Mandriva Linux Security Advisory : postgresql (MDVSA-2011:161)
Medium Nessus Plugin ID 56627
The remote Mandriva Linux host is missing one or more security updates.
A vulnerability was discovered and corrected in postgresql : contrib/pg_crypto's blowfish encryption code could give wrong results on platforms where char is signed (which is most), leading to encrypted passwords being weaker than they should be (CVE-2011-2483). Additionally corrected ossp-uuid packages as well as corrected support in postgresql 9.0.x are being provided for Mandriva Linux 2011. This update provides a solution to this vulnerability.