-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Mon, 06 May 2024 21:28:59 +0100 Source: glib2.0 Binary: libglib2.0-0 libglib2.0-0-dbgsym libglib2.0-bin libglib2.0-bin-dbgsym libglib2.0-dev libglib2.0-dev-bin libglib2.0-dev-bin-dbgsym libglib2.0-tests libglib2.0-tests-dbgsym libglib2.0-udeb Architecture: armel Version: 2.74.6-2+deb12u1 Distribution: bookworm-security Urgency: high Maintainer: arm Build Daemon (arm-conova-03) Changed-By: Simon McVittie Description: libglib2.0-0 - GLib library of C routines libglib2.0-bin - Programs for the GLib library libglib2.0-dev - Development files for the GLib library libglib2.0-dev-bin - Development utilities for the GLib library libglib2.0-tests - GLib library of C routines - installed tests libglib2.0-udeb - GLib library of C routines - minimal runtime (udeb) Changes: glib2.0 (2.74.6-2+deb12u1) bookworm-security; urgency=high . * d/patches: Backport GDBus fixes from 2.80.1 - If local users send signals on the D-Bus system bus that spoof a trusted sender, do not deliver them to signal subscriptions for the trusted sender's well-known bus name (CVE-2024-34397) - Fix a use-after-free when subscribing to signals with an arg0 match rule, originally from 2.79.0 and necessary to make the test for CVE-2024-34397 pass reliably - Add a local backport of g_set_str(), required by the above - Add proposed fix for a race condition that can cause a unit test to regress after the above * d/gbp.conf, d/control.in: Use debian/bookworm branch for Debian 12 Checksums-Sha1: 48525d035e54b9ddc6692a4eb9ff7cd50b812979 11205 glib2.0_2.74.6-2+deb12u1_armel-buildd.buildinfo 8b6a48cd68d9de92dc3de79d019e9ec0fd94e9eb 3861672 libglib2.0-0-dbgsym_2.74.6-2+deb12u1_armel.deb 5cf5f23a3ee2dbc65e5a6038dadd6da0f204f45b 1211136 libglib2.0-0_2.74.6-2+deb12u1_armel.deb 2c25536f46dff9b783deb16631751640d139ff3f 142464 libglib2.0-bin-dbgsym_2.74.6-2+deb12u1_armel.deb 34d04565c4e5a4516e632e3050332edbf4335273 101920 libglib2.0-bin_2.74.6-2+deb12u1_armel.deb e7311c7c249692ffb313a0496605d43c4d974943 71460 libglib2.0-dev-bin-dbgsym_2.74.6-2+deb12u1_armel.deb 66fc9428bcfe9dd09794a5e4033f54602f38a795 148216 libglib2.0-dev-bin_2.74.6-2+deb12u1_armel.deb 41011f046dc4e0eee8dae86bd77e24c6462183ec 1473452 libglib2.0-dev_2.74.6-2+deb12u1_armel.deb 2bb7df621e951ae883e9f6b3648e3de8d70c37b1 4300552 libglib2.0-tests-dbgsym_2.74.6-2+deb12u1_armel.deb b99166acf82cc5fda78b7b51d1c1873e32f6a466 1762052 libglib2.0-tests_2.74.6-2+deb12u1_armel.deb 01f3e014a73f8026c0d8ca25dd9b4706dbce0bd7 2083056 libglib2.0-udeb_2.74.6-2+deb12u1_armel.udeb Checksums-Sha256: 2aa0e4261127ea05d222a783d729a98d6af0dbd9b1c80efd1c7efaac69a26482 11205 glib2.0_2.74.6-2+deb12u1_armel-buildd.buildinfo 24a6140238c827b9f3e59ebed2ed4667a32382a7ab26a7ec538c4da70c787c84 3861672 libglib2.0-0-dbgsym_2.74.6-2+deb12u1_armel.deb 60fc27ed65e22c757d457984dc546eb1b6040c99d74f75799ee7240c30f64b80 1211136 libglib2.0-0_2.74.6-2+deb12u1_armel.deb 392f053f50ae75ee01cc41a48d88a8fd143a0c3bcb8c255dedc8585ccdfb5f73 142464 libglib2.0-bin-dbgsym_2.74.6-2+deb12u1_armel.deb a12063e2ae343e1d0fe41655eb2c8cf05410331153ccbac746062a28cb10a4a6 101920 libglib2.0-bin_2.74.6-2+deb12u1_armel.deb 74b2fdb1403fbd411b7097200b515a12f061eaa9a5fa43a955a0c6a343f0c74c 71460 libglib2.0-dev-bin-dbgsym_2.74.6-2+deb12u1_armel.deb 74a04108a4f8e28767be45fbdb57eb4dc6fc3905bb282571ee28b3866384d81b 148216 libglib2.0-dev-bin_2.74.6-2+deb12u1_armel.deb 1fd86f1d022209509a85215de1bebcee5f74c2372a740bed179b3389e766a68f 1473452 libglib2.0-dev_2.74.6-2+deb12u1_armel.deb 53f9398fb4d5e48e3ac270107af63fc6dd3ccdd35372d02511ec29faf6de6920 4300552 libglib2.0-tests-dbgsym_2.74.6-2+deb12u1_armel.deb 5140c78e79dbcfd3b6991f3aec4729451f976df1b86a26f2bc4db9b3843df3a2 1762052 libglib2.0-tests_2.74.6-2+deb12u1_armel.deb 343d8a53a7ab6a117ea83ed2a234ec61bb4ef716b2543778502304323f517fee 2083056 libglib2.0-udeb_2.74.6-2+deb12u1_armel.udeb Files: 2a48aa00af1173d89396dea17bf8eb37 11205 libs optional glib2.0_2.74.6-2+deb12u1_armel-buildd.buildinfo c99eebe378d6aef1133d7d12c8805bc4 3861672 debug optional libglib2.0-0-dbgsym_2.74.6-2+deb12u1_armel.deb e01ee2cb187a49d5f13b7ba4507fe8f3 1211136 libs optional libglib2.0-0_2.74.6-2+deb12u1_armel.deb 1e2bef1cbdff83d456ec775a56c8b38f 142464 debug optional libglib2.0-bin-dbgsym_2.74.6-2+deb12u1_armel.deb 837eb8a2142c6bbfe135b161efb2aeb7 101920 misc optional libglib2.0-bin_2.74.6-2+deb12u1_armel.deb fca2a99aa10893c423db4f9bd2d969b2 71460 debug optional libglib2.0-dev-bin-dbgsym_2.74.6-2+deb12u1_armel.deb bb117232c5128b6affe51688207aae03 148216 libdevel optional libglib2.0-dev-bin_2.74.6-2+deb12u1_armel.deb 513dbf723e8e6ff8ebe779db14ba3f72 1473452 libdevel optional libglib2.0-dev_2.74.6-2+deb12u1_armel.deb 5119b17ff7376144c45ca56977f37568 4300552 debug optional libglib2.0-tests-dbgsym_2.74.6-2+deb12u1_armel.deb 079c843f2f95fbfce433f7397ab90364 1762052 libs optional libglib2.0-tests_2.74.6-2+deb12u1_armel.deb 02ba2cb88f6daa0c43162de037c777ea 2083056 debian-installer optional libglib2.0-udeb_2.74.6-2+deb12u1_armel.udeb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEU81tY/BC8e+eAeWhLffeOnPnbLUFAmY6OwkACgkQLffeOnPn bLWVsxAAjDFxdjL1KNrrblX/OGJWcTUVkFU+WUtF30IDbrXaSZ88pJnAmJAlEaFs Eh8lt/x4OLnnNFpNjcmQrBYeiT2An2YoWSSmNm4aaTEPCoX0h4JxnRljFNJI4P0f B2jWQ2yBT3o1+Ez2z1H1Fr5gWkMglEsj196qC7CI+A4gLuroV0RyzubcSAE5wAMO blucugy0o+T/jq2XX9Se7YM9eqrGqDG0WgbcxYVY8cWq/MAB1N9DO+dM1o4zthir Ps1l44Lx+ZQt4tvmmFWoJM1XHnH7F6OiHA2j0j/L9hnUY5arkhYv4XbBS/74D7av QLm0i7znN220GHf/dpco+LJZC4FgWiPi4R2awgocwRkY5xTT/a89y82pOvn/lJ/h YN57NJcGA94ohvr3OlMnZ6HiRjawKZEvticiB5ZM8SSwQV54x61Ea/P9lpGVSf2m OYEwNCIYkG/a99yKkzxGbIzDMahZ8tkHAAlkMR/y3551PkWVGMtT4z6EMbVuk1WA m4Jbvl+CkKhY5E9FAKVjt4z52Tn1+AsivwU9E1l4E8UDVpENDoVSbIsgwyqCg/TO a3RRrhOZMR6G9R29B6NeEacGid4hHLvLi+QSRD+YaY3VJhuflfFqyVs39WsYm2cs Fx/dTjc7wQ7dH6oNXqKQI19bddwnrVJxWn48x3odd4z5+5R7wWM= =qszX -----END PGP SIGNATURE-----