Back to glib2.0 PTS page

Accepted glib2.0 2.74.6-2+deb12u1 (source) into proposed-updates



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Tue,  7 May 2024 14:39:03 BST
Source: glib2.0
Architecture: source
Version: 2.74.6-2+deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: Debian GNOME Maintainers <pkg-gnome-maintainers@lists.alioth.debian.org>
Changed-By: Simon McVittie <smcv@debian.org>
Changes:
 glib2.0 (2.74.6-2+deb12u1) bookworm-security; urgency=high
 .
   * d/patches: Backport GDBus fixes from 2.80.1
     - If local users send signals on the D-Bus system bus that spoof a
       trusted sender, do not deliver them to signal subscriptions for the
       trusted sender's well-known bus name (CVE-2024-34397)
     - Fix a use-after-free when subscribing to signals with an arg0
       match rule, originally from 2.79.0 and necessary to make the test
       for CVE-2024-34397 pass reliably
     - Add a local backport of g_set_str(), required by the above
     - Add proposed fix for a race condition that can cause a unit test
       to regress after the above
   * d/gbp.conf, d/control.in: Use debian/bookworm branch for Debian 12
Checksums-Sha256: 
 c284203bffd0010727d9c315d084cc2f61077ad3b7d14fc5355092fe26e294b5 3604 glib2.0_2.74.6-2+deb12u1.dsc
 b1b465830420dd146e9b6974902f241c5eba3e33f1b18fcb6155d805a14023c0 138472 glib2.0_2.74.6-2+deb12u1.debian.tar.xz
 7314e932c197018be104874313e83903565c7ac06f11fd5bc9780067a5b5b5c4 7362 glib2.0_2.74.6-2+deb12u1_source.buildinfo
 dabcaff9298aa111a94e580561d2f29371f3e61b356c925ec5e0792df2b11ff2 267596 glib2.0_2.74.6.orig-unicode-data.tar.xz
 069cf7e51cd261eb163aaf06c8d1754c6835f31252180aff5814e5afc7757fbc 5217312 glib2.0_2.74.6.orig.tar.xz
Checksums-Sha1: 
 da082cb96abb74e92c28a1f96f00b58ab0e9788d 3604 glib2.0_2.74.6-2+deb12u1.dsc
 087b22bbc57ea7fa2165afa33bc3b112842f64d1 138472 glib2.0_2.74.6-2+deb12u1.debian.tar.xz
 aed2dadb4dc6884bcf3e09a4b43250d31017c6a1 7362 glib2.0_2.74.6-2+deb12u1_source.buildinfo
 ed894bc4a82445f4f7b867a9da045f35d4b16b34 267596 glib2.0_2.74.6.orig-unicode-data.tar.xz
 c924652ae8526754e765bbe9cc6ffe6885a7fedf 5217312 glib2.0_2.74.6.orig.tar.xz
Files: 
 5de2f7d091bcdfd68a4a86009ca0e12f 3604 libs optional glib2.0_2.74.6-2+deb12u1.dsc
 37e1453d48f043915a74d7742fa27ee0 138472 libs optional glib2.0_2.74.6-2+deb12u1.debian.tar.xz
 2f6a38283c653e6e2aa396bb445b93d6 7362 libs optional glib2.0_2.74.6-2+deb12u1_source.buildinfo
 b04bd93cfba7c4035f152578abe28c32 267596 libs optional glib2.0_2.74.6.orig-unicode-data.tar.xz
 38f81d4a06c03e667b1f4d73cb803da8 5217312 libs optional glib2.0_2.74.6.orig.tar.xz

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEENuxaZEik9e95vv6Y4FrhR4+BTE8FAmY6MfAACgkQ4FrhR4+B
TE+cSg/+NmweREwHFiqTZx26YRKsQHLvsI3JQyt/WqxXoyMCSvLsI1nOEgsFxBIS
hxqD26QtYajM4GNe/QpE/F9P1baTsYaCryIAqK1RSl2h0O7tVxfOVg44tIBeLOIS
HOow6YoJlw3d1QQyVqmxdcWd7BLIxLeqrdKxtQDoRWYZcqBgByfIT+Hyqv+3YE+k
fxLY16otugDpRGq9/XNn0QFA6yPtPBRRCznvRUA8xkqvTcZOit5/0hdu/dlAb8Cm
fSIlSQ8nZbCp559rNDhlKwYNCyHmEA8vDizuBxt3oKA+hfLKOEDc2rVdyxeWT+ms
xJ8wGlFHzhVjuSqMPeLdIdExKxf2Nlhtaa3mqGYtkRSmxLFpLycHbFHOxww39EzU
4ZZw5nZqNk0aY81jMqIg50wNMUQZ1ae6Ia8QJjtYWQDyEpjBeEoQ0J4OmprTDPU5
5JME1sGA1mcMsFIxrplEVbofELZTvLiVCKS2a4C741th8bNWZM0u20aklJNZNx9G
fgHkjt4cVimahvepGYo+80bNpnm8Ms9kxoWc1op0JSOs/D8Tjr+vC43ZdHP4vZYT
0Qgm4nyhBi8JoWlmvQwPp/+RcZ+CVJZ7r/sc1yopiXS2vfrhG3D84N6MmcYTbAMu
PMvOFylNcPjC95JnOC0FPAf7eWvbSiGQNtNS3w/lc1j2CgSVbX0=
=Y1wZ
-----END PGP SIGNATURE-----

Attachment: pgp2mWDIYvzIe.pgp
Description: PGP signature