Marko Kreen <markokr@gmail.com> writes:
> There is a signedness bug in Openwall gen_salt code that
> pgcrypto uses. This makes the salt space for md5 and xdes
> algorithms a lot smaller.
> Salts for blowfish and standard des are unaffected.
> Attached is upstream fix for it. This applies all the
> way from 7.2 to 8.1 and HEAD. Please apply this to all
> active branches.
Applied back to 7.3 ... we are not maintaining 7.2 anymore.
regards, tom lane