-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

A new update is available for Univention Corporate Server 3.1 as
part of the extended security maintenance.
It addresses the following problem:

Program component:  postgresql-8.4
Reference:          CVE-2015-3165 CVE-2015-3166 CVE-2015-3167 CVE-2015-5288
                    CVE-2016-0773
Fixed version:      8.4_8.4.22lts6-0.28.201602291913

Several vulnerabilities have been fixed in PostgreSQL 8.4:
 * Denial of service due to double-free after authentication timeout
   (CVE-2015-3165)
 * Information disclosure due to missing checks of return codes from
   the standard library (CVE-2015-3166)
 * Inconsistent error messages from contrib/pgcrypto (CVE-2015-3167)
 * Fix rare failure to invalidate relation cache init file (No CVE)
 * attackers may cause denial of service (server crash) or read arbitrary
   server memory via "too-short" crypt salts (CVE-2015-5288)
 * Denial of service and potential execution of arbitrary code due to buffer
   overrun in PL/Java regular expression processing (CVE-2016-0773)

- --
Univention GmbH
be open.
Mary-Somerville-Str.1
28359 Bremen
Tel. : +49 421 22232-0
Fax  : +49 421 22232-99

<info@univention.de>
http://www.univention.de/

Geschäftsführer: Peter H. Ganten
HRB 20755 Amtsgericht Bremen
Steuer-Nr.: 71-597-02876
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQIcBAEBAgAGBQJW1JNQAAoJEC07aMN37ihbI7oP/jIzIIsyCmqY2GbRoos+nvN1
D16ZUG2cPcOUAs6J17pUyB3m40vo0xgpYSPvAmspVjjVmGaVr52hDG8f2YiroehJ
gZuY4uRCQ+9a9TKJHHSnlFGdPY2u382NXRT4aGRmPh9VuBlNUE6OF/OaBOYEXFc6
FAf/11ZKTyX+s+3UGJEtPMetc8Ax+kNMVGOA59uIGAdZIs05onRpgbnwGvnom1DY
HPfxFNdY5f1U38AvSPeFvflP+QqwdMLy+87P9RlLbZyWlxXLE8Q9IPNgux63vWUL
uJePGip7+B2SyQaYlRTokq7cqVEaUyXRZQoLEkjkJYRUnwjOn15HSGJDLRSTsRYH
WLaBMKmFm1DjsazzNR5BVZdli89nDxSSSwOmGxzDrzMPuTqrwZZQqrXylF5TUGma
AsnbNMTg7rGRXf1drKy29U92CumsCjcz4etB0e/JrFTlDvUr18OmV3j5BlHeKX1L
O9Kjdklz2WooQwu2/EHZTGyjscHkmfR60jIENiRQnwvos9Uuh9rUaQfBT0+PcTWd
R3Lh6s5HFBdyQZ62DdSI38/3tTuK6Z3+2K9eYB0oWhYssy9MCMRzw+9uvRtbZpxB
BanoQZmHR5CInVBWDpQMROZ9wZFsmZbptImzcHBUPqPolvBnUN0/g+GFGIXHzpZX
OmM5GZU2JPuu3iAnDEUk
=RMbB
-----END PGP SIGNATURE-----