Accepted glib2.0 2.58.3-2+deb10u5 (source) into oldoldstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Mon, 25 Sep 2023 11:21:56 -0300
Source: glib2.0
Architecture: source
Version: 2.58.3-2+deb10u5
Distribution: buster-security
Urgency: medium
Maintainer: Debian GNOME Maintainers <pkg-gnome-maintainers@lists.alioth.debian.org>
Changed-By: Santiago Ruano Rincón <santiago@freexian.com>
Changes:
glib2.0 (2.58.3-2+deb10u5) buster-security; urgency=medium
.
* Non-maintainer upload by the LTS Team
* Add debian/salsa-ci.yml using lts-team/pipeline for buster
* Fix several GVariant-related issues:
* CVE-2023-29499: GVariant deserialization fails to validate that the input
conforms to the expected format, leading to denial of service.
* CVE-2023-32611: GVariant deserialization is vulnerable to a slowdown issue
where a crafted GVariant can cause excessive processing, leading to denial
of service.
* CVE-2023-32665: GVariant deserialization is vulnerable to an exponential
blowup issue where a crafted GVariant can cause excessive processing,
leading to denial of service.
Checksums-Sha1:
6a27026dbcde82d4d7b69942c2179f38fec807e7 2729 glib2.0_2.58.3-2+deb10u5.dsc
bf36847f994bf7961ab0a3bb7afb8e63bce241aa 130900 glib2.0_2.58.3-2+deb10u5.debian.tar.xz
2fbcf91bdaa7bc5016899a20c8e6d0e818eec1af 11644 glib2.0_2.58.3-2+deb10u5_amd64.buildinfo
Checksums-Sha256:
59c25e933d20f4f711c4b6685fbfeb46f1df344aa0e09c862b77fcaef94c57d3 2729 glib2.0_2.58.3-2+deb10u5.dsc
5c9d1dc438c0a8923eaf65391e04906230d06a71426dc1aa6df785b12a4d21d4 130900 glib2.0_2.58.3-2+deb10u5.debian.tar.xz
68430aff8cdab2ebfa8542b40052e1a489ff7265f7efb4ff3de38453853ed224 11644 glib2.0_2.58.3-2+deb10u5_amd64.buildinfo
Files:
c9c7fe5ccab432f00a2e92c73620ea68 2729 libs optional glib2.0_2.58.3-2+deb10u5.dsc
e8ad6cbb292b5a3662ff4d03046c968c 130900 libs optional glib2.0_2.58.3-2+deb10u5.debian.tar.xz
afe5fce0ffc60782ec80b90f68a4ee32 11644 libs optional glib2.0_2.58.3-2+deb10u5_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iHUEARYIAB0WIQRZVjztY8b+Ty43oH1itBCJKh26HQUCZRGupwAKCRBitBCJKh26
HdkjAQCvvvAgdAdu02xHS/5y7XNyC4eXLi7fQhvSFZdHTf1/vQD9Hd+2Uf6olSdf
+1lW68gfW5Lz9SDwRRJpLz1HjpMlVQM=
=CgRb
-----END PGP SIGNATURE-----
Reply to: