diff --git a/CHANGELOG.md b/CHANGELOG.md
index 18073dac594..35029406acc 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,24 +4,46 @@
 `psql` with the `-X` flag to prevent any `.psqlrc` commands from
 accidentally triggering the load of a previous DB version.**
 
-## Latest
+## Unreleased
+
+**Minor features**
+* #2736 Support adding columns to hypertables with compression enabled
+
+## 2.0.1 (2021-01-28)
+
+This maintenance release contains bugfixes since the 2.0.0 release.
+We deem it high priority for upgrading.
+
+In particular the fixes contained in this maintenance release address
+issues in continuous aggregates, compression, JOINs with hypertables
+and when upgrading from previous versions.
 
 **Bugfixes**
+* #2772 Always validate existing database and extension
+* #2780 Fix config enum entries for remote data fetcher
+* #2806 Add check for dropped chunk on update
+* #2828 Improve cagg watermark caching
+* #2838 Fix catalog repair in update script
 * #2842 Do not mark job as started when setting next_start field
 * #2845 Fix continuous aggregate privileges during upgrade
 * #2851 Fix nested loop joins that involve compressed chunks
+* #2860 Fix projection in ChunkAppend nodes
+* #2861 Remove compression stat update from update script
 * #2865 Apply volatile function quals at decompresschunk node
 * #2866 Avoid partitionwise planning of partialize_agg
 * #2868 Fix corruption in gapfill plan
-
-**Minor features**
-* #2736 Support adding columns to hypertables with compression enabled
+* #2874 Fix partitionwise agg crash due to uninitialized memory
 
 **Thanks**
+* @alex88 for reporting an issue with joined hypertables
+* @brian-from-quantrocket for reporting an issue with extension update and dropped chunks
+* @dhodyn for reporting an issue when joining compressed chunks
+* @markatosi for reporting a segfault with partitionwise aggregates enabled
+* @PhilippJust for reporting an issue with add_job and initial_start
+* @sgorsh for reporting an issue when using pgAdmin on windows
 * @WarriorOfWire for reporting the bug with gapfill queries not being
   able to find pathkey item to sort
 
-
 ## 2.0.0 (2020-12-18)
 
 With this release, we are officially moving TimescaleDB 2.0 to GA, 
diff --git a/sql/CMakeLists.txt b/sql/CMakeLists.txt
index 6fc579f57ff..098b1e19bcf 100644
--- a/sql/CMakeLists.txt
+++ b/sql/CMakeLists.txt
@@ -103,6 +103,7 @@ set(MOD_FILES
   updates/2.0.0-rc2--2.0.0-rc3.sql
   updates/2.0.0-rc3--2.0.0-rc4.sql
   updates/2.0.0-rc4--2.0.0.sql
+  updates/2.0.0--2.0.1.sql
 )
 
 set(MODULE_PATHNAME "$libdir/timescaledb-${PROJECT_VERSION_MOD}")
diff --git a/sql/updates/2.0.0--2.0.1.sql b/sql/updates/2.0.0--2.0.1.sql
new file mode 100644
index 00000000000..e3953f50d48
--- /dev/null
+++ b/sql/updates/2.0.0--2.0.1.sql
@@ -0,0 +1,38 @@
+-- For continuous aggregates: Copy ACL privileges (grants) from the
+-- query view (user-facing object) to the internal objects (e.g.,
+-- materialized hypertable, direct, and partial views). We want to
+-- maintain the abstraction that a continuous aggregates is similar to
+-- a materialized view (which is one object), so privileges on the
+-- user-facing object should apply also to the internal objects that
+-- implement the continuous aggregate. Having the right permissions on
+-- internal objects is necessary for the watermark function used by
+-- real-time aggregation since it queries the materialized hypertable
+-- directly.
+
+WITH rels_and_acl AS (
+    -- For each cagg, collect an array of all relations (including
+    -- chunks) to copy the ACL to
+    SELECT array_cat(ARRAY[format('%I.%I', h.schema_name, h.table_name)::regclass,
+	                       format('%I.%I', direct_view_schema, direct_view_name)::regclass,
+                           format('%I.%I', partial_view_schema, partial_view_name)::regclass],
+                     (SELECT array_agg(inhrelid::regclass)
+                      FROM pg_inherits
+                      WHERE inhparent = format('%I.%I', h.schema_name, h.table_name)::regclass)) AS relarr,
+           relacl AS user_view_acl
+    FROM _timescaledb_catalog.continuous_agg ca
+    LEFT JOIN pg_class cl
+    ON (cl.oid = format('%I.%I', user_view_schema, user_view_name)::regclass)
+    LEFT JOIN _timescaledb_catalog.hypertable h
+    ON (ca.mat_hypertable_id = h.id)
+    WHERE relacl IS NOT NULL
+)
+-- Set the ACL on all internal cagg relations, including
+-- chunks. Note that we cannot use GRANT statements because
+-- such statements are recorded as privileges on extension
+-- objects when run in an update script. The result is that
+-- the privileges will become init privileges, which will then
+-- be ignored by, e.g., pg_dump.
+UPDATE pg_class
+SET relacl = user_view_acl
+FROM rels_and_acl
+WHERE oid = ANY (relarr);
diff --git a/sql/updates/latest-dev.sql b/sql/updates/latest-dev.sql
index e3953f50d48..e69de29bb2d 100644
--- a/sql/updates/latest-dev.sql
+++ b/sql/updates/latest-dev.sql
@@ -1,38 +0,0 @@
--- For continuous aggregates: Copy ACL privileges (grants) from the
--- query view (user-facing object) to the internal objects (e.g.,
--- materialized hypertable, direct, and partial views). We want to
--- maintain the abstraction that a continuous aggregates is similar to
--- a materialized view (which is one object), so privileges on the
--- user-facing object should apply also to the internal objects that
--- implement the continuous aggregate. Having the right permissions on
--- internal objects is necessary for the watermark function used by
--- real-time aggregation since it queries the materialized hypertable
--- directly.
-
-WITH rels_and_acl AS (
-    -- For each cagg, collect an array of all relations (including
-    -- chunks) to copy the ACL to
-    SELECT array_cat(ARRAY[format('%I.%I', h.schema_name, h.table_name)::regclass,
-	                       format('%I.%I', direct_view_schema, direct_view_name)::regclass,
-                           format('%I.%I', partial_view_schema, partial_view_name)::regclass],
-                     (SELECT array_agg(inhrelid::regclass)
-                      FROM pg_inherits
-                      WHERE inhparent = format('%I.%I', h.schema_name, h.table_name)::regclass)) AS relarr,
-           relacl AS user_view_acl
-    FROM _timescaledb_catalog.continuous_agg ca
-    LEFT JOIN pg_class cl
-    ON (cl.oid = format('%I.%I', user_view_schema, user_view_name)::regclass)
-    LEFT JOIN _timescaledb_catalog.hypertable h
-    ON (ca.mat_hypertable_id = h.id)
-    WHERE relacl IS NOT NULL
-)
--- Set the ACL on all internal cagg relations, including
--- chunks. Note that we cannot use GRANT statements because
--- such statements are recorded as privileges on extension
--- objects when run in an update script. The result is that
--- the privileges will become init privileges, which will then
--- be ignored by, e.g., pg_dump.
-UPDATE pg_class
-SET relacl = user_view_acl
-FROM rels_and_acl
-WHERE oid = ANY (relarr);
diff --git a/version.config b/version.config
index d2530b2c61c..894c0592e2a 100644
--- a/version.config
+++ b/version.config
@@ -1,2 +1,2 @@
 version = 2.1.0-dev
-update_from_version = 2.0.0
+update_from_version = 2.0.1