Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-lts-changes@lists.debian.org> , <dispatch@tracker.debian.org>
Subject: Accepted u-boot 2021.01+dfsg-5+deb11u3 (source) into oldoldstable-security
Date: Tue, 23 Jun 2026 20:30:16 +0000
Signed by: Andreas Henriksson <ah@debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 23 Jun 2026 21:07:40 +0200
Source: u-boot
Architecture: source
Version: 2021.01+dfsg-5+deb11u3
Distribution: bullseye-security
Urgency: high
Maintainer: Vagrant Cascadian <vagrant@debian.org>
Changed-By: Andreas Henriksson <andreas@fatal.se>
Closes: 1056750 1081557 1136954
Changes:
 u-boot (2021.01+dfsg-5+deb11u3) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the LTS Team.
   * CVE-2024-42040: buffer overread vulnerability in the DHCP implementation.
     (Closes: #1081557)
   * CVE-2026-46728: mishandles use of unit addresses in a FIT.
     (Closes: #1136954)
   * Remove avr32 arch support removed in dpkg 1.22.0 (Closes: #1056750)
     - now also leads to DAK rejecting the upload even for older suites.
Checksums-Sha1:
 f8ee589e8dd48669750041d1f867208141f77a03 3498 u-boot_2021.01+dfsg-5+deb11u3.dsc
 bb849ec021e5ed18516f2f7727965da08de718b9 13829776 u-boot_2021.01+dfsg.orig.tar.xz
 91158269b3fb31fddf42871d46e2c9b1b2d76bfa 69108 u-boot_2021.01+dfsg-5+deb11u3.debian.tar.xz
 2f3b71f9faa4b0fc0219c5d213aae3caaeae677c 7710 u-boot_2021.01+dfsg-5+deb11u3_source.buildinfo
Checksums-Sha256:
 bd8435af3c968cf1a679873786cb15875bb3522251de6dbd4ab3eaafe73f0445 3498 u-boot_2021.01+dfsg-5+deb11u3.dsc
 2c2f2422b14630e47b9ebf27cff7941da242512f5bac4ad7af101a933282e7a0 13829776 u-boot_2021.01+dfsg.orig.tar.xz
 0cdcd23ab08c92381ecb812cb63c17e2aca86709c902e296142e4f75617db904 69108 u-boot_2021.01+dfsg-5+deb11u3.debian.tar.xz
 dcf4ac73b047485403220fdd2e883b2755406fca11eaa099aa733339b36e80c2 7710 u-boot_2021.01+dfsg-5+deb11u3_source.buildinfo
Files:
 b5a08328ff8380e3706830eaede2da83 3498 admin optional u-boot_2021.01+dfsg-5+deb11u3.dsc
 8bc543dbd76bdc302970e88938e823c2 13829776 admin optional u-boot_2021.01+dfsg.orig.tar.xz
 68d88023baf52f671496e9b4e06e4a0c 69108 admin optional u-boot_2021.01+dfsg-5+deb11u3.debian.tar.xz
 b3b3ec29d1807141d0583afbaa8bfa29 7710 admin optional u-boot_2021.01+dfsg-5+deb11u3_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE+uHltkZSvnmOJ4zCC8R9xk0TUwYFAmo66cYACgkQC8R9xk0T
Uwbkqw//VQjFfZYzn7o6RCfCovnvBFanAnTovIyTBgYnZOieGbToVw1gTjdCZLdd
+nGqjTx/zGoOzU5pYBoiMva9AeXL9PMjSueBPUegHoitl+IdUnl05QFfRrhzDNvy
9mL8lK2vP4/v3GtHN6LaKY2IP4kHqCi7o7/bobqLxmfVZo4AKJtSLwByy5JRbEwQ
mMxtc/LExV8KTqfQ4AzCsNmKZA8OS3RK3wMKfU8KAxxhYgKMOi2F2V47iPQQVifa
NWTBOjgsYtNkeUZdOPmO0XiXZxVxh4RFH51h/WskM3VH+y6wYKr+2le8gLDkChhg
KvYoP4krO4Kbxa58e8TTyVHgyC5nb1VldfpqOVVPvOolOmGMRsjeys3WUatG4Ipz
lz0wysxMPxNKPMpber67i3+/VJucuP0AZ86ObDHf5VHYqmKRSFyffZOx/Ec7JHS+
Bo1DAg2aSK4ApdXs7NJdX2o1L5RDoMkF4nb++zJ5GunfPbPHKHHR9+zd0VLkZTGc
+2ktee62ozgf4te16jgX68G/k4zlIX3YS3+rn91Cjy9mHkxsR6dccj3Ld98ohtLi
bVYoKoSxXWODxI9yMm/5/bF+Xw5r64rdQfgccl7VfR8G2mhxkUd0sBnE8AMvTf3K
jDjpmI13MnyMFqrS+B2t7qo6VtaGlruhgk9qQoQMHCHkuKwjHms=
=WrZC
-----END PGP SIGNATURE-----

News for package u-boot