A minor security issue (CVE-2012-2143) has been found in code that
Postgres shares with several other projects. After some discussion it
was decided that the issue is not of enough severity to justify exactly
coordinated security releases, which would be quite difficult anyway
given the projects' disparate release procedures. The plan that's been
settled on is that the other projects will publish their fixes this
Wednesday (May 30). Once the issue is public, we will commit the
corresponding fix to our git repository, and then move forward with our
usual over-the-weekend release process to produce security updates on
Monday June 4.
Accordingly, expect to see back-branch release activity this week.
regards, tom lane