postgresql-7.4 postgresql-8.1 postgresql-8.3 - various problems

Several vulnerabilities have been discovered in PostgreSQL, an SQL
database system. The Common Vulnerabilities and Exposures project
identifies the following problems:

• CVE-2009-3229
  Authenticated users can shut down the backend server by re-LOAD-ing
  libraries in $libdir/plugins, if any libraries are present there.
  (The old stable distribution (etch) is not affected by this issue.)
• CVE-2009-3230
  Authenticated non-superusers can gain database superuser privileges if
  they can create functions and tables due to incorrect execution of
  functions in functional indexes.
• CVE-2009-3231
  If PostgreSQL is configured with LDAP authentication, and the LDAP
  configuration allows anonymous binds, it is possible for a user to
  authenticate themselves with an empty password. (The old stable
  distribution (etch) is not affected by this issue.)

In addition, this update contains reliability improvements which do
not target security issues.

For the old stable distribution (etch), these problems have been fixed
in version 7.4.26-0etch1 of the postgresql-7.4 source package, and
version 8.1.18-0etch1 of the postgresql-8.1 source package.

For the stable distribution (lenny), these problems have been fixed in
version 8.3.8-0lenny1 of the postgresql-8.3 source package.

For the unstable distribution (sid), these problems have been fixed in
version 8.3.8-1 of the postgresql-8.3 source package, and version
8.4.1-1 of the postgresql-8.4 source package.

We recommend that you upgrade your PostgreSQL packages.