27th September 2011
|
Administrator
|
|
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 4,128
|
|
PostgreSQL developers fix weakened passwords
From http://h-online.com/-1349959
Quote:
The PostgreSQL developers have released minor version updates for all active branches of their open source SQL database. Versions 9.1.1, 9.0.5, 8.4.9, 8.3.16 and 8.2.22 of PostgreSQL close a security hole which resulted in weakened passwords, and address a number of bugs found in previous versions including crashing and data-corruption issues.
According to the developers, the updates fix a vulnerability in the Blowfish encryption code used by contrib/pg_crypto that could cause encrypted passwords to be "weaker than they should be"; the same bug was recently diagnosed and fixed in PHP 5.3.7 (CVE-2011-2483).
|
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
|