.4.9, 8.3.16 and 8.2.22 of PostgreSQL close a security hole which resulted in weakened passwords, and address a number of bugs found in previous versions including crashing and data-corruption issues.

According to the developers, the updates fix a vulnerability in the Blowfish encryption code used by contrib/pg_crypto that could cause encrypted passwords to be "weaker than they should be"; the same bug was recently diagnosed and fixed in PHP 5.3.7 (CVE-2011-2483).