glib2.0_2.66.4-2_source.changes ACCEPTED into unstable

Wed Jan 27 21:18:25 GMT 2021

Accepted:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Wed, 27 Jan 2021 11:33:06 +0000
Source: glib2.0
Architecture: source
Version: 2.66.4-2
Distribution: unstable
Urgency: medium
Maintainer: Debian GNOME Maintainers <pkg-gnome-maintainers at lists.alioth.debian.org>
Changed-By: Simon McVittie <smcv at debian.org>
Closes: 977961
Changes:
 glib2.0 (2.66.4-2) unstable; urgency=medium
 .
   * d/patches: Update patch series to upstream commit 2.66.4-18-g872181c4f
     (excluding Windows-specific changes)
     - Security hardening: in GIO, ignore various environment variables
       if GIO is (inadvisably) used in a setuid process without sanitizing
       the environment first, similar to CVE-2012-3524
     - Reject very long date strings early, instead of spending time
       normalizing and parsing them
     - Fix recursion in GPrivate
   * d/p/spawn-Don-t-set-a-search-path-if-we-don-t-want-to-search-.patch:
     Make the g_spawn family only search PATH if G_SPAWN_SEARCH_PATH is used.
     Previously, they would sometimes search /usr/bin:/bin:. for an
     executable they should have only loaded from the current working
     directory. In particular, this made gtk+3.0 fail its build-time tests
     if ImageMagick display(1) happened to be installed. (Closes: #977961)
Checksums-Sha1:
 281f4efcf645262994ecaa9240a4c6ae95bbd04c 3386 glib2.0_2.66.4-2.dsc
 13d0c4654e112115eccc1eabcad178a99e337498 104948 glib2.0_2.66.4-2.debian.tar.xz
 5f4f9b41747b67741c559aad29a2725e4faa580f 7884 glib2.0_2.66.4-2_source.buildinfo
Checksums-Sha256:
 d2c21ef86e308b136e23c7a73bcf166a2bd21866bc086b65756edb7c827768c5 3386 glib2.0_2.66.4-2.dsc
 ce847bdda56dff8346aa25476513c53d0008051f9a16d2e2282458ec40dcf52a 104948 glib2.0_2.66.4-2.debian.tar.xz
 364a7f80113484a6aa8b966522158899ff7fb44f10671ee9f9ec285287089351 7884 glib2.0_2.66.4-2_source.buildinfo
Files:
 19aa2273d0d7c5c3c93b7346a13a2015 3386 libs optional glib2.0_2.66.4-2.dsc
 72f978576c0b5850094cb8ac31f9d635 104948 libs optional glib2.0_2.66.4-2.debian.tar.xz
 14ee3104839ef3d9a54c04d0ad4d98a0 7884 libs optional glib2.0_2.66.4-2_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEENuxaZEik9e95vv6Y4FrhR4+BTE8FAmAR1hQACgkQ4FrhR4+B
TE8Frg/+PIocHtqNIdYSa0UY5vDDqoiRUJmMY6a/xm2KUp2BVfbm2jdAXKIQ+oI6
xuajh0wn7nKck7GJHHr9EGQu3+QZO+a2kiNf6re9pqLpC30EKEd6RKj/DZQkF3P/
N4uvS60VQ8E0YHLFmRJa5f0R7KLIX9Vff42ptA8R6OmZ2x3iFGis/Qi/LDHfAiSF
mMi0vCkNoVNzlsGZkzRcWUyakL7QBDhXhTZ0ySFDLlucnYYMo+jtdeOHNA0auvjQ
isSdDcqqs01MuaCoc5DVhb3+r/KEZUgAON15pM1ZJKIK6AhtJAB8k/VYMdzKdmUK
7ix3kPQqgn2GlGkhZpRcgbSpW8XTXGByHYLmR8yYgnZ+i57/mr6lyeTe5VHjqnSa
rU5EIaTdhfv6h+kFdvAEUIqqCwh4RNP1zS0XUmTpbGH2X2TZUkvBhyyMiggJ17BC
c0NPvIxyllfHnglozjFCg1+8+fX+2H5lq3ZsJ+M+dURog6REAHSn4n4gMR+Gl2b0
laeatKian9GbLfT55u5UnP9R4wqnNMwGNk91Gr5lr4Y+JB6UpBb+PEaeLn/kprlY
ClgtxXn+5jyBd64ONP6JSvovJwWSUJXK3XEUvUpg0rLg++G9IVJ1L4zwj6fmZQyW
wyFFCV5V6+9NfP6rqey0CdFfgyM6KoH+FmLsmflr7EFoQ5Q/+7w=
=9Rqb
-----END PGP SIGNATURE-----

Thank you for your contribution to Debian.