-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 10 Aug 2023 14:51:14 +0200 Source: efibootguard Architecture: source Version: 0.13-2+deb12u1 Distribution: bookworm Urgency: medium Maintainer: Quirin Gylstorff <quirin.gylstorff@siemens.com> Changed-By: Gylstorff Quirin <quirin.gylstorff@siemens.com> Closes: 1049436 Changes: efibootguard (0.13-2+deb12u1) bookworm; urgency=medium . * d/patches: Backport fix to address CVE-2023-39950 Backport of security fix for CVE-2023-39950, Insufficient or missing validation and sanitization of input from untrustworthy bootloader environment files can cause crashes and probably also code injections into `bg_setenv`) or programs using `libebgenv`. (Closes: #1049436) Checksums-Sha1: 2609bdf263abcfc0fd4f2e66247d1040474f161e 1971 efibootguard_0.13-2+deb12u1.dsc 958de856fc30a1b843aa24b864975f0d6bd77cb0 6932 efibootguard_0.13-2+deb12u1.debian.tar.xz 8aa793e9cd3287dfd2ca08068a064d24c2a3abc1 6331 efibootguard_0.13-2+deb12u1_source.buildinfo Checksums-Sha256: eed220e8bf9db36cda125becbcff622a7f70fcdde84aaa27ef3cbdac5afe2f39 1971 efibootguard_0.13-2+deb12u1.dsc a757033f91cf26adce893d264bcc018b8c135f0a7ab679ad4debff6da757a308 6932 efibootguard_0.13-2+deb12u1.debian.tar.xz 3a4fc5ecf8540ad9ea351e8ec86a36e8ef59e25b75738791327037d71902e7fc 6331 efibootguard_0.13-2+deb12u1_source.buildinfo Files: e4e213fc16b5fd5f27a66f10adb80bb6 1971 admin optional efibootguard_0.13-2+deb12u1.dsc 787d43d9e97888ca20ab1387333c1fcb 6932 admin optional efibootguard_0.13-2+deb12u1.debian.tar.xz 3e62d359267b57aa62b52559f6bfc0c7 6331 admin optional efibootguard_0.13-2+deb12u1_source.buildinfo -----BEGIN PGP SIGNATURE----- iQHEBAEBCgAuFiEEQGIgyLhVKAI3jM5BH1x6i0VWQxQFAmTiJAkQHGJhZ2VAZGVi aWFuLm9yZwAKCRAfXHqLRVZDFAcGDADw8ApqZwkc0AgUxIieZZU7dqp69W54zkGp VGsMX95PcrZ09PU7RN1qdM4bgw9iWTID09PGmukLTdYHUZ+xfXF1+sI0yiJHqzTI FxsEerEU0+PxiYf3vvD9YZM9vPMkhhSUuf1nNvIkHenPneUilSoxqQLKYZIJg7kF LTAtJiLuITBpTWW4QwuYesIrPCPVgBfA4nPRop2e2UJcg8VoTkGDTtkkdAn3ePGW 2SRAsyECgWoOlN8xmjCaLX3kSAcI794MSgHIP+MnB05auDSn1M9j1aXVA82lXwXf kYpV8yZ4eTJlHzO/fhTFInuH0XfER1CVdhWxFv0uAPgiiw0/WYWm55AZgF53JZz7 UlksNvTLoBGrI5kFuEqL82NwZpPxfIUtF0ItrD1GZ1I1YxTDX5QfjuPudHgnTJqC zykBKUyeW2qkIQ+SAYFVURvuVe7c7Oi1Uu7VVf6y9Hd7dVBoVdDR4QWhuocWeYfQ MvdatSz7GqvFSnajKvwOVpYKn3jXERU= =OPSL -----END PGP SIGNATURE-----