Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <dispatch@tracker.debian.org> , <debian-lts-changes@lists.debian.org>
Subject: Accepted munge 0.5.14-4+deb11u1 (source) into oldoldstable-security
Date: Tue, 10 Feb 2026 18:20:24 +0000
Signed by: Thorsten Alteholz <alteholz@debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 05 Feb 2026 16:03:02 +0100
Source: munge
Architecture: source
Version: 0.5.14-4+deb11u1
Distribution: bullseye-security
Urgency: high
Maintainer: Gennaro Oliva <oliva.g@na.icar.cnr.it>
Changed-By: Thorsten Alteholz <debian@alteholz.de>
Changes:
 munge (0.5.14-4+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the LTS Team.
   * CVE-2026-25506
     - Fix out-of-bounds read in credential decoding
     - Fix buffer overflow when unpacking message address length
Checksums-Sha1:
 fab6047fbaea49820f364217e4fbcc26ac983b67 2166 munge_0.5.14-4+deb11u1.dsc
 70f6062b696c6d4f17b1d3bdc47c3f5eca24757c 274972 munge_0.5.14.orig.tar.gz
 8aec195b2c4c0abdeaa5dcce2764796e116efdab 16068 munge_0.5.14-4+deb11u1.debian.tar.xz
 8b0c0a792334b892db13a12625c1ea22b948c100 7642 munge_0.5.14-4+deb11u1_amd64.buildinfo
Checksums-Sha256:
 5e1f154a8e95356c3f4a4ebaae4d66c67c602a2425988125afdeca46de39d681 2166 munge_0.5.14-4+deb11u1.dsc
 5d97b4df164f26e0fb9b86a215e646b2311fa79a2fe9aaaeac067f4ed906220a 274972 munge_0.5.14.orig.tar.gz
 8b4881f27ba118ea5ac1ded04d402268d8e2aab6b43c97300d53a92f70cae960 16068 munge_0.5.14-4+deb11u1.debian.tar.xz
 77b923ddd37095ed23af32b8a4c9791ea2b9906210df8f4a767314631b57e887 7642 munge_0.5.14-4+deb11u1_amd64.buildinfo
Files:
 701327943a004fbf4cbc6d758bc7d2b5 2166 admin optional munge_0.5.14-4+deb11u1.dsc
 e1d17b94a9aa2f7322d53bb0029650ca 274972 admin optional munge_0.5.14.orig.tar.gz
 1d718a4b468be49cb9650ac1ca16c65b 16068 admin optional munge_0.5.14-4+deb11u1.debian.tar.xz
 97766a88acc2585cd605d8a283285e13 7642 admin optional munge_0.5.14-4+deb11u1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQKnBAEBCgCRFiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAmmLc6FfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy
MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcTHGRlYmlhbkBh
bHRlaG9sei5kZQAKCRCW/KwNOHtYR1l6EACDuaOfbz1qTKRSQZUtJ1atznPKkyzo
DsXyG1HhBEBF6qN24DMmYChgtKLj42ACSuKWcojbYMtkt+cHV1GXbHtxeTZQp6B0
cdARiHdORwQaDDgkb/gD8Hsu0B7LcR4E/BYcWrkm0PXSRztZj0byOl+PMbXxtYXp
6Ri0QLTbsAIzsb3932LRJupF+6H8SeNl2UfwxwPfoXhchACJ69ehetwL/sVTaNec
9KzVkeuPzVz4gRChyji58JAo21HyGvpTheGWa5bYKBTwnjGODPEDMgnL2AYbBu5+
2jsvKZYKSTxcPHsceU3NPG5mj0BDapoQAxYC0oRsbp4l5fVqkk79HPogyJIHBqiP
jFo5KGqdNsypY6ARBqhQuXeElTErazst/hgUPo5vsbN6VcI6lgcHJ0YUoYnP8uf8
vhr7zrcdqidk+HAIrRj9iRw7aP+FVcss2bqeeV6OBJUYctZ5irbTe/ERA95eX+l5
NHXXSDffdOkNdseorHPW3KfZDOoz2wh+3srv7P84q5J3HnDD9j9DU9HdGVs8gCjz
ooE3+TDkHvSMfE8Qk5z8DXoyiaGORbUmGYBrvafFVRXUL+Qtoi4W1mX9YIu9Ev3o
29Vd0XmiLoMH0G1eo5B4iCae1kXck9tBd85gxR9RuytcgHUHYaKdGXlO6saA5RiN
0iDXMu6rNrZMHA==
=Ykgd
-----END PGP SIGNATURE-----

News for package munge