-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

A new update is available for Univention Corporate Server 3.1 as
part of the extended security maintenance.
It addresses the following problem:

Program component:  postgresql-8.4
Reference:          CVE-2015-3165 CVE-2015-3166 CVE-2015-3167 CVE-2015-5288
                    CVE-2016-0773
Fixed version:      8.4.22lts6-0.28.201602291913

Several vulnerabilities have been fixed in PostgreSQL 8.4:
 * Denial of service due to double-free after authentication timeout
   (CVE-2015-3165)
 * Information disclosure due to missing checks of return codes from
   the standard library (CVE-2015-3166)
 * Inconsistent error messages from contrib/pgcrypto (CVE-2015-3167)
 * Fix rare failure to invalidate relation cache init file (No CVE)
 * attackers may cause denial of service (server crash) or read arbitrary
   server memory via "too-short" crypt salts (CVE-2015-5288)
 * Denial of service and potential execution of arbitrary code due to buffer
   overrun in PL/Java regular expression processing (CVE-2016-0773)

- --
Univention GmbH
be open.
Mary-Somerville-Str.1
28359 Bremen
Tel. : +49 421 22232-0
Fax  : +49 421 22232-99

<info@univention.de>
http://www.univention.de/

Geschäftsführer: Peter H. Ganten
HRB 20755 Amtsgericht Bremen
Steuer-Nr.: 71-597-02876
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQIcBAEBAgAGBQJW8ZRlAAoJEC07aMN37ihbmUAQAJQRpFMMYpFvQ7W4hobTN8Jb
OjsnU9C3ej5dCtuagCDp/3FZ4Q0hINyaRbjGPIs3v8KBYFX2O3zWVFiyjCarl6cE
c9d7WxZg9t2cbNB1nxXZc6k2/y8PX8H6oQAitpricc4YE3Us+HjimL5FgdjHnjcL
sb4mbWbJOh7A7Uu9yY1DIqc9YC/JX0EBS01zY2tEKJYMzNxjJrpbfREIP2yfwxAw
SzuvVQ+VhCTQ0pzs/2/LLhg0eYWni2uoj10tB1nGznpxU2ALYlRE8MH8Crnlq/Ye
bE0yOxLyoUz85ca3DU17Ym8WiGVam00VtQyVWEGDnZBExa4HtmX1rAMF+IcAWS6e
nZvz0QNSZSIGXfsO89YqP4+lTk2lN1FL64ApNac1SUlhyoFoc7Q3lIu5mBMQC4G/
DGc0iSBYZNa97s7YoCXtorYBRGCkFcITWqlZD9r3FB7RzzeBoRbeIJH+dj8dMsQM
uHqm6ElZMpFER90LTp9uHEFU02kb9qVMGiXa9lTzPfFMBpQ3EyGJ7zh7b0duWWSL
rIXyU4zyXiBQ3olUkR3dFUJWb5Us816v8RN4pyyO8BQ+Gj8/9UXjfrSVsq6p1tnn
MgxqeHoCcUAgAu8f8U0W5ExzsY+nNuaIg0+lwKPYHEXiXktqBjfpLqfKeJOU1abc
4utGL6P2kizosuGxiabE
=rOCS
-----END PGP SIGNATURE-----