Accepted glib2.0 2.58.3-2+deb10u5 (source) into oldoldstable

To: debian-lts-changes@lists.debian.org, dispatch@tracker.debian.org
Subject: Accepted glib2.0 2.58.3-2+deb10u5 (source) into oldoldstable
From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Date: Mon, 25 Sep 2023 16:20:22 +0000
Message-id: <[🔎] E1qkoJq-0009Ji-6f@seger.debian.org>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Mon, 25 Sep 2023 11:21:56 -0300
Source: glib2.0
Architecture: source
Version: 2.58.3-2+deb10u5
Distribution: buster-security
Urgency: medium
Maintainer: Debian GNOME Maintainers <pkg-gnome-maintainers@lists.alioth.debian.org>
Changed-By: Santiago Ruano Rincón <santiago@freexian.com>
Changes:
 glib2.0 (2.58.3-2+deb10u5) buster-security; urgency=medium
 .
   * Non-maintainer upload by the LTS Team
   * Add debian/salsa-ci.yml using lts-team/pipeline for buster
   * Fix several GVariant-related issues:
   * CVE-2023-29499: GVariant deserialization fails to validate that the input
     conforms to the expected format, leading to denial of service.
   * CVE-2023-32611: GVariant deserialization is vulnerable to a slowdown issue
     where a crafted GVariant can cause excessive processing, leading to denial
     of service.
   * CVE-2023-32665: GVariant deserialization is vulnerable to an exponential
     blowup issue where a crafted GVariant can cause excessive processing,
     leading to denial of service.
Checksums-Sha1:
 6a27026dbcde82d4d7b69942c2179f38fec807e7 2729 glib2.0_2.58.3-2+deb10u5.dsc
 bf36847f994bf7961ab0a3bb7afb8e63bce241aa 130900 glib2.0_2.58.3-2+deb10u5.debian.tar.xz
 2fbcf91bdaa7bc5016899a20c8e6d0e818eec1af 11644 glib2.0_2.58.3-2+deb10u5_amd64.buildinfo
Checksums-Sha256:
 59c25e933d20f4f711c4b6685fbfeb46f1df344aa0e09c862b77fcaef94c57d3 2729 glib2.0_2.58.3-2+deb10u5.dsc
 5c9d1dc438c0a8923eaf65391e04906230d06a71426dc1aa6df785b12a4d21d4 130900 glib2.0_2.58.3-2+deb10u5.debian.tar.xz
 68430aff8cdab2ebfa8542b40052e1a489ff7265f7efb4ff3de38453853ed224 11644 glib2.0_2.58.3-2+deb10u5_amd64.buildinfo
Files:
 c9c7fe5ccab432f00a2e92c73620ea68 2729 libs optional glib2.0_2.58.3-2+deb10u5.dsc
 e8ad6cbb292b5a3662ff4d03046c968c 130900 libs optional glib2.0_2.58.3-2+deb10u5.debian.tar.xz
 afe5fce0ffc60782ec80b90f68a4ee32 11644 libs optional glib2.0_2.58.3-2+deb10u5_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iHUEARYIAB0WIQRZVjztY8b+Ty43oH1itBCJKh26HQUCZRGupwAKCRBitBCJKh26
HdkjAQCvvvAgdAdu02xHS/5y7XNyC4eXLi7fQhvSFZdHTf1/vQD9Hd+2Uf6olSdf
+1lW68gfW5Lz9SDwRRJpLz1HjpMlVQM=
=CgRb
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: Accepted ghostscript 9.27~dfsg-2+deb10u9 (source) into oldoldstable
Next by Date: Accepted netatalk 3.1.12~ds-3+deb10u4 (source) into oldoldstable
Previous by thread: Accepted ghostscript 9.27~dfsg-2+deb10u9 (source) into oldoldstable
Next by thread: Accepted netatalk 3.1.12~ds-3+deb10u4 (source) into oldoldstable
Index(es):
- Date
- Thread