PostgreSQL Gets Security Updates
The updates close a security hole that resulted in weakened passwords.
"Versions 9.1.1, 9.0.5, 8.4.9, 8.3.16 and 8.2.22 of PostgreSQL close a security hole which resulted in weakened passwords, and address a number of bugs found in previous versions including crashing and data-corruption issues," The H Security reports.
"According to the developers, the updates fix a vulnerability in the Blowfish encryption code used by contrib/pg_crypto that could cause encrypted passwords to be 'weaker than they should be;' the same bug was recently diagnosed and fixed in PHP 5.3.7 (CVE-2011-2483)," the article states.
Go to "PostgreSQL developers fix weakened passwords" to read the details.
For regular security news updates, follow eSecurityPlanet on Twitter: @eSecurityP.