Updates were recently released for all active branches of the PostgreSQL open source database.

"Versions 9.1.1, 9.0.5, 8.4.9, 8.3.16 and 8.2.22 of PostgreSQL close a security hole which resulted in weakened passwords, and address a number of bugs found in previous versions including crashing and data-corruption issues," The H Security reports.

"According to the developers, the updates fix a vulnerability in the Blowfish encryption code used by contrib/pg_crypto that could cause encrypted passwords to be 'weaker than they should be;' the same bug was recently diagnosed and fixed in PHP 5.3.7 (CVE-2011-2483)," the article states.


Go to "PostgreSQL developers fix weakened passwords" to read the details.

For regular security news updates, follow eSecurityPlanet on Twitter: @eSecurityP.