Errata overview
Errata ID 407
Date 2016-03-02
Source package postgresql-8.4
Fixed in version 8.4.22lts6-0.29.201602291915
This update for postgresql-8.4 fixes the following issues:
* attackers may cause denial of service (server crash) or read arbitrary
  server memory via "too-short" crypt salts (CVE-2015-5288)
* Denial of service and potential execution of arbitrary code due to buffer
  overrun in PL/Java regular expression processing (CVE-2016-0773)
Additional notes
CVE ID CVE-2015-5288
UCS Bug number #40358