Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-devel-changes@lists.debian.org>
Subject: Accepted glibc 2.37-15 (source) into unstable
Date: Tue, 30 Jan 2024 18:45:03 +0000
Signed by: Aurelien Jarno <aurel32@debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 30 Jan 2024 19:20:04 +0100
Source: glibc
Architecture: source
Version: 2.37-15
Distribution: unstable
Urgency: critical
Maintainer: GNU Libc Maintainers <debian-glibc@lists.debian.org>
Changed-By: Aurelien Jarno <aurel32@debian.org>
Changes:
 glibc (2.37-15) unstable; urgency=critical
 .
   * debian/patches/git-updates.diff: update from upstream stable branch:
     - Fix a heap buffer overflow in __vsyslog_internal (CVE-2023-6246).
     - Fix an off-by-one heap buffer overflow in __vsyslog_internal
       (CVE-2023-6779).
     - Fix an integer overflow in __vsyslog_internal (CVE-2023-6780).
   * debian/patches/any/local-qsort-memory-corruption.patch: Fix a memory
     corruption in qsort() when using nontransitive comparison functions.
   * Set urgency to critical given the security issues.
Checksums-Sha1:
 efaac7aeb6b8a45a930ba197e3cfafbeae73478a 9043 glibc_2.37-15.dsc
 86deae1ef76eb82118d6f0a616835d8084a6a3dc 411436 glibc_2.37-15.debian.tar.xz
 a2103318c4a8fb8ed33229aad90758975ff75394 10289 glibc_2.37-15_source.buildinfo
Checksums-Sha256:
 351a0d3904528628e75d53037e723f7ea32f61b8914481b056e1e46fc0f6fecd 9043 glibc_2.37-15.dsc
 2fa1bfb802b34bc955fe5c66339af921d3db07429317c0142b689b5cbf38c5eb 411436 glibc_2.37-15.debian.tar.xz
 d1cf163c22f74f37b0bb7f95ba20e71c141665b5d8bb49cc08a8c90c13de2279 10289 glibc_2.37-15_source.buildinfo
Files:
 09e776e247156c81c3b67b12a6443fa8 9043 libs required glibc_2.37-15.dsc
 b40584e5b6b568f6575ae4eefd31e1ab 411436 libs required glibc_2.37-15.debian.tar.xz
 5b073451619575fa623702288d556cc4 10289 libs required glibc_2.37-15_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEUryGlb40+QrX1Ay4E4jA+JnoM2sFAmW5PuIACgkQE4jA+Jno
M2s+xQ/+JBfUYkjZsSm5WPUAny05RUE1xsx2/K1nQrwL0UNqvoge1ihUbrHCOMNy
GEa6bjOcKiDnGpUrZNvz8QT5N0eEnjY4/0CRIc2PNau/bD12fJoROP+1f3DHWBcR
/ekQoAZ+hZ05H8HAYRcLsAIp3IMtKjmLg9JrXrL/mwRZwbUOLycJ98L2snarH+9+
wuVwblU71f7XU3CqrYvHiKX4Yegzj9Bl6bakeqXobo3sFGeMD9tpYubHxKPE9RxE
h7l32gh8lklxselCZi1f5tma6U1E82mr/b6D1LBmnLMffGSmz+mINlx/wYmsxpXp
BLcWCrjfBdnf9xEt8y9oZuyEBC4HxHotfkEKYS3KvaLZ7e+Dmp8Uj3p89RhJ7ZZD
f7ivJJBWmaifyWav7je+pbRira5m0QcBKwe3csRj+jPkE2HFdyw3l25wqMgoRvHm
NmMfu9bKniFyW/7jS7ZNiflXuZfV2K2zeJkfUBmN0jjVjzxfqWRChq1/MBi8wK+J
eAItien59oSCuV71jBFPvjWvtNmwyMmL1miK4T/WTNRIWR/QRuk4Jf11p9bbzOm5
SQHu7qpw9eihmRCA6kXTAqbdu5jeYq6Lnt4Fdq4FtHcOhXsu1PgE5GS+kHouWbZ9
/hhp3wDyqVEFl56Fto6saNdChlUbKFD4OKrQo2NP9TV61OJ0h1A=
=r5uP
-----END PGP SIGNATURE-----

News for package glibc