Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-devel-changes@lists.debian.org>
Subject: Accepted pkgconf 1.8.1-1 (source) into unstable
Date: Sun, 22 Jan 2023 11:34:12 +0000
Signed by: Andrew Shadura <andrewsh@debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sun, 22 Jan 2023 12:06:42 +0100
Source: pkgconf
Architecture: source
Version: 1.8.1-1
Distribution: unstable
Urgency: high
Maintainer: Andrej Shadura <andrewsh@debian.org>
Changed-By: Andrej Shadura <andrewsh@debian.org>
Closes: 1026781
Changes:
 pkgconf (1.8.1-1) unstable; urgency=high
 .
   * New upstream release.
     - Fix a buffer overflow vulnerability involving very large variable
       expansions (CVE-2023-24056).
   * Apply an upstream patch to validate the dependency graph when --exists
     is specified (Closes: #1026781).
   * Regenerate the documentation for libpkgconf.
Checksums-Sha1:
 809f6128d03a0031188218fa5e7f85fd639d9b8f 1570 pkgconf_1.8.1-1.dsc
 5d338fad0c8e2374687f42cadfdd8ebf8ab5dffc 302372 pkgconf_1.8.1.orig.tar.xz
 ae974d9ec03d2b1196d2109b2a0f3789daa5786a 15060 pkgconf_1.8.1-1.debian.tar.xz
Checksums-Sha256:
 cf1f645d7a9522354a334130a55d16be7d62e304070d6675f826844b143dc47e 1570 pkgconf_1.8.1-1.dsc
 644361ada2942be05655d4452eb018791647c31bba429b287f1f68deb2dc6840 302372 pkgconf_1.8.1.orig.tar.xz
 bd9330105d17bf4b9a9d2aaba4a150b35da21b7ba4b45d4bf7e034fa6e53ba2f 15060 pkgconf_1.8.1-1.debian.tar.xz
Files:
 ca45b4872bb91a35338077f73d4eebc3 1570 devel optional pkgconf_1.8.1-1.dsc
 51fad3383640dfc47a92731581dd2917 302372 devel optional pkgconf_1.8.1.orig.tar.xz
 3ad430d6d7089cb78665f45007e49ca5 15060 devel optional pkgconf_1.8.1-1.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iHUEARYIAB0WIQSD3NF/RLIsyDZW7aHoRGtKyMdyYQUCY80ahQAKCRDoRGtKyMdy
YbnoAP9Eq/7+b7TQizAf3cYEoriw0+qESOsqjnUf0FA/qPYW1AEAqcFFCpDYdkIg
QOxFVeVu8k/KdwEGt+rOsaJ2hSjdpQs=
=YWK+
-----END PGP SIGNATURE-----

News for package pkgconf