-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sat, 30 Sep 2023 10:31:05 +0200 Source: glibc Architecture: source Version: 2.36-9+deb12u3 Distribution: bookworm-security Urgency: medium Maintainer: GNU Libc Maintainers <debian-glibc@lists.debian.org> Changed-By: Aurelien Jarno <aurel32@debian.org> Changes: glibc (2.36-9+deb12u3) bookworm-security; urgency=medium . * debian/patches/any/local-CVE-2023-4911.patch: Fix a buffer overflow in the dynamic loader's processing of the GLIBC_TUNABLES environment variable (CVE-2023-4911). Checksums-Sha1: 3ebba582b3a7076ebb11fb435576140430138cc0 9761 glibc_2.36-9+deb12u3.dsc d034128a6116dcf9e76c92f898ec63f4f4e65786 19363988 glibc_2.36.orig.tar.xz 29c4bcbc83bfeb84b28378806cf13a72ed2303f8 860160 glibc_2.36-9+deb12u3.debian.tar.xz 33bc2fec6f2e0a4da213c5ed98512ddf213e33e1 9512 glibc_2.36-9+deb12u3_source.buildinfo Checksums-Sha256: 286c10802114f59c18b7f15b661d416d0448a0bfe0abc5ef1db3695c7eb9a63c 9761 glibc_2.36-9+deb12u3.dsc a543c02070d46ccaf866957efd13f10c924daa74c86a90a0254db09a92a708ee 19363988 glibc_2.36.orig.tar.xz eb8d781c1b41bfa5ef578b59acc842532cadf4039c04b807f1c161d2224cc480 860160 glibc_2.36-9+deb12u3.debian.tar.xz 61743033cc4c073d93dc10c008da90a574605f14704f5707fa894956e4c0885b 9512 glibc_2.36-9+deb12u3_source.buildinfo Files: 5cd34ffa35d591117b1a3c5545dd9ab5 9761 libs required glibc_2.36-9+deb12u3.dsc b2b0246bc50781a2243f8141feeb1bf4 19363988 libs required glibc_2.36.orig.tar.xz 82f9afe7310fc05f56366158cd06fecd 860160 libs required glibc_2.36-9+deb12u3.debian.tar.xz 95a2e47342f394234c9f0e966dfed96a 9512 libs required glibc_2.36-9+deb12u3_source.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEUryGlb40+QrX1Ay4E4jA+JnoM2sFAmUYYrAACgkQE4jA+Jno M2vykA//SBHMv7uy947/irsF8rKgDXWbB3smdNu4OSN/K47TfChUpfx1XTWl9WTM i+HKoqjBbCpWe5E8qgFz6QrLtwf0Z5mWlqSlIJBMlOWp/3ywnBdTcUJfpTaSiRQJ 62QcxeN/ukMPa9MPNq5vmsLHXT0mQ7dadwpDK9/mNzGV9CVGILVJUgulUStyvPf5 HKV153Snuz53fDDBGzA+u2Nd6tt+jUjW2o665qqCSxhkXl2Qp2Cd0hYapPGAv2ap K1Vv2DD0ablXDChjxEaYrfiN8i6SsAC6d82EbEteHO2gFDvpD3ZBJhXAMGZNnkeQ nTK0FO48T1au0+L1o1g9+Ix/BDkuf6WNZJa0qz92QveDpj4kmdlSw3iDOrPInjA5 JpyGkyMEpBycYm+pcErAH/mgRC90NYsE8DiQntYiygk5U1qf4a199EegiJXwWXDL vM1ZxRCnse+9L/u2OxNHJsI/2FetXp4j1vKHdpcYBtWNnD/C5zPQTKacyzq3qPaG zBBLstVoVBMVznqhiExIK8ZeB+nkAMQmwTwbjdySKFTEK705wMFxnfkZO9fe1LhI LwSoVjNpzFOzVmAeo2c1fujFpQwhwCKfXMqGJXz8aJQuQGjf+jZzUalNJZ0dIkRz PiQuoRbRVhL27gcFef9tEaEeSDxTIOW7vKnqtiThzYwEOiYGxhs= =ZJ3N -----END PGP SIGNATURE-----