Accepted glib2.0 2.50.3-2+deb9u1 (source) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Tue, 13 Aug 2019 10:46:20 +0100
Source: glib2.0
Binary: libglib2.0-0 libglib2.0-tests libglib2.0-udeb libglib2.0-bin libglib2.0-dev libglib2.0-0-dbg libglib2.0-data libglib2.0-doc libgio-fam
Architecture: source
Version: 2.50.3-2+deb9u1
Distribution: stretch
Urgency: medium
Maintainer: Debian GNOME Maintainers <pkg-gnome-maintainers@lists.alioth.debian.org>
Changed-By: Simon McVittie <smcv@debian.org>
Description:
libgio-fam - GLib Input, Output and Streaming Library (fam module)
libglib2.0-0 - GLib library of C routines
libglib2.0-0-dbg - Debugging symbols for the GLib libraries
libglib2.0-bin - Programs for the GLib library
libglib2.0-data - Common files for GLib library
libglib2.0-dev - Development files for the GLib library
libglib2.0-doc - Documentation files for the GLib library
libglib2.0-tests - GLib library of C routines - installed tests
libglib2.0-udeb - GLib library of C routines - minimal runtime (udeb)
Closes: 929753 931234
Changes:
glib2.0 (2.50.3-2+deb9u1) stretch; urgency=medium
.
* Team upload
* d/gbp.conf: Add GNOME team configuration
* d/p/gfile-Limit-access-to-files-when-copying.patch:
When copying files, give the temporary partial copy of the file
suitably restrictive permissions (Closes: #929753; CVE-2019-12450)
* d/p/keyfile-settings-Use-tighter-permissions.patch:
Create directory and file with restrictive permissions when using the
GKeyfileSettingsBackend. Mitigation: in this version of GLib, the
GKeyfileSettingsBackend can only be used explicitly by code, and is
never selected automatically. (Closes: #931234; CVE-2019-13012)
* d/p/gmarkup-Fix-unvalidated-UTF-8-read-in-markup-parsing-erro.patch,
d/p/gmarkup-Avoid-reading-off-the-end-of-a-buffer-when-non-nu.patch:
Avoid buffer read overrun when formatting error messages for invalid
UTF-8 in GMarkup (CVE-2018-16429)
* d/p/gmarkup-Fix-crash-in-error-handling-path-for-closing-elem.patch:
Avoid NULL dereference when parsing invalid GMarkup with a malformed
closing tag not paired with an opening tag (CVE-2018-16429)
Checksums-Sha1:
3e5b3232675ca069efc46ae9b77fb5b400018d0c 3451 glib2.0_2.50.3-2+deb9u1.dsc
38921822069c760ce1c33c3149bccba85b4dd617 74472 glib2.0_2.50.3-2+deb9u1.debian.tar.xz
bf82692a5f402b317d78c4caf09e7f1e75f4b225 8351 glib2.0_2.50.3-2+deb9u1_source.buildinfo
Checksums-Sha256:
1ec772f446253b189271f35106e39aa84a74a57796c9b1d09f3fe4b6f608c1bb 3451 glib2.0_2.50.3-2+deb9u1.dsc
305398721ed8c790b677e44850228fd04efd1b9da7181bb0eedd9822ad7ff5d7 74472 glib2.0_2.50.3-2+deb9u1.debian.tar.xz
839929c489ef87be82d541629a5db6ea1dac906b730ff8da2ffcb2c8247c05fe 8351 glib2.0_2.50.3-2+deb9u1_source.buildinfo
Files:
14c3dfb0b47583e8cd5eec5dd9deea7e 3451 libs optional glib2.0_2.50.3-2+deb9u1.dsc
de5bf0d8a60c964623e45a307f51f7be 74472 libs optional glib2.0_2.50.3-2+deb9u1.debian.tar.xz
370e1f749acbbb8173e9a4621532bd6c 8351 libs optional glib2.0_2.50.3-2+deb9u1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJEBAEBCAAuFiEENuxaZEik9e95vv6Y4FrhR4+BTE8FAl1WW6oQHHNtY3ZAZGVi
aWFuLm9yZwAKCRDgWuFHj4FMT9nQD/4vxpymXdXam6vYEMJcJft7vXCgxI4aXsmJ
pj/HjvR1S8dNnQ/WzwO7tz2CKQOUifnE55VpL1qjO/iovD08g3B1k9smk/7qO07w
Mg5uDTfRnCtXJ+ImpxKO5I8RTDvbx8bn+Iv9n1Xgn1vfslmUQsmuHfS3/XpBtuUq
m0TicpsUVngd5EC3ENaH28Xi0zbsiFuxf09lK1VPoKh11PaqoR7X20CO9dV6bdxc
i+AaZrfGmX8/kkR50vB+U+IZwpu+yKcL+Vfq//Cma0s2swUQPircT4LnaDrsQMIc
/L0GP9gDPSWwaEeb6kePX1si7i4swaYAMDkRsvbiVMRV0gEAeucFO603C+f+K2+y
nKbZpK81yu1hwfHu2L+LyaELQpYDc6/mM+4szNzvkqggxTbzyYQhaiCBc4z72RxF
nsJy6BZptD47cblkMU7RGnT2hHfYuTYOSoBJegZBBkdTYY6Dd4l6YT485+dtSzd/
Ayybp6Ws7Dglc7bjca9K9656RWt4PXiVUuokIkUolNQr/f99b3e8jjjOL1cdK6d/
JL9MFGdlNwrWbZFbiSNWYletB/W6US155PghaEqMS8/DPwyN8YH2HPjRgCN5OkI4
fSpChiPwsY7eWRRqSEVVw2zEtk81nR9llDW/l0odmA1RRKiFvfh+LtBxRblGAR7H
Al5jui5W2g==
=K3YH
-----END PGP SIGNATURE-----
Reply to: