-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5006-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
November 11, 2021                     https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : postgresql-11
CVE ID         : CVE-2021-23214 CVE-2021-23222

Jacob Champion discovered two vulnerabilities in the PostgreSQL database
system, which could result in man-in-the-middle attacks.

For the oldstable distribution (buster), these problems have been fixed
in version 11.14-0+deb10u1.

We recommend that you upgrade your postgresql-11 packages.

For the detailed security status of postgresql-11 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/postgresql-11

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmGNja0ACgkQEMKTtsN8
TjYvrxAArRObZnhACrpObYmZm++FntMdpAaWkCoCQ2m1np4tWdEAMDHY7k/YuqTM
K3OMD+qkBntuN9C9PvOQu/5YzGjwWxNkvXbyhmxzaxdFKsdJRYs+HFgjPmFcnM0g
I/5oLdqboNtGeGHLv73LR7Q8xMtZjudCdLu4d70w7ND4u2dj2QuJN6vFMKvFkpmy
nNi8fI+9i4plq3Qyz/CACF67/2lPF8B9zrOdSf5MFeX6i9ojPNaNviLs+HjTMVq9
Chpa1g3Mj0VUr+OPssZAcKXIC8U/FBpAh7pby6eJJYQ23P3MzABF8vkFxlZTAqmS
19RIHJzPWc5PLroWVSxpuzUGNQSYuPSSz3sPKP6G+euJAnqoxeigs430xmEPnTTy
idkeB+iBw3JR7NXe/nmt5uiNAO0C178CUWbI1dg2+5ExrNyjRE+eTnAwiNL4cBu3
igVtiS17ypIC8Zq0D4O0fEG9edIKRdA6MoEPLf5/iaQnswbS7wPb4c3mQppwI2XL
HJPqAdcewP94jtv9idraI7osuiFOoNrpcABxCjJdXxqaCFgI4Tzot/+/j1O+U/dT
XOltuOsTgwhSKzbLRNwtr4PPa8ICbwLAZvStBK8YM3jOHNtJPQOwwmOQE2N5knUy
KF+TSQMBbo39cdbk0gVmwVg0+Pbw1PQsqYjmEM0MoHAEGCCcpWo=
=M3rQ
-----END PGP SIGNATURE-----