Univention Bugzilla – Bug 53722
postgresql-9.6: Multiple issues (4.4)
Last modified: 2021-09-01 17:39:20 CEST
New Debian postgresql-9.6 9.6.23-0+deb9u1 fixes: This update addresses the following issue: * Disallow SSL renegotiation more completely; SSL renegotiation has been disabled for some time, but the server would still cooperate with a client-initiated renegotiation request. A maliciously crafted renegotiation request could result in a server crash (see OpenSSL issue CVE-2021-3449). Disable the feature altogether on OpenSSL versions that permit doing so.
--- mirror/ftp/4.4/unmaintained/component/4.4-8-errata/source/postgresql-9.6_9.6.22-0+deb9u1.dsc +++ apt/ucs_4.4-0-errata4.4-8/source/postgresql-9.6_9.6.23-0+deb9u1.dsc @@ -1,3 +1,15 @@ +9.6.23-0+deb9u1 [Thu, 26 Aug 2021 15:14:41 +0200] Christoph Berg <myon@debian.org>: + + * New upstream version. + + + Disallow SSL renegotiation more completely (Michael Paquier) + + SSL renegotiation has been disabled for some time, but the server would + still cooperate with a client-initiated renegotiation request. A + maliciously crafted renegotiation request could result in a server crash + (see OpenSSL issue CVE-2021-3449). Disable the feature altogether on + OpenSSL versions that permit doing so, which are 1.1.0h and newer. + 9.6.22-0+deb9u1 [Wed, 12 May 2021 16:53:28 +0200] Christoph Berg <myon@debian.org>: * New upstream version. <http://piuparts.knut.univention.de/4.4-8/#9150970183650380626>
OK: yaml OK: announce_errata OK: patch OK: piuparts [4.4-8] 701f37106d Bug #53722: postgresql-9.6_9.6.23-0+deb9u1 doc/errata/staging/postgresql-9.6.yaml | 16 ++++++++++++++++ 1 file changed, 16 insertions(+)
<https://errata.software-univention.de/#/?erratum=4.4x1038>