Bug#1069730: unblock: glibc/2.37-18
Package: release.debian.org Severity: normal Tags: security X-Debbugs-Cc: gl...@packages.debian.org Control: affects -1 + src:glibc User: release.debian@packages.debian.org Usertags: unblock Hi, glibc 2.37-18 fixes an import security issue (CVE-2024-2961), and it would be nice to have it in testing asap. It is currently blocked by the proftpd-dfsg autopkgtest, which fails due to the lack of libnsl-dev in the chroot, as this dependency got removed in glibc version 2.37-15.1 as part of the time_t transition. proftpd-dfsg has already been fixed by making it an explicity build-dependency, however this fixed version can't enter testing as it is entangled in the time_t transition. The glibc doesn't break proftpd-dfsg in testing, but basically breaks its buildability and thus its autopkgtest. Do you think it would be possible to allow this glibc version to enter testing by ignoring the result of the proftpd-dfsg autopkgtest? Regards Aurelien
Bug#1069191: marked as done (glibc: GLIBC-SA-2024-0004/CVE-2024-2961: ISO-2022-CN-EXT: fix out-of-bound writes when writing escape sequence)
Your message dated Tue, 23 Apr 2024 16:47:50 + with message-id and subject line Bug#1069191: fixed in glibc 2.31-13+deb11u9 has caused the Debian Bug report #1069191, regarding glibc: GLIBC-SA-2024-0004/CVE-2024-2961: ISO-2022-CN-EXT: fix out-of-bound writes when writing escape sequence to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1069191: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1069191 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: glibc Version: 2.37-17 Severity: important Tags: security upstream X-Debbugs-Cc: car...@debian.org, Debian Security Team Control: found -1 2.37-15 Control: found -1 2.36-9+deb12u5 Control: found -1 2.36-9+deb12u4 Control: found -1 2.36-9 Control: found -1 2.31-13+deb11u8 Control: found -1 2.31-13 Hi, The following vulnerability was published for glibc. CVE-2024-2961[0]: | The iconv() function in the GNU C Library versions 2.39 and older | may overflow the output buffer passed to it by up to 4 bytes when | converting strings to the ISO-2022-CN-EXT character set, which may | be used to crash an application or overwrite a neighbouring | variable. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2024-2961 https://www.cve.org/CVERecord?id=CVE-2024-2961 [1] https://www.openwall.com/lists/oss-security/2024/04/17/9 Regards, Salvatore --- End Message --- --- Begin Message --- Source: glibc Source-Version: 2.31-13+deb11u9 Done: Aurelien Jarno We believe that the bug you reported is fixed in the latest version of glibc, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1069...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Aurelien Jarno (supplier of updated glibc package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Fri, 19 Apr 2024 22:40:26 +0200 Source: glibc Architecture: source Version: 2.31-13+deb11u9 Distribution: bullseye-security Urgency: medium Maintainer: GNU Libc Maintainers Changed-By: Aurelien Jarno Closes: 1069191 Changes: glibc (2.31-13+deb11u9) bullseye-security; urgency=medium . * debian/patches/any/local-CVE-2024-2961-iso-2022-cn-ext.patch: Fix out-of-bound writes when writing escape sequence in iconv ISO-2022-CN-EXT module (CVE-2024-2961). Closes: #1069191. Checksums-Sha1: d555a20390c7fba05a2cd1f5419bf973c1e9a969 8347 glibc_2.31-13+deb11u9.dsc 60fc288d2351b8b8c2b6ad23aa1f8f65c795249c 961928 glibc_2.31-13+deb11u9.debian.tar.xz 42ef9addd34cfe89709a746373618fcea2ea8d11 9270 glibc_2.31-13+deb11u9_source.buildinfo Checksums-Sha256: d434d56ceee9b81ca36558abdf21fe95ce96dd0be5f296c4d1394a53aac3bdce 8347 glibc_2.31-13+deb11u9.dsc c57f8a2e9bfbedeb110cfe35f9aa387337464ab1233de37f520a802f828a2b97 961928 glibc_2.31-13+deb11u9.debian.tar.xz cd4f7494c0cb52b6f0d8b001cffb111b21f8d33515f43321103b41224e6b2dba 9270 glibc_2.31-13+deb11u9_source.buildinfo Files: 1380cc777ac43126bbdd4897ee61b795 8347 libs required glibc_2.31-13+deb11u9.dsc 1d4c2a4a8ac6df5fa8aa09d321aed75b 961928 libs required glibc_2.31-13+deb11u9.debian.tar.xz b5e0bcd9c0e7954c897758490d5647ad 9270 libs required glibc_2.31-13+deb11u9_source.buildinfo -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEUryGlb40+QrX1Ay4E4jA+JnoM2sFAmYi2KcACgkQE4jA+Jno M2tKbBAAiAu+/4xAq5ZQxjpEcxESNsgZomD1Wz0z17IuvkQD1+bUYAkFu/Bkxz+k hSA7COEzXSO8xEp2fmkRPrL711MR2USsDde0muZFHHYpcBQXgGJdRwSDnFJ9HE/l nGgaBHJSQyi/li8lGuGLjiRECCzLZF6pw0mAggEkULwnjN0FG7kMW39EBcZAABpX WmZacAJOozUDTYNEowx4V+lwDujMUKr6nxrtL1xUUsMnY7wcU7Kd/hOCXgcU37VO fjYQkDw5XBLCP/sDgxjAtsv5Ep4qLcsbm23SAycv00JUygyL4/OolQWSU8vSt8Bs Pdfdd1CaTSY+LdjrxtHXxFbKsNcjXI+2u2GNQ8m8jzvYEB4j2yX6dyE1zOugxOBo EOZNu13+/8Tn6XFm7gsQmo4CBju9je3CpgrWAa+XGUP3KKWe+XotmqlkEJwZDn3X XXZaGYNtb5HebmUgQhs+H56J/qpcv2Cb4CM4K7mF/e3YKzwAb53qHsisjYN+krMC QEfdEqUl9i1ip8f2z6ME8WB+92mfCg/i3YOk5NfdBS6BQWXeDAtkALyxxWRZgIsa 4vPDc0poYFTpUj6QrqbymlSnC/iKVUydrmjrok6XhxuJUrE+vcM7EK0lfChyVP17 rm8hcN2/xVHOebJFPTC9+jWr4VQHoBFND2unKHib2xH+2lkJVFg= =tfsn -END PGP SIGNATURE-
Bug#1069191: marked as done (glibc: GLIBC-SA-2024-0004/CVE-2024-2961: ISO-2022-CN-EXT: fix out-of-bound writes when writing escape sequence)
Your message dated Tue, 23 Apr 2024 16:47:08 + with message-id and subject line Bug#1069191: fixed in glibc 2.36-9+deb12u6 has caused the Debian Bug report #1069191, regarding glibc: GLIBC-SA-2024-0004/CVE-2024-2961: ISO-2022-CN-EXT: fix out-of-bound writes when writing escape sequence to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1069191: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1069191 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: glibc Version: 2.37-17 Severity: important Tags: security upstream X-Debbugs-Cc: car...@debian.org, Debian Security Team Control: found -1 2.37-15 Control: found -1 2.36-9+deb12u5 Control: found -1 2.36-9+deb12u4 Control: found -1 2.36-9 Control: found -1 2.31-13+deb11u8 Control: found -1 2.31-13 Hi, The following vulnerability was published for glibc. CVE-2024-2961[0]: | The iconv() function in the GNU C Library versions 2.39 and older | may overflow the output buffer passed to it by up to 4 bytes when | converting strings to the ISO-2022-CN-EXT character set, which may | be used to crash an application or overwrite a neighbouring | variable. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2024-2961 https://www.cve.org/CVERecord?id=CVE-2024-2961 [1] https://www.openwall.com/lists/oss-security/2024/04/17/9 Regards, Salvatore --- End Message --- --- Begin Message --- Source: glibc Source-Version: 2.36-9+deb12u6 Done: Aurelien Jarno We believe that the bug you reported is fixed in the latest version of glibc, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1069...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Aurelien Jarno (supplier of updated glibc package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Fri, 19 Apr 2024 18:34:04 +0200 Source: glibc Architecture: source Version: 2.36-9+deb12u6 Distribution: bookworm-security Urgency: medium Maintainer: GNU Libc Maintainers Changed-By: Aurelien Jarno Closes: 1069191 Changes: glibc (2.36-9+deb12u6) bookworm-security; urgency=medium . * debian/patches/any/local-CVE-2024-2961-iso-2022-cn-ext.diff: Fix out-of-bound writes when writing escape sequence in iconv ISO-2022-CN-EXT module (CVE-2024-2961). Closes: #1069191. Checksums-Sha1: 89201c9a3dc4b12a21085158cc671e65ef2cd2d2 9761 glibc_2.36-9+deb12u6.dsc ce2b34137062a0ddba922d5b34a80770737bb59c 858672 glibc_2.36-9+deb12u6.debian.tar.xz a44d3239eba25b6c7f4ce2756457d71ae0b857ac 9744 glibc_2.36-9+deb12u6_source.buildinfo Checksums-Sha256: fbd6a3b34c8019bc677c1aa3c55a7cdd2fac0f5226151d408cbf107e89002c10 9761 glibc_2.36-9+deb12u6.dsc dab8173d6a6393b50ed0737bd32ff993a3fa7bf4a837573eab8c67f1391ecb12 858672 glibc_2.36-9+deb12u6.debian.tar.xz 7ee850a9b13f43b44460b82fd59ca548b22123dd500bf942c3af4acbbb957bf6 9744 glibc_2.36-9+deb12u6_source.buildinfo Files: d98990edb6c22014e5b8c48aa43152c9 9761 libs required glibc_2.36-9+deb12u6.dsc 65d05b6e083f7e0d364a30fa0349efd9 858672 libs required glibc_2.36-9+deb12u6.debian.tar.xz 1cdb197b7714c8fd5c6e9ca7d19aa569 9744 libs required glibc_2.36-9+deb12u6_source.buildinfo -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEUryGlb40+QrX1Ay4E4jA+JnoM2sFAmYirqMACgkQE4jA+Jno M2sPNQ/+LTclWWW5JsLlpFpI1n0eCno6yzVxuU7nW31IffIRQ/eNYPqKa2iM+Wi+ q41DfI/0KV8yLdVkGiTofVK4RnFAAwN7FIzX0NBazCNlhr3cgBOR33YS8ep0bOfN EjXAS0PYsUwCB1Rf5ozKja6j0Lt8oWoodhRYayL29/WA8yf7oJru/Xaho0bVj68B lP29vRFEtNeBcG+s9iR617jlnUrbyY+1qCP5CwtRH6cBTKM6RozK8hCcNiw/BSwx S9wK+62oMNOpUJaOJLfuIygJH0nwaHzKQU+MQkQhI97ROeJJkGOhzBjAZK44CjkZ HYsizViEUO2Qjq5stTuExD6uYeLK9lcmlhwRgQVqqyQTRKoUOssQDeiNY/SyYscH 3f/HbUJ4QYQ5mlnpYrP3i7EQ2qHbzHEy6qgnmhhnoiPBr7vFQ7/CijIzt7RF78E8 B3XWTiWFuy5SCouXtEoJHhWrE2XNU/w5Ucpe+e2R23mnu5362ECGGvT+WHU2maaD TBdCwNYqw1oA5iy5XwF/FdlRqSEQk88vohl73EFPHl9HTyYiKcxlocQgRFRumv7x NFPHMxk27kGm7kXJb0FtBT7XOX+XUOjbCYRiNqWMlT/mH8bFg/Ey5KXI9TKXUjHB +fQKMYdXSn9O1waG9XFkDmz5TmrbP2+4vv9iahgXoanYnezUKCY= =p/cK -END PGP SIGNATURE- pgpJxbA8Mzw_d.pgp
glibc_2.31-13+deb11u9_source.changes ACCEPTED into oldstable-proposed-updates
Thank you for your contribution to Debian. Accepted: -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Fri, 19 Apr 2024 22:40:26 +0200 Source: glibc Architecture: source Version: 2.31-13+deb11u9 Distribution: bullseye-security Urgency: medium Maintainer: GNU Libc Maintainers Changed-By: Aurelien Jarno Closes: 1069191 Changes: glibc (2.31-13+deb11u9) bullseye-security; urgency=medium . * debian/patches/any/local-CVE-2024-2961-iso-2022-cn-ext.patch: Fix out-of-bound writes when writing escape sequence in iconv ISO-2022-CN-EXT module (CVE-2024-2961). Closes: #1069191. Checksums-Sha1: d555a20390c7fba05a2cd1f5419bf973c1e9a969 8347 glibc_2.31-13+deb11u9.dsc 60fc288d2351b8b8c2b6ad23aa1f8f65c795249c 961928 glibc_2.31-13+deb11u9.debian.tar.xz 42ef9addd34cfe89709a746373618fcea2ea8d11 9270 glibc_2.31-13+deb11u9_source.buildinfo Checksums-Sha256: d434d56ceee9b81ca36558abdf21fe95ce96dd0be5f296c4d1394a53aac3bdce 8347 glibc_2.31-13+deb11u9.dsc c57f8a2e9bfbedeb110cfe35f9aa387337464ab1233de37f520a802f828a2b97 961928 glibc_2.31-13+deb11u9.debian.tar.xz cd4f7494c0cb52b6f0d8b001cffb111b21f8d33515f43321103b41224e6b2dba 9270 glibc_2.31-13+deb11u9_source.buildinfo Files: 1380cc777ac43126bbdd4897ee61b795 8347 libs required glibc_2.31-13+deb11u9.dsc 1d4c2a4a8ac6df5fa8aa09d321aed75b 961928 libs required glibc_2.31-13+deb11u9.debian.tar.xz b5e0bcd9c0e7954c897758490d5647ad 9270 libs required glibc_2.31-13+deb11u9_source.buildinfo -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEUryGlb40+QrX1Ay4E4jA+JnoM2sFAmYi2KcACgkQE4jA+Jno M2tKbBAAiAu+/4xAq5ZQxjpEcxESNsgZomD1Wz0z17IuvkQD1+bUYAkFu/Bkxz+k hSA7COEzXSO8xEp2fmkRPrL711MR2USsDde0muZFHHYpcBQXgGJdRwSDnFJ9HE/l nGgaBHJSQyi/li8lGuGLjiRECCzLZF6pw0mAggEkULwnjN0FG7kMW39EBcZAABpX WmZacAJOozUDTYNEowx4V+lwDujMUKr6nxrtL1xUUsMnY7wcU7Kd/hOCXgcU37VO fjYQkDw5XBLCP/sDgxjAtsv5Ep4qLcsbm23SAycv00JUygyL4/OolQWSU8vSt8Bs Pdfdd1CaTSY+LdjrxtHXxFbKsNcjXI+2u2GNQ8m8jzvYEB4j2yX6dyE1zOugxOBo EOZNu13+/8Tn6XFm7gsQmo4CBju9je3CpgrWAa+XGUP3KKWe+XotmqlkEJwZDn3X XXZaGYNtb5HebmUgQhs+H56J/qpcv2Cb4CM4K7mF/e3YKzwAb53qHsisjYN+krMC QEfdEqUl9i1ip8f2z6ME8WB+92mfCg/i3YOk5NfdBS6BQWXeDAtkALyxxWRZgIsa 4vPDc0poYFTpUj6QrqbymlSnC/iKVUydrmjrok6XhxuJUrE+vcM7EK0lfChyVP17 rm8hcN2/xVHOebJFPTC9+jWr4VQHoBFND2unKHib2xH+2lkJVFg= =tfsn -END PGP SIGNATURE- pgpJoUXEEWej8.pgp Description: PGP signature
glibc_2.36-9+deb12u6_source.changes ACCEPTED into proposed-updates
Thank you for your contribution to Debian. Accepted: -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Fri, 19 Apr 2024 18:34:04 +0200 Source: glibc Architecture: source Version: 2.36-9+deb12u6 Distribution: bookworm-security Urgency: medium Maintainer: GNU Libc Maintainers Changed-By: Aurelien Jarno Closes: 1069191 Changes: glibc (2.36-9+deb12u6) bookworm-security; urgency=medium . * debian/patches/any/local-CVE-2024-2961-iso-2022-cn-ext.diff: Fix out-of-bound writes when writing escape sequence in iconv ISO-2022-CN-EXT module (CVE-2024-2961). Closes: #1069191. Checksums-Sha1: 89201c9a3dc4b12a21085158cc671e65ef2cd2d2 9761 glibc_2.36-9+deb12u6.dsc ce2b34137062a0ddba922d5b34a80770737bb59c 858672 glibc_2.36-9+deb12u6.debian.tar.xz a44d3239eba25b6c7f4ce2756457d71ae0b857ac 9744 glibc_2.36-9+deb12u6_source.buildinfo Checksums-Sha256: fbd6a3b34c8019bc677c1aa3c55a7cdd2fac0f5226151d408cbf107e89002c10 9761 glibc_2.36-9+deb12u6.dsc dab8173d6a6393b50ed0737bd32ff993a3fa7bf4a837573eab8c67f1391ecb12 858672 glibc_2.36-9+deb12u6.debian.tar.xz 7ee850a9b13f43b44460b82fd59ca548b22123dd500bf942c3af4acbbb957bf6 9744 glibc_2.36-9+deb12u6_source.buildinfo Files: d98990edb6c22014e5b8c48aa43152c9 9761 libs required glibc_2.36-9+deb12u6.dsc 65d05b6e083f7e0d364a30fa0349efd9 858672 libs required glibc_2.36-9+deb12u6.debian.tar.xz 1cdb197b7714c8fd5c6e9ca7d19aa569 9744 libs required glibc_2.36-9+deb12u6_source.buildinfo -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEUryGlb40+QrX1Ay4E4jA+JnoM2sFAmYirqMACgkQE4jA+Jno M2sPNQ/+LTclWWW5JsLlpFpI1n0eCno6yzVxuU7nW31IffIRQ/eNYPqKa2iM+Wi+ q41DfI/0KV8yLdVkGiTofVK4RnFAAwN7FIzX0NBazCNlhr3cgBOR33YS8ep0bOfN EjXAS0PYsUwCB1Rf5ozKja6j0Lt8oWoodhRYayL29/WA8yf7oJru/Xaho0bVj68B lP29vRFEtNeBcG+s9iR617jlnUrbyY+1qCP5CwtRH6cBTKM6RozK8hCcNiw/BSwx S9wK+62oMNOpUJaOJLfuIygJH0nwaHzKQU+MQkQhI97ROeJJkGOhzBjAZK44CjkZ HYsizViEUO2Qjq5stTuExD6uYeLK9lcmlhwRgQVqqyQTRKoUOssQDeiNY/SyYscH 3f/HbUJ4QYQ5mlnpYrP3i7EQ2qHbzHEy6qgnmhhnoiPBr7vFQ7/CijIzt7RF78E8 B3XWTiWFuy5SCouXtEoJHhWrE2XNU/w5Ucpe+e2R23mnu5362ECGGvT+WHU2maaD TBdCwNYqw1oA5iy5XwF/FdlRqSEQk88vohl73EFPHl9HTyYiKcxlocQgRFRumv7x NFPHMxk27kGm7kXJb0FtBT7XOX+XUOjbCYRiNqWMlT/mH8bFg/Ey5KXI9TKXUjHB +fQKMYdXSn9O1waG9XFkDmz5TmrbP2+4vv9iahgXoanYnezUKCY= =p/cK -END PGP SIGNATURE- pgpZFmcXdh5R9.pgp Description: PGP signature
[Git][glibc-team/tzdata][buster] 2 commits: Include definitions from systemv file
Emilio Pozuelo Monfort pushed to branch buster at GNU Libc Maintainers / tzdata Commits: 94bca818 by Emilio Pozuelo Monfort at 2024-04-23T15:49:48+02:00 Include definitions from systemv file - - - - - 71a14164 by Emilio Pozuelo Monfort at 2024-04-23T16:02:00+02:00 Update changelog - - - - - 2 changed files: - debian/changelog - debian/rules View it on GitLab: https://salsa.debian.org/glibc-team/tzdata/-/compare/f91541f3c1ea8e0fcef94c43308d686d8f467ce4...71a14164b50cf4e6363738f9d6bc1e0eba4ac683 -- View it on GitLab: https://salsa.debian.org/glibc-team/tzdata/-/compare/f91541f3c1ea8e0fcef94c43308d686d8f467ce4...71a14164b50cf4e6363738f9d6bc1e0eba4ac683 You're receiving this email because of your account on salsa.debian.org.
glibc_2.36-9+deb12u6_source.changes ACCEPTED into proposed-updates->stable-new
Thank you for your contribution to Debian. Mapping stable-security to proposed-updates. Accepted: -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Fri, 19 Apr 2024 18:34:04 +0200 Source: glibc Architecture: source Version: 2.36-9+deb12u6 Distribution: bookworm-security Urgency: medium Maintainer: GNU Libc Maintainers Changed-By: Aurelien Jarno Closes: 1069191 Changes: glibc (2.36-9+deb12u6) bookworm-security; urgency=medium . * debian/patches/any/local-CVE-2024-2961-iso-2022-cn-ext.diff: Fix out-of-bound writes when writing escape sequence in iconv ISO-2022-CN-EXT module (CVE-2024-2961). Closes: #1069191. Checksums-Sha1: 89201c9a3dc4b12a21085158cc671e65ef2cd2d2 9761 glibc_2.36-9+deb12u6.dsc ce2b34137062a0ddba922d5b34a80770737bb59c 858672 glibc_2.36-9+deb12u6.debian.tar.xz a44d3239eba25b6c7f4ce2756457d71ae0b857ac 9744 glibc_2.36-9+deb12u6_source.buildinfo Checksums-Sha256: fbd6a3b34c8019bc677c1aa3c55a7cdd2fac0f5226151d408cbf107e89002c10 9761 glibc_2.36-9+deb12u6.dsc dab8173d6a6393b50ed0737bd32ff993a3fa7bf4a837573eab8c67f1391ecb12 858672 glibc_2.36-9+deb12u6.debian.tar.xz 7ee850a9b13f43b44460b82fd59ca548b22123dd500bf942c3af4acbbb957bf6 9744 glibc_2.36-9+deb12u6_source.buildinfo Files: d98990edb6c22014e5b8c48aa43152c9 9761 libs required glibc_2.36-9+deb12u6.dsc 65d05b6e083f7e0d364a30fa0349efd9 858672 libs required glibc_2.36-9+deb12u6.debian.tar.xz 1cdb197b7714c8fd5c6e9ca7d19aa569 9744 libs required glibc_2.36-9+deb12u6_source.buildinfo -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEUryGlb40+QrX1Ay4E4jA+JnoM2sFAmYirqMACgkQE4jA+Jno M2sPNQ/+LTclWWW5JsLlpFpI1n0eCno6yzVxuU7nW31IffIRQ/eNYPqKa2iM+Wi+ q41DfI/0KV8yLdVkGiTofVK4RnFAAwN7FIzX0NBazCNlhr3cgBOR33YS8ep0bOfN EjXAS0PYsUwCB1Rf5ozKja6j0Lt8oWoodhRYayL29/WA8yf7oJru/Xaho0bVj68B lP29vRFEtNeBcG+s9iR617jlnUrbyY+1qCP5CwtRH6cBTKM6RozK8hCcNiw/BSwx S9wK+62oMNOpUJaOJLfuIygJH0nwaHzKQU+MQkQhI97ROeJJkGOhzBjAZK44CjkZ HYsizViEUO2Qjq5stTuExD6uYeLK9lcmlhwRgQVqqyQTRKoUOssQDeiNY/SyYscH 3f/HbUJ4QYQ5mlnpYrP3i7EQ2qHbzHEy6qgnmhhnoiPBr7vFQ7/CijIzt7RF78E8 B3XWTiWFuy5SCouXtEoJHhWrE2XNU/w5Ucpe+e2R23mnu5362ECGGvT+WHU2maaD TBdCwNYqw1oA5iy5XwF/FdlRqSEQk88vohl73EFPHl9HTyYiKcxlocQgRFRumv7x NFPHMxk27kGm7kXJb0FtBT7XOX+XUOjbCYRiNqWMlT/mH8bFg/Ey5KXI9TKXUjHB +fQKMYdXSn9O1waG9XFkDmz5TmrbP2+4vv9iahgXoanYnezUKCY= =p/cK -END PGP SIGNATURE- pgpbvExW58l1X.pgp Description: PGP signature
glibc_2.31-13+deb11u9_source.changes ACCEPTED into oldstable-proposed-updates->oldstable-new
Thank you for your contribution to Debian. Mapping oldstable-security to oldstable-proposed-updates. Accepted: -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Fri, 19 Apr 2024 22:40:26 +0200 Source: glibc Architecture: source Version: 2.31-13+deb11u9 Distribution: bullseye-security Urgency: medium Maintainer: GNU Libc Maintainers Changed-By: Aurelien Jarno Closes: 1069191 Changes: glibc (2.31-13+deb11u9) bullseye-security; urgency=medium . * debian/patches/any/local-CVE-2024-2961-iso-2022-cn-ext.patch: Fix out-of-bound writes when writing escape sequence in iconv ISO-2022-CN-EXT module (CVE-2024-2961). Closes: #1069191. Checksums-Sha1: d555a20390c7fba05a2cd1f5419bf973c1e9a969 8347 glibc_2.31-13+deb11u9.dsc 60fc288d2351b8b8c2b6ad23aa1f8f65c795249c 961928 glibc_2.31-13+deb11u9.debian.tar.xz 42ef9addd34cfe89709a746373618fcea2ea8d11 9270 glibc_2.31-13+deb11u9_source.buildinfo Checksums-Sha256: d434d56ceee9b81ca36558abdf21fe95ce96dd0be5f296c4d1394a53aac3bdce 8347 glibc_2.31-13+deb11u9.dsc c57f8a2e9bfbedeb110cfe35f9aa387337464ab1233de37f520a802f828a2b97 961928 glibc_2.31-13+deb11u9.debian.tar.xz cd4f7494c0cb52b6f0d8b001cffb111b21f8d33515f43321103b41224e6b2dba 9270 glibc_2.31-13+deb11u9_source.buildinfo Files: 1380cc777ac43126bbdd4897ee61b795 8347 libs required glibc_2.31-13+deb11u9.dsc 1d4c2a4a8ac6df5fa8aa09d321aed75b 961928 libs required glibc_2.31-13+deb11u9.debian.tar.xz b5e0bcd9c0e7954c897758490d5647ad 9270 libs required glibc_2.31-13+deb11u9_source.buildinfo -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEUryGlb40+QrX1Ay4E4jA+JnoM2sFAmYi2KcACgkQE4jA+Jno M2tKbBAAiAu+/4xAq5ZQxjpEcxESNsgZomD1Wz0z17IuvkQD1+bUYAkFu/Bkxz+k hSA7COEzXSO8xEp2fmkRPrL711MR2USsDde0muZFHHYpcBQXgGJdRwSDnFJ9HE/l nGgaBHJSQyi/li8lGuGLjiRECCzLZF6pw0mAggEkULwnjN0FG7kMW39EBcZAABpX WmZacAJOozUDTYNEowx4V+lwDujMUKr6nxrtL1xUUsMnY7wcU7Kd/hOCXgcU37VO fjYQkDw5XBLCP/sDgxjAtsv5Ep4qLcsbm23SAycv00JUygyL4/OolQWSU8vSt8Bs Pdfdd1CaTSY+LdjrxtHXxFbKsNcjXI+2u2GNQ8m8jzvYEB4j2yX6dyE1zOugxOBo EOZNu13+/8Tn6XFm7gsQmo4CBju9je3CpgrWAa+XGUP3KKWe+XotmqlkEJwZDn3X XXZaGYNtb5HebmUgQhs+H56J/qpcv2Cb4CM4K7mF/e3YKzwAb53qHsisjYN+krMC QEfdEqUl9i1ip8f2z6ME8WB+92mfCg/i3YOk5NfdBS6BQWXeDAtkALyxxWRZgIsa 4vPDc0poYFTpUj6QrqbymlSnC/iKVUydrmjrok6XhxuJUrE+vcM7EK0lfChyVP17 rm8hcN2/xVHOebJFPTC9+jWr4VQHoBFND2unKHib2xH+2lkJVFg= =tfsn -END PGP SIGNATURE- pgp3d6cj0gqvc.pgp Description: PGP signature