When using PostgreSQL JDBC driver version 8.1 to connect to a PostgreSQL version 9.1 database, escaping of JDBC statement parameters does not work and SQL injection attacks are possible.
1745a36b3e8e23890664179075c87cf4ff3302fde57710cdcfc3479a3344c65a