Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-devel-changes@lists.debian.org>
Subject: Accepted glib2.0 2.84.1-3 (source) into unstable
Date: Tue, 20 May 2025 10:06:39 +0000
Signed by: Simon McVittie <smcv@debian.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 09 May 2025 15:01:35 +0100
Source: glib2.0
Architecture: source
Version: 2.84.1-3
Distribution: unstable
Urgency: medium
Maintainer: Debian GNOME Maintainers <pkg-gnome-maintainers@lists.alioth.debian.org>
Changed-By: Simon McVittie <smcv@debian.org>
Closes: 1104930
Changes:
 glib2.0 (2.84.1-3) unstable; urgency=medium
 .
   [ Jeremy Bícha ]
   * d/p/gfileutils-Preserve-mode-during-atomic-updates.patch:
     Add a note that this fix for LP#2072586 was reverted in the upstream
     2.84.x branch as a behaviour change. It was kept in 2.85.x,
     and seems reasonable to keep for trixie.
 .
   [ Simon McVittie ]
   * d/p/gfileutils-Preserve-mode-during-atomic-updates.patch:
     Add a cross-reference to LP#2072586
   * d/p/gstring-carefully-handle-gssize-parameters.patch,
     d/p/gstring-Make-len_unsigned-unsigned.patch:
     Add patches from upstream to fix a buffer underflow with very large
     GString instances (Closes: #1104930, CVE-2025-4373)
   * d/p/gdate-Call-tzset-before-localtime_r.patch:
     Add patch from upstream to ensure that tzset() is called before
     localtime_r(); otherwise the behaviour of localtime_r() is unspecified.
   * These patches bring us up to date with upstream glib-2-84 branch commit
     2.84.1-15-gb3de15acf9, excluding changes that are not relevant to
     Debian architectures (macOS CI and Windows) and the revert of the fix
     for LP#2072586 (discussed above).
Checksums-Sha1:
 8a433f81ac0774934304c91ee54b60be5a1866fa 4925 glib2.0_2.84.1-3.dsc
 5f1d8d533a3c3f0eb20849b964aaadfd137efb8f 140100 glib2.0_2.84.1-3.debian.tar.xz
 30647ad6f221bf940638573a36b98bd2b1bdceb2 7406 glib2.0_2.84.1-3_source.buildinfo
Checksums-Sha256:
 8fbbbddd9ec3d309997fe4d792b78a39a2ac62b565a03a3706c49e5d02d9e6cd 4925 glib2.0_2.84.1-3.dsc
 832a246906ed73bd2a8e92b5b9a8625bf1a435062cc327d336fcf1ccce27603c 140100 glib2.0_2.84.1-3.debian.tar.xz
 ae65d9a8951b1dc36e04e23aa17ce862965f0e2cd1bddecf3f849c94733c18c1 7406 glib2.0_2.84.1-3_source.buildinfo
Files:
 564133e0c881d8d0ba35bd76b790b71f 4925 libs optional glib2.0_2.84.1-3.dsc
 0f56e195be84982c6af1efc27b2aa599 140100 libs optional glib2.0_2.84.1-3.debian.tar.xz
 ef419c007764e03c54e17ead4300dc80 7406 libs optional glib2.0_2.84.1-3_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEegc60a5pT6Jb/2LlI1wJnT6zMHYFAmgsUdAACgkQI1wJnT6z
MHanHhAAgFrgZ8RYomw4ibfOe0tuuP1VT8YnG9DiZ4Z2mCeYekiDhb8Z/xnnvXmO
h7ejIINcboNQsySgBY9dbcIB+XnqgFtXc6swRonOB4FQlXHjE0TF7kGmqadAOmQq
YukC9qFcXRVN2AtgiX5DYxgcoj+yE/Gyk2qFfNiJa7O9/+jx1Z3TAzm8sip2Q6Jc
zjcj3MW/u4bjvdB4p/JEKzU5zmaNeBe0rtG6Gv22pZgr/8rW3TG8glnAdT4gVNVY
j0exWPM31iBVnTIscCKJkhMk4ddZ1+BxDecCMtco3ENpFdu64/Mytzq4Z0vm2Gk0
/fMgHx8QFJNdSzDhE4m+6vBOgTU8LvsfottzBm09OCWNjo9+CZ1qaxaThEsYldCJ
xJbosIUziu9Xx6xupSj/JzhAbUUwzWLbb2n0myUaUXy83Gun98XEsXAV2qgHeLfE
ElqM/aon/85699qe6MMSz1fs3TQkS12jPoJHkehRpE2+0TbAL5AV4nD3YSAhLa7i
IihECF3BkS7MnLBhw5VgXm6EJRvoCvBVi0ShU+C+FqAO6B7+uSSkQrznlRerK/yw
rZfU8z0XemoUX2jcNzYeVpM/DJNMAlsBeaTL3duCQlbhNaqU8aO0KYuPlVRyI46R
8L7h5dolcsHaV9CYUj9xzMuilzckKiL0y/R9FXMs0KekPtyZ7Rg=
=MSUy
-----END PGP SIGNATURE-----
News for package glib2.0
