-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 30 Apr 2024 23:57:11 +0200 Source: glibc Binary: libc-bin libc-bin-dbgsym libc-dev-bin libc-dev-bin-dbgsym libc-devtools libc-devtools-dbgsym libc6 libc6-dbg libc6-dev libc6-udeb locales-all nscd nscd-dbgsym Architecture: arm64 Version: 2.31-13+deb11u10 Distribution: bullseye-security Urgency: medium Maintainer: arm Build Daemon (arm-ubc-03) Changed-By: Aurelien Jarno Description: libc-bin - GNU C Library: Binaries libc-dev-bin - GNU C Library: Development binaries libc-devtools - GNU C Library: Development tools libc6 - GNU C Library: Shared libraries libc6-dbg - GNU C Library: detached debugging symbols libc6-dev - GNU C Library: Development Libraries and Header Files libc6-udeb - GNU C Library: Shared libraries - udeb (udeb) locales-all - GNU C Library: Precompiled locale data nscd - GNU C Library: Name Service Cache Daemon Changes: glibc (2.31-13+deb11u10) bullseye-security; urgency=medium . * debian/patches/local-CVE-2024-33599-nscd.patch: Fix a stack-based buffer overflow in nscd netgroup cache (CVE-2024-33599). * debian/patches/local-CVE-2024-33600-nscd.patch: Fix a null pointer dereferences in nscd after failed netgroup cache insertion (CVE-2024-33600). * debian/patches/any/local-CVE-2024-33601-33602-nscd.patch: Fix a DoS in nscd in case of memory allocation failure (CVE-2024-33601) and a memory corruption in nscd when the underlying NSS callback function does not use the buffer space to store all strings (CVE-2024-33602). Checksums-Sha1: 53a6cc9842df43f29985b08a0519062b46bc40a4 12055 glibc_2.31-13+deb11u10_arm64-buildd.buildinfo 8722895957b47395cb56961b14ac3b96cc6e9208 1801768 libc-bin-dbgsym_2.31-13+deb11u10_arm64.deb 42aabbf2106e20b33dc47a69ba849c919b57f089 744052 libc-bin_2.31-13+deb11u10_arm64.deb ef14dc5a62c4a47f0997a568324520a3fdd86bcd 114036 libc-dev-bin-dbgsym_2.31-13+deb11u10_arm64.deb c2c376a11f5ed9fab2ab7b6e729d6f9e46d28456 272884 libc-dev-bin_2.31-13+deb11u10_arm64.deb c8ea11b28a0ac7cdd9d8b2e5938d7b142f1629b2 40816 libc-devtools-dbgsym_2.31-13+deb11u10_arm64.deb ec912c27f9d88a77e98e117ebe06d7ee4519ef34 245328 libc-devtools_2.31-13+deb11u10_arm64.deb 3be1e09e3d4171fab413cad16a592ad878c6baa8 6721252 libc6-dbg_2.31-13+deb11u10_arm64.deb dea513f39cda1a45f90dae9212a6b89758f7e6d8 2029220 libc6-dev_2.31-13+deb11u10_arm64.deb fadb4fec1c33586a0325400bdcde89a2000239d7 933724 libc6-udeb_2.31-13+deb11u10_arm64.udeb a787e102aa2b0b5b400138a38900f02775ae26c8 2456012 libc6_2.31-13+deb11u10_arm64.deb 85acae3cc1dd35261f2e1fc07f28946b977c50a7 10753588 locales-all_2.31-13+deb11u10_arm64.deb 0812f2a6dd06ca2921aeed613a4fb7e1be88e329 231644 nscd-dbgsym_2.31-13+deb11u10_arm64.deb e233163ffef70280a6987760c82858fb514b4278 285100 nscd_2.31-13+deb11u10_arm64.deb Checksums-Sha256: c3dfb95ce485ad0da84575ae8fd01172bad11c6a8b100a824fe8e623ddd15f0d 12055 glibc_2.31-13+deb11u10_arm64-buildd.buildinfo 3398777d84a00770bc7ebda3a32860dbfa354941b971bf5cebf3b0af38409e40 1801768 libc-bin-dbgsym_2.31-13+deb11u10_arm64.deb 4e7ee4c974d148e331a975cafdf2420e5fb64e3a2a1184bd698b216460b1a183 744052 libc-bin_2.31-13+deb11u10_arm64.deb 0f606b5290c0fdb2135ae5d6a4b00cba00285d2d5025142eb405ff7ba2ba5fbc 114036 libc-dev-bin-dbgsym_2.31-13+deb11u10_arm64.deb a61fd2d7703b7826903e1ad4286ce3e625c4930d917fe2869fdaa97e0103ab13 272884 libc-dev-bin_2.31-13+deb11u10_arm64.deb c45c97fbe7bac5d80e17b77998858901ba5e74f48f09843c268552b2088b0b35 40816 libc-devtools-dbgsym_2.31-13+deb11u10_arm64.deb f4725805496044ae2468b5d037bbe44b39ceec3c52fa8bfafc05629dcc61f35e 245328 libc-devtools_2.31-13+deb11u10_arm64.deb 8b492ebd4fbe42a0630e4f5d87171390809f03e8219a302e9ac638d0039a1e32 6721252 libc6-dbg_2.31-13+deb11u10_arm64.deb 31f5206f1f5dac390e0ee89faa0a189c8389aeaadf50249b5006c08c87c41eb2 2029220 libc6-dev_2.31-13+deb11u10_arm64.deb 0532b477ae322f7cc50f58c8eec1be638c6c2f80900cfae1058eb5f03fc8505c 933724 libc6-udeb_2.31-13+deb11u10_arm64.udeb fc98fcad48de0694e451c2749603a08cf56247ef67f1e0921f63ca81b6319692 2456012 libc6_2.31-13+deb11u10_arm64.deb 9c821ce7ebc084e9f5e27ac25312a7e4fa891cdca927e99aae0c63c9cf43831d 10753588 locales-all_2.31-13+deb11u10_arm64.deb 7f9db8b23afa22d28af1aa6911ecfe34b6feb4d73e9eddc397cd2a14972d38ca 231644 nscd-dbgsym_2.31-13+deb11u10_arm64.deb 7575c6740b7ce2b4b549c867a5311dab1417dd02b726aba0857ed8344da9f1d8 285100 nscd_2.31-13+deb11u10_arm64.deb Files: 304dc6c6cb1e7b8762d2b90e3686d980 12055 libs required glibc_2.31-13+deb11u10_arm64-buildd.buildinfo 17f8a9a33b8ca98b8ed35f3fbfe0926c 1801768 debug optional libc-bin-dbgsym_2.31-13+deb11u10_arm64.deb be93a07588a97d520078a45141d36d42 744052 libs required libc-bin_2.31-13+deb11u10_arm64.deb 2cfeef073d3f6bc119a5ea7d3ec4adb5 114036 debug optional libc-dev-bin-dbgsym_2.31-13+deb11u10_arm64.deb caf684d097f699c7af3a975f4cdc9a60 272884 libdevel optional libc-dev-bin_2.31-13+deb11u10_arm64.deb b27cf0660b1a90ae43955bab6082d719 40816 debug optional libc-devtools-dbgsym_2.31-13+deb11u10_arm64.deb a96a9145102d0641cbabbb8c0e3388c8 245328 devel optional libc-devtools_2.31-13+deb11u10_arm64.deb 13e8588b17cd2e8ed004a26d7ae0394a 6721252 debug optional libc6-dbg_2.31-13+deb11u10_arm64.deb 0bba815401d44405316a220d2098ab64 2029220 libdevel optional libc6-dev_2.31-13+deb11u10_arm64.deb f9d4a0a4d5aec769d9e5dddc9a275bc6 933724 debian-installer optional libc6-udeb_2.31-13+deb11u10_arm64.udeb 0a68bf2f38eff4093151050d482a0e54 2456012 libs optional libc6_2.31-13+deb11u10_arm64.deb 1260c25196b8742d1e3eb039fa63eacb 10753588 localization optional locales-all_2.31-13+deb11u10_arm64.deb 9a13f10239bce138f37a3e3e361809b2 231644 debug optional nscd-dbgsym_2.31-13+deb11u10_arm64.deb 8022f66d4d68d1324eadf42c22873ca9 285100 admin optional nscd_2.31-13+deb11u10_arm64.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE0+FegZ3qs8CHnZkx+XaKpT5fkBIFAmYxgFwACgkQ+XaKpT5f kBJHMxAAw8WWFTAddsORFk/jznccFpH6V61nI/xyS2YS/PZAIfvGmCV0iR5EJoJy tF7am41mSlGsoumyZz2HePGQgqMkR0sj9k02Ko7WmnDD0Qv8sH/3pPMzuuHUz2f+ PfoX7q+ybyLFcz6BTHdTJjmv/0E0+BJy+k/Ga7ux/gMYMDhPmSnEDR+/H85X4RqX ox6nVAj8xskUkTqgNTg0qOnblVNhzTnxTaD7a1m4atB9mHsBVHit9cJKeJS0okPt xswaH6QJKLaz9Q2cX13UQVL5mWcOQeoPj/J2+FCLsd5N/Mkgl640l6ySG3ItLKLq k4nZd3MCzxBmBAjLctLpNEkL5RO63K7Q+5rneRpXFGBVtI0xe+rXXApFQwRlu3co vTZtxDYI+6klfP7e3x6QbibEPHGRbnTALdGNDmcFMMTbVd6A8XPHcvvFcnlNSqd8 359keF9YzyeBUzB/DvtjJGMzDpTWxvOou6dRE3SJCnIoSWs5UgYtkQqfVS2RkQ9i bUCcNcbanAuigiOs6H4yBYjAKAEBZjEeUNBmKII0knUnbp3xRrkytciv0XMfWepk y9fIbHaJy4wNbeXbIKnzCr0dhutwKffWgDDOecu39WPu87y8IMPrVHfZoi0B+gPi AqMpKX5Wa2FdmSXui0f/Y+3POgD6Qf4CAhewsuT4aQgMcMjpY6s= =6ezz -----END PGP SIGNATURE-----