postgresql - weak password hashing

magnum discovered that the blowfish password hashing used amongst
others in PostgreSQL contained a weakness that would give passwords
with 8 bit characters the same hash as weaker equivalents.

For the oldstable distribution (lenny), this problem has been fixed in
postgresql-8.3 version 8.3.16-0lenny1.

For the stable distribution (squeeze), this problem has been fixed in
postgresql-8.4 version 8.4.9-0squeeze1.

For the testing distribution (wheezy) and unstable distribution (sid),
this problem has been fixed in postgresql-8.4 version 8.4.9-1,
postgresql-9.0 9.0.5-1 and postgresql-9.1 9.1~rc1-1.

The updates also include reliability improvements, originally scheduled
for inclusion into the next point release; for details see the respective
changelogs.

We recommend that you upgrade your postgresql packages.