-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Wed, 26 Jan 2022 20:18:19 +0000
Source: glib2.0
Architecture: source
Version: 2.70.3-1
Distribution: unstable
Urgency: medium
Maintainer: Debian GNOME Maintainers <pkg-gnome-maintainers@lists.alioth.debian.org>
Changed-By: Simon McVittie <smcv@debian.org>
Changes:
glib2.0 (2.70.3-1) unstable; urgency=medium
.
* New upstream release
- Do not allow empty structs (tuples) in D-Bus messages, resolving a
denial-of-service vulnerability for private GDBus servers that accept
messages from untrusted clients (glib#2557)
- Do not allow deep recursion in serialized GVariant binary data,
resolving a denial of service for anything that loads untrusted
GVariant binary data (glib#2572)
- Fix file descriptor handling when launching subprocesses
- Don't skip fsync when writing out files on btrfs.
This was based on a kernel behaviour that was guaranteed prior to
2014, but is no longer considered to be a guarantee.
- Translation updates
* Use debhelper 13 features instead of dh-exec
debhelper now has ${DEB_HOST_MULTIARCH} substitutions, so we don't need
to use dh-exec for those.
After that, the one remaining dh-exec feature in use was a conditional
installation for the FAM GIO module for Hurd. Open-code this in d/rules
instead.
* d/gbp.conf: Use upstream/2.70.x branch for packaging.
We have already had a 2.71.x release.
Checksums-Sha1:
4e673c35cdaf71dbe05946b0e22600608e6d2287 3513 glib2.0_2.70.3-1.dsc
55baae43f05bac63c753f96f69f8b304351d2fb3 4824700 glib2.0_2.70.3.orig.tar.xz
59dec23fd3a8ca04d993db2fe34d7dd20e325cd6 102692 glib2.0_2.70.3-1.debian.tar.xz
3e946bbdae869a7cf644f9016b45519fcad32921 7169 glib2.0_2.70.3-1_source.buildinfo
Checksums-Sha256:
bd4e3c7e8da832b4aa2be7784ccbc2d4bd02b2e91a80c0bbc35fe381f4839555 3513 glib2.0_2.70.3-1.dsc
233fa4841c1e19e396db7607d58f6b75ba3313c50bf0fce07b2e3532d5eb7d46 4824700 glib2.0_2.70.3.orig.tar.xz
458fce6620c8bd98742f24dc80a8b3a71f038b6154e6c93ec647487bc9799777 102692 glib2.0_2.70.3-1.debian.tar.xz
8f84377f054459c04adf135200dab1cd0dddbfc9d0ebba6dfdcfa1e97b8d5d27 7169 glib2.0_2.70.3-1_source.buildinfo
Files:
9cfc0b8d5b0d2165d606c69fdd325427 3513 libs optional glib2.0_2.70.3-1.dsc
a5fe2a56d1e154446ef91010e882f33b 4824700 libs optional glib2.0_2.70.3.orig.tar.xz
f78f588a02b4888f171c8ec75610f3c1 102692 libs optional glib2.0_2.70.3-1.debian.tar.xz
52aab846d41fca171a2ac58d061aa23e 7169 libs optional glib2.0_2.70.3-1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEENuxaZEik9e95vv6Y4FrhR4+BTE8FAmHx1t0ACgkQ4FrhR4+B
TE9Nog//cW1GcO7gFOgLUjK5dxLvHIEnrT/Jypq12SilcfTRarFFVbZ6qsbIcXQx
yTT4hBnoON7Z3JwIrIEhwM46H2XLidpxJ3aa+gfd9QQHY85FEm5e8jM9czPm2Z2A
U8s7CgHWUhO3deJ1fQLYr7rgupFrijPtFDRKnE0vUMWiKLdnerzR1yE8xI7PDFeT
Y6BodQf7rlWZA4c7iuaOKpla09EAehm/+ao1S5OdjeP1RM/es5aJY5vMdVBJv2vH
7WrIrhnwHlT2xtwWm2PVHFptB4NQx3JjiHhEtaraGigg17MBhoRvaitzuCfMLMoB
xJchOSIUeYeowk9U/GwLEGDv02q/EnZBf9j9zF/WZ04hUlVE+LjNPuljW6D3mIrv
47JwTHkktFl4erOuQyMOSND/IJT44fbnz3uNhV4juKxEJsO56+BP3xC75vP1oFi5
NJKh8uyRXzU4VDBPWja9AmFo4IP8vOWPKQ419EzNL/tUoAoJuCyzv1QzPxM89se/
A5qrSZU5tehK7oBUm/vs0DlAZtqnHusofZoe8WeN6ZeQP40kiPlyBxVmw61CAISR
n/65QBHzvmmTnhMdxwqPLfiTRsomk5II+2jA7ceM4B9OtiYnROPgqL4NYDO0IPb6
nbuVTD5xWoWBivXq2SYKtFq14DzUKh5AUwiQRUMDsp/rlaZDrwg=
=CecN
-----END PGP SIGNATURE-----
