1. Forum
  2. Usenet
  3. LINUX.DEBIAN.CHANGES

  • Accepted postgresql-13 13.4-0+deb11u1 (source) into proposed-updates->s

    From Debian FTP Masters@21:1/5 to All on Thu Sep 2 23:20:01 2021
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA256

    Format: 1.8
    Date: Tue, 18 May 2021 13:56:18 +0200
    Source: postgresql-13
    Architecture: source
    Version: 13.4-0+deb11u1
    Distribution: bullseye
    Urgency: medium
    Maintainer: Debian PostgreSQL Maintainers <team+postgresql@tracker.debian.org> Changed-By: Christoph Berg <myon@debian.org>
    Changes:
    postgresql-13 (13.4-0+deb11u1) bullseye; urgency=medium
    .
    * New upstream version.
    .
    + Fix mis-planning of repeated application of a projection step (Tom Lane)
    .
    The planner could create an incorrect plan in cases where two
    ProjectionPaths were stacked on top of each other. The only known way
    to trigger that situation involves parallel sort operations, but there
    may be other instances. The result would be crashes or incorrect query
    results. Disclosure of server memory contents is also possible.
    (CVE-2021-3677)
    .
    + Disallow SSL renegotiation more completely (Michael Paquier)
    .
    SSL renegotiation has been disabled for some time, but the server would
    still cooperate with a client-initiated renegotiation request. A
    maliciously crafted renegotiation request could result in a server crash
    (see OpenSSL issue CVE-2021-3449). Disable the feature altogether on
    OpenSSL versions that permit doing so, which are 1.1.0h and newer. Checksums-Sha1:
    b71588ada90c6fd3db65ec7b0fe308ed1b72062b 3696 postgresql-13_13.4-0+deb11u1.dsc
    92146ec62ad80e8f5d2959b5cc1766311dc00d64 21157443 postgresql-13_13.4.orig.tar.bz2
    8e9ba686ef5d19ab693c61ae5d44bcb1643060c9 28456 postgresql-13_13.4-0+deb11u1.debian.tar.xz
    Checksums-Sha256:
    440cc5263f7f062584dc758a58363dd7c2c1211df094c8ba2f37de371e04a6c4 3696 postgresql-13_13.4-0+deb11u1.dsc
    ea93e10390245f1ce461a54eb5f99a48d8cabd3a08ce4d652ec2169a357bc0cd 21157443 postgresql-13_13.4.orig.tar.bz2
    518be156f909221ac92ca04b527675d39621a88472a51ad7462f66ae43f688ff 28456 postgresql-13_13.4-0+deb11u1.debian.tar.xz
    Files:
    ea28c3b2ee37d8d0979adca39ce0e0da 3696 database optional postgresql-13_13.4-0+deb11u1.dsc
    7bda65a37c46b8b2c1933d9d1cd677f2 21157443 database optional postgresql-13_13.4.orig.tar.bz2
    89ce70c5304ff690d1edfd1782b7785c 28456 database optional postgresql-13_13.4-0+deb11u1.debian.tar.xz

    -----BEGIN PGP SIGNATURE-----

    iQIzBAEBCAAdFiEEXEj+YVf0kXlZcIfGTFprqxLSp64FAmEaL4kACgkQTFprqxLS p64xtxAAjs7nrAo0rQHwz/Co8N/rbbuZhH7mvWgfaWOqn9BgKkpYFHK0Ro3VMTOx uhJUam10cCfW8fbx5xGAcVtep+zF4U190tW6OP9y6CyCDASxOK/zXMknaloQ3RpM lBIXsE+a0s05nI0KLkYM9XRd+gImn+qYMT14c+/e2xkp/mQtVHzE8EJenz7CMzTA bMqGXHfBuSukpgR9jm9CpOqFE1VoGHchZbCXde45s8QD5CmRWmZJgphi1DE3JzO9 MvlhOAK8DkDJMyDNGFGc7tUUCVX31yRpjJmjpB5/P1S1qFJUzS9Hm4/o+ipZ+v/q HZpfw17xDuJkf2jdJYlU9bP1Z/YNBcAHAckxF7o0OLNzQ9lXvBmrXX5wppKVfB1j Fg+H419yoyEJwe8x3zazgaUAvghenrnwVsTvGhCIiJ1tJjs8QzHqJsqel4yH9M+j bjE7eCFD+zYTMTILnTLGn/imZKktpx+EygiI4EY5985R7niAx4iSkWK2zseQZQqa pThri99Rjomi1uAqtcFr1BmsdgKAA5BS7CwE/uWMuO6xZoFz5lWMuLaTFxEFsdJD pMbkiC6yyTJhonfV++RzUI2Qf7nH7uy6q5TcqVXeSydFJ9s3Mryx7Jj8Op9MAKSa 6v9bkfHKfcWnNEE9IjK+Z2V404LtFUrkCmJDEcK02GB3/sEJWbo=
    =212l
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)