Accepted efibootguard 0.13-2+deb12u1 (source) into proposed-updates
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Thu, 10 Aug 2023 14:51:14 +0200
Source: efibootguard
Architecture: source
Version: 0.13-2+deb12u1
Distribution: bookworm
Urgency: medium
Maintainer: Quirin Gylstorff <quirin.gylstorff@siemens.com>
Changed-By: Gylstorff Quirin <quirin.gylstorff@siemens.com>
Closes: 1049436
Changes:
efibootguard (0.13-2+deb12u1) bookworm; urgency=medium
.
* d/patches: Backport fix to address CVE-2023-39950
Backport of security fix for CVE-2023-39950, Insufficient
or missing validation and sanitization of input from untrustworthy
bootloader environment files can cause crashes and probably also
code injections into `bg_setenv`) or programs using `libebgenv`.
(Closes: #1049436)
Checksums-Sha1:
2609bdf263abcfc0fd4f2e66247d1040474f161e 1971 efibootguard_0.13-2+deb12u1.dsc
958de856fc30a1b843aa24b864975f0d6bd77cb0 6932 efibootguard_0.13-2+deb12u1.debian.tar.xz
8aa793e9cd3287dfd2ca08068a064d24c2a3abc1 6331 efibootguard_0.13-2+deb12u1_source.buildinfo
Checksums-Sha256:
eed220e8bf9db36cda125becbcff622a7f70fcdde84aaa27ef3cbdac5afe2f39 1971 efibootguard_0.13-2+deb12u1.dsc
a757033f91cf26adce893d264bcc018b8c135f0a7ab679ad4debff6da757a308 6932 efibootguard_0.13-2+deb12u1.debian.tar.xz
3a4fc5ecf8540ad9ea351e8ec86a36e8ef59e25b75738791327037d71902e7fc 6331 efibootguard_0.13-2+deb12u1_source.buildinfo
Files:
e4e213fc16b5fd5f27a66f10adb80bb6 1971 admin optional efibootguard_0.13-2+deb12u1.dsc
787d43d9e97888ca20ab1387333c1fcb 6932 admin optional efibootguard_0.13-2+deb12u1.debian.tar.xz
3e62d359267b57aa62b52559f6bfc0c7 6331 admin optional efibootguard_0.13-2+deb12u1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQHEBAEBCgAuFiEEQGIgyLhVKAI3jM5BH1x6i0VWQxQFAmTiJAkQHGJhZ2VAZGVi
aWFuLm9yZwAKCRAfXHqLRVZDFAcGDADw8ApqZwkc0AgUxIieZZU7dqp69W54zkGp
VGsMX95PcrZ09PU7RN1qdM4bgw9iWTID09PGmukLTdYHUZ+xfXF1+sI0yiJHqzTI
FxsEerEU0+PxiYf3vvD9YZM9vPMkhhSUuf1nNvIkHenPneUilSoxqQLKYZIJg7kF
LTAtJiLuITBpTWW4QwuYesIrPCPVgBfA4nPRop2e2UJcg8VoTkGDTtkkdAn3ePGW
2SRAsyECgWoOlN8xmjCaLX3kSAcI794MSgHIP+MnB05auDSn1M9j1aXVA82lXwXf
kYpV8yZ4eTJlHzO/fhTFInuH0XfER1CVdhWxFv0uAPgiiw0/WYWm55AZgF53JZz7
UlksNvTLoBGrI5kFuEqL82NwZpPxfIUtF0ItrD1GZ1I1YxTDX5QfjuPudHgnTJqC
zykBKUyeW2qkIQ+SAYFVURvuVe7c7Oi1Uu7VVf6y9Hd7dVBoVdDR4QWhuocWeYfQ
MvdatSz7GqvFSnajKvwOVpYKn3jXERU=
=OPSL
-----END PGP SIGNATURE-----
Reply to: