+ Make the server reject extraneous data after an SSL or GSS
encryption handshake
CVE-2021-23214
+ Make libpq reject extraneous data after an SSL or GSS
encryption handshake
CVE-2021-23222
+ A dump/restore is not required for those running 13.X.
+ However, note that installations using physical replication should
update standby servers before the primary server, details in the
release notes linked below.
+ Also, several bugs have been found that may have resulted in corrupted
indexes, explained in detail in the release notes linked below. If any
of those cases apply to you, it's recommended to reindex
possibly-affected indexes after updating.
+ Also, if you are upgrading from a version earlier than 13.2,
see those release notes as well please.
This bug was fixed in the package postgresql-13 - 13.5-0ubuntu0. 21.10.1
--------------- 21.10.1) impish-security; urgency=medium
postgresql-13 (13.5-0ubuntu0.
* New upstream version (LP: #1950268).
+ Make the server reject extraneous data after an SSL or GSS 2021-23214
encryption handshake
CVE-
+ Make libpq reject extraneous data after an SSL or GSS 2021-23222
encryption handshake
CVE-
+ A dump/restore is not required for those running 13.X.
+ However, note that installations using physical replication should
update standby servers before the primary server, details in the
release notes linked below.
+ Also, several bugs have been found that may have resulted in corrupted affected indexes after updating.
indexes, explained in detail in the release notes linked below. If any
of those cases apply to you, it's recommended to reindex
possibly-
+ Also, if you are upgrading from a version earlier than 13.2,
see those release notes as well please.
+ Details about these and many further changes can be found at: /www.postgresql .org/docs/ 13/release- 13-5.html
https:/
-- Christian Ehrhardt <email address hidden> Tue, 09 Nov 2021 09:46:55 +0100