-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 28 Sep 2023 22:50:47 +0200 Source: glibc Architecture: source Version: 2.36-9+deb12u2 Distribution: bookworm Urgency: medium Maintainer: GNU Libc Maintainers <debian-glibc@lists.debian.org> Changed-By: Aurelien Jarno <aurel32@debian.org> Closes: 1050592 1051958 Changes: glibc (2.36-9+deb12u2) bookworm; urgency=medium . * debian/patches/git-updates.diff: update from upstream stable branch: - Fix the value of F_GETLK/F_SETLK/F_SETLKW with __USE_FILE_OFFSET64 on ppc64el. Closes: #1050592. - Fix a stack read overflow in getaddrinfo in no-aaaa mode (CVE-2023-4527). Closes: #1051958. - Fix use after free in getcanonname (CVE-2023-4806, CVE-2023-5156). - Update the x86 cacheinfo code to look at the per-thread L3 cache to determine the non-temporal threshold. This improves memory and string functions on modern CPUs. - Fix _dl_find_object to return correct values even during early startup. - Always call destructors in reverse constructor order. Checksums-Sha1: 4db7080db901fcdee95af1ce929c1f892b71d07e 9761 glibc_2.36-9+deb12u2.dsc 0aa30aec5f0812b2ae83aa367574d8a9dff12a52 859640 glibc_2.36-9+deb12u2.debian.tar.xz c8f37df67f008876d3f16f459cf0cfe0751efb47 9496 glibc_2.36-9+deb12u2_source.buildinfo Checksums-Sha256: 4b782d3c596f4bf0881b095142e30279136589e2a9c6d6fa409978d93b0fcbce 9761 glibc_2.36-9+deb12u2.dsc c6b872bcb6ee8454983b6f481fc22d4caa2931b378ffc6b5894fc5f7f92a357b 859640 glibc_2.36-9+deb12u2.debian.tar.xz 63239a3e4525088652df088e474e69992cbd988dc075d63065c5e34a2e302279 9496 glibc_2.36-9+deb12u2_source.buildinfo Files: 822d26e34d4f789e5f15be88639fbc75 9761 libs required glibc_2.36-9+deb12u2.dsc c290d36af2f588e8b15ee5a152370fd4 859640 libs required glibc_2.36-9+deb12u2.debian.tar.xz a27bcd0aa835bac5659d974b805ee415 9496 libs required glibc_2.36-9+deb12u2_source.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEUryGlb40+QrX1Ay4E4jA+JnoM2sFAmUV5+4ACgkQE4jA+Jno M2tKzA//SgLyIUuV2nPD44dFyxYt6ZNfc2u6hnKf6rdRo+VM31Xswt6XUwBWPZ/t wT7wxw5/P3aTkm9fGkajScv+U3PviUu3puOVmEbLk70276zMYSXpauyosoPAzpbh cMZrfsbocdAscpcKQRRNbOS5c55WRUuupJyIaNbLiDT0PviziwEGhEQrn7gkY4/q 5FzEZq59GIgtHGIoe9zzaWablYP0DkH4O2fkrixbKqceLUIhuVWpQiCVcXFWBO0i kpNFH53V52CVYzXQhueHDekgEuSo7haU80LtYiBqi/Y3acAP1XVquYn9pe6rpwMg K6F4eP1kJvYGDOF+OwYeoWC5MVp93VgZCofy24/dxYNuX1b8SA45t+ZjCOzQPa0J tKPk77emlDQ5f45MWEHcA9+Lq0jJ9QAMLbGZccHonaKSXACrxf2o7M+jqvgCEwAw qY6k9DI/B4iZC0TPTCG+wem3D0RQGbu1y9uxXpIA8kw4YCXfkWcnlWO4Vu/2PZJC 7vNuolE168bl5e10lwG0eBacxThmSEtnlWP3vQI+5tzcM9U9dmd83rqdzYxzIJ/e x7k7Jqfdo2X/aUaOhqiDibEz/6MwT1V9jKJh459PhdvgnCn648RP7Kn8ZZn0iyVz f9wntzuEL5JzTTtzZWFXWO03a/VBvqIPc6EQJquM3y11ZJf16kk= =wNoQ -----END PGP SIGNATURE-----