doc: adjust PG 11 release notes

Fixes for channel binding, SQL procedures, and pg_trgm.

Backpatch-through: 11

doc/src/sgml/release-11.sgml

@@ -1942,7 +1942,7 @@ same commits as above
 -->
 
        <para>
-        Add SQL procedures, which can start and commit their own
+        Add SQL-level procedures, which can start and commit their own
         transactions (Peter Eisentraut)
        </para>
 
@@ -2685,15 +2685,10 @@ same commits as above
        </para>
 
        <para>
-        While <acronym>SCRAM</acronym> always prevents the
+        <acronym>SCRAM</acronym> cannot prevent man-in-the-middle attacks
-        replay of transmitted hashed passwords in a later session,
+        unless it can be forced.  Unfortunately, there is no way to do
-        <acronym>SCRAM</acronym> with channel binding can also prevent
+        this in libpq.  This is expected in future versions of libpq
-        man-in-the-middle attacks.  However, since there is no way
+        and in interfaces not built using libpq, e.g. JDBC.
-        to <emphasis>force</emphasis> channel binding in libpq,
-        the feature currently does not prevent man-in-the-middle
-        attacks when using libpq and interfaces built using it.  It is
-        expected that future versions of libpq and interfaces not built
-        using libpq, e.g. JDBC, will allow this capability.
        </para>
       </listitem>