-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Thu, 26 Aug 2021 14:55:09 +0200 Source: postgresql-11 Architecture: source Version: 11.13-0+deb10u1 Distribution: buster Urgency: medium Maintainer: Debian PostgreSQL Maintainers <team+postgresql@tracker.debian.org> Changed-By: Christoph Berg <myon@debian.org> Changes: postgresql-11 (11.13-0+deb10u1) buster; urgency=medium . * New upstream version. . + Fix mis-planning of repeated application of a projection step (Tom Lane) . The planner could create an incorrect plan in cases where two ProjectionPaths were stacked on top of each other. The only known way to trigger that situation involves parallel sort operations, but there may be other instances. The result would be crashes or incorrect query results. Disclosure of server memory contents is also possible. (CVE-2021-3677) . + Disallow SSL renegotiation more completely (Michael Paquier) . SSL renegotiation has been disabled for some time, but the server would still cooperate with a client-initiated renegotiation request. A maliciously crafted renegotiation request could result in a server crash (see OpenSSL issue CVE-2021-3449). Disable the feature altogether on OpenSSL versions that permit doing so, which are 1.1.0h and newer. Checksums-Sha1: 62227e4faf023ce408ec21ca3e002682297a244f 3745 postgresql-11_11.13-0+deb10u1.dsc 7c0b06bdbe2bd3d966fb7d875843f022694e9b1a 20123787 postgresql-11_11.13.orig.tar.bz2 11a2876019cc58c10f962fe891523fa6c9b53629 27736 postgresql-11_11.13-0+deb10u1.debian.tar.xz Checksums-Sha256: 75690f7914ac3fdf7a9ba32bc48ebf1eeab8c85a8338d6f32e4bdcf179c2cd83 3745 postgresql-11_11.13-0+deb10u1.dsc a0c3689ff7f565288002cbc138779d5121d74831a5e8341aea7aa86e99b6bc48 20123787 postgresql-11_11.13.orig.tar.bz2 852917a622ca0adaa00efb3302a3099222fe90f17de66c1bedd0a3e454ed8ccf 27736 postgresql-11_11.13-0+deb10u1.debian.tar.xz Files: 6994c8921b7309789815271b620193da 3745 database optional postgresql-11_11.13-0+deb10u1.dsc a2f6254597794afac144ddeec9af85f6 20123787 database optional postgresql-11_11.13.orig.tar.bz2 8ba56c307e5bf302affb3b7569a3f231 27736 database optional postgresql-11_11.13-0+deb10u1.debian.tar.xz -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEXEj+YVf0kXlZcIfGTFprqxLSp64FAmEnkn4ACgkQTFprqxLS p66jmw//a5IBsoJl8HOgCuuawkbqEmu3ptFXpLiVcSqsaHKWD3OZkL4tW9EmP6Ma z+gxp29tl8lrKtxy1csefWBOg3D3S+pNclgvYXeEe6pA1wMpINhl6NxDIdHhvofV LgtW7KcyxM6KxGS5ly4r24ON+MxfjjYY/7MN7AB2uotCn0LKkIwjC5xbMIX5fvRP fAqh/RJcpw/IMyEy7Pt5pwrTGtBKBPfxvAwowMQ3r+9BNaypZ9cd0JCvn0YqVTW4 6GNMio1vjffby6I6jRjxd0HGrRcuACv70H07pvozxxzQ/tWhkoNy/WcZV4Ii35ZE PMy2EsL2fEzDzRii6pKv0ZAyFUCmgfiL1DK9Frq+3ofG3nXT+fH7xcEGwwiCS9i+ TILQD6TNoWWBA+HtjZYr5Rk3roVCZCE4YHLFKrRv5SezqvKKm/lifd5xLz0sAmmS YlodRGDVu0onb76mFj4OWpPfH+pSWC/Zgh3qJFRUXEWk1vpC37Hd+PuyHMxKxfnn 0NmJAs83qoHQ1cipxasJTBXbLYqnYSD+iLPWyfvZPf2ve+AMM4QU5bQkvVBB1yBj +H051r1JdOJR43xE2X0MFIZbdiIjg3KzaVtSHa0d+yO7wPB4VflfMj9QQNonAggx PjIc8Rq042I8cj0I25FbcD905BoIV46nsAra1io3kyTxqDBQCMg= =Y7pF -----END PGP SIGNATURE-----