glib2.0_2.74.6-2+deb12u9_source.changes ACCEPTED into oldstable-proposed-updates->oldstable-new
Debian FTP Masters
ftpmaster at ftp-master.debian.org
Tue Mar 17 15:52:31 GMT 2026
Thank you for your contribution to Debian.
Mapping bookworm to oldstable.
Mapping oldstable to oldstable-proposed-updates.
Accepted:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Fri, 13 Feb 2026 12:35:33 +0100
Source: glib2.0
Architecture: source
Version: 2.74.6-2+deb12u9
Distribution: bookworm
Urgency: medium
Maintainer: Debian GNOME Maintainers <pkg-gnome-maintainers at lists.alioth.debian.org>
Changed-By: Andreas Henriksson <andreas at fatal.se>
Closes: 1119919 1125752 1126549 1126550 1126551
Changes:
glib2.0 (2.74.6-2+deb12u9) bookworm; urgency=medium
.
* Non-maintainer upload by the LTS Security Team.
* Add patch to fix timezone handling with Debian & Ubuntu's symlinks
(Closes: #1119919) (LP: #2130378)
* CVE-2026-0988: Missing input validation in g_buffered_input_stream_peek
(Closes: #1125752)
* CVE-2026-1484: Integer overflow in base64 encoding can cause memory corruption.
(Closes: #1126551)
* CVE-2026-1485: Buffer underflow vulnerability in content type parsing
caused by (signed) integer wrap for large inputs. (Closes: #1126550)
* CVE-2026-1489: Integer overflow in unicode conversion
can lead to memory corruption. (Closes: #1126549)
Checksums-Sha1:
4245c2b141ff74fcfd92bd5d54cf96e0b08fcb2b 3669 glib2.0_2.74.6-2+deb12u9.dsc
ed894bc4a82445f4f7b867a9da045f35d4b16b34 267596 glib2.0_2.74.6.orig-unicode-data.tar.xz
c924652ae8526754e765bbe9cc6ffe6885a7fedf 5217312 glib2.0_2.74.6.orig.tar.xz
4eefc944c454c040a916da14856635afa4c83b17 158056 glib2.0_2.74.6-2+deb12u9.debian.tar.xz
192cb3dc14f646ff731686a346dbfc95836a6faa 8237 glib2.0_2.74.6-2+deb12u9_source.buildinfo
Checksums-Sha256:
bd8e8cd8d251c2365a02258bf4d6c44721289ac44c3a2477c140ce253bdb4b41 3669 glib2.0_2.74.6-2+deb12u9.dsc
dabcaff9298aa111a94e580561d2f29371f3e61b356c925ec5e0792df2b11ff2 267596 glib2.0_2.74.6.orig-unicode-data.tar.xz
069cf7e51cd261eb163aaf06c8d1754c6835f31252180aff5814e5afc7757fbc 5217312 glib2.0_2.74.6.orig.tar.xz
ccfe76a05463099331f31fc2fde1677ce3c5e0d054112890541b511c0b3321ff 158056 glib2.0_2.74.6-2+deb12u9.debian.tar.xz
10333244450e85eb801f8688ecc3676d1908be5d17e6bf53122f008e80f8dca5 8237 glib2.0_2.74.6-2+deb12u9_source.buildinfo
Files:
3693eca9d90c117ff6817eb6c46036be 3669 libs optional glib2.0_2.74.6-2+deb12u9.dsc
b04bd93cfba7c4035f152578abe28c32 267596 libs optional glib2.0_2.74.6.orig-unicode-data.tar.xz
38f81d4a06c03e667b1f4d73cb803da8 5217312 libs optional glib2.0_2.74.6.orig.tar.xz
c99433da33bedd893d98108a3a9e9e24 158056 libs optional glib2.0_2.74.6-2+deb12u9.debian.tar.xz
6baf20a6e6faca946b83660511027aa1 8237 libs optional glib2.0_2.74.6-2+deb12u9_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE+uHltkZSvnmOJ4zCC8R9xk0TUwYFAmm5cqoACgkQC8R9xk0T
UwZBVw/+Pkjtm+Fs0WIVxOM38Ni65oPebAE//larC5L4zt1iZod7nF5N6T4XK4bQ
TGdIYZUIgY32Hde5gfBRfn6cP1Gj4HViQt0XA5oMNI+X/OWFv4ZdbrfTiHNTj0gJ
be6UXifjUzzpg2zCtskxRdpAPgoGmOfDtw3XJQ0oIV+rln56TIojQBERwssUNm08
uvBvIQofiNt9sabBwabtT/YdJhwmYgohlvhVIfgw1UIsm5EWtnj9x15FkEaWdvji
eDwAcpwcy/Qx+aITUICVtqcwj2vVgIcNfDoz7gQ7RwuwaU5uKv9AiKPZwxoZB4sC
XoHoaDE5iMzqBZAalSTsE+QfSyI73SfKf0KGpBuY9F6MohcKQ/5HasUsJDpkis/9
pB5VHJWWoy9zbHeR6nG5NCnr1SiToX1uGqshST81C2lonA2mxW1vJNTp6hPwpPQ9
DSLZFFb3CHWo0MA5cpbhwroqp0aNu3mjZIex/rr0q2NIpmAYSaTNyTSv0A3eKEYL
bBR+2tQxO2JYB3YHdn4NeeIJ0DUzOBlcZFHvwihbCDvLUqO/uP84R4qnn+nhYCcP
whVNup5miPH/4pgvbEL2dQGKoixWCuorGTXkvMqcK8zgNT40Nj4pxqEmHcqf8S/U
qesLsaOSWYJvsGMyjIzh+S7FGP2vJcD3nVMTO3Fr6eKAkHxNQb0=
=BGMt
-----END PGP SIGNATURE-----
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 228 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-gnome-maintainers/attachments/20260317/bfe7c28c/attachment-0001.sig>
More information about the pkg-gnome-maintainers
mailing list