Errata overview
Errata ID 329
Date 2016-11-23
Source package postgresql-9.1
Fixed in version 9.1.24-0.12.201611161707
Debian updated postgresql-9.1 to the new version 9.1.24, which addresses
a couple of stability and security issues:
* Attackers may cause denial of service (server crash) or read arbitrary
  server memory via "too-short" crypt salts (CVE-2015-5288)
* Privilege escalation vulnerability for users of PL/Java (CVE-2016-0766)
* Denial of service and potential execution of arbitrary code due to
  buffer overrun in PL/Java regular expression processing (CVE-2016-0773)
* possible mis-evaluation of nested CASE-WHEN expressions (CVE-2016-5423)
* Fix client programs' handling of special characters in database and
  role names (CVE-2016-5424)
For other changes, see:
* <>
* <>
* <>
* <>
* <>
* <>
* <>
* <>
Additional notes
CVE ID CVE-2015-5288
UCS Bug number #40717