Comment 1 Quality Assurance 2021-10-12 17:06:31 CEST

--- mirror/ftp/pool/main/p/postgresql-11/postgresql-11_11.12-0+deb10u1.dsc
+++ apt/ucs_5.0-0-errata5.0-0/source/postgresql-11_11.13-0+deb10u1.dsc
@@ -1,3 +1,24 @@
+11.13-0+deb10u1 [Thu, 26 Aug 2021 14:55:09 +0200] Christoph Berg <myon@debian.org>:
+
+  * New upstream version.
+
+    + Fix mis-planning of repeated application of a projection step (Tom Lane)
+
+      The planner could create an incorrect plan in cases where two
+      ProjectionPaths were stacked on top of each other.  The only known way
+      to trigger that situation involves parallel sort operations, but there
+      may be other instances.  The result would be crashes or incorrect query
+      results. Disclosure of server memory contents is also possible.
+      (CVE-2021-3677)
+
+    + Disallow SSL renegotiation more completely (Michael Paquier)
+
+      SSL renegotiation has been disabled for some time, but the server would
+      still cooperate with a client-initiated renegotiation request. A
+      maliciously crafted renegotiation request could result in a server crash
+      (see OpenSSL issue CVE-2021-3449).  Disable the feature altogether on
+      OpenSSL versions that permit doing so, which are 1.1.0h and newer.
+
 11.12-0+deb10u1 [Wed, 12 May 2021 16:42:10 +0200] Christoph Berg <myon@debian.org>:
 
   * New upstream version.

<http://piuparts.knut.univention.de/5.0-0/#7146510513127146812>

Comment 2 Philipp Hahn 2021-10-13 07:17:17 CEST

OK: yaml
OK: announce_errata
OK: patch
OK: piuparts

Comment 3 Julia Bremer 2021-10-13 16:18:39 CEST

<https://errata.software-univention.de/#/?erratum=5.0x121>