-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 06 May 2024 21:28:59 +0100
Source: glib2.0
Binary: libglib2.0-data libglib2.0-doc
Architecture: all
Version: 2.74.6-2+deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: all Build Daemon (x86-csail-02) <buildd_all-x86-csail-02@buildd.debian.org>
Changed-By: Simon McVittie <smcv@debian.org>
Description:
 libglib2.0-data - Common files for GLib library
 libglib2.0-doc - Documentation files for the GLib library
Changes:
 glib2.0 (2.74.6-2+deb12u1) bookworm-security; urgency=high
 .
   * d/patches: Backport GDBus fixes from 2.80.1
     - If local users send signals on the D-Bus system bus that spoof a
       trusted sender, do not deliver them to signal subscriptions for the
       trusted sender's well-known bus name (CVE-2024-34397)
     - Fix a use-after-free when subscribing to signals with an arg0
       match rule, originally from 2.79.0 and necessary to make the test
       for CVE-2024-34397 pass reliably
     - Add a local backport of g_set_str(), required by the above
     - Add proposed fix for a race condition that can cause a unit test
       to regress after the above
   * d/gbp.conf, d/control.in: Use debian/bookworm branch for Debian 12
Checksums-Sha1:
 f84812067fc2eea9673fabc324bebb4b8c5802c0 7909 glib2.0_2.74.6-2+deb12u1_all-buildd.buildinfo
 4aa5015ea6ffb6fae63e16cd90dc568d85235917 1208764 libglib2.0-data_2.74.6-2+deb12u1_all.deb
 7a1a0e038a0d0f087b70ed0de5dccc73ec6f7ebb 1518876 libglib2.0-doc_2.74.6-2+deb12u1_all.deb
Checksums-Sha256:
 f1ba53cd345510e84e3f7e56fb014295d2919cf9f38b90a13473608a048cbdfa 7909 glib2.0_2.74.6-2+deb12u1_all-buildd.buildinfo
 f7698188472d338944b193d01ab8b37a26533761530249af9e440a144441934a 1208764 libglib2.0-data_2.74.6-2+deb12u1_all.deb
 3392e8ad8fb8160eb12e637225a61f8be17bf2e2d560c27449d8468690e33ddc 1518876 libglib2.0-doc_2.74.6-2+deb12u1_all.deb
Files:
 057e2433ac20e9f5b847a998c79f2a79 7909 libs optional glib2.0_2.74.6-2+deb12u1_all-buildd.buildinfo
 f782fb70c0f41c8686cabd7036f09586 1208764 libs optional libglib2.0-data_2.74.6-2+deb12u1_all.deb
 19ac5a31d25034bbdeadc23c637fbf60 1518876 doc optional libglib2.0-doc_2.74.6-2+deb12u1_all.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEzcbx6nIE/ydHa1FFigL77i1GSVkFAmY6OpIACgkQigL77i1G
SVlMXg//R/i2h8x6SIQ1I/aFTlsF5zxAF3kQeMjgxH5BW9Pt5Qy6vBT59JhNgUQi
Km2TG3VcyKyXuVGVl1msaEihrl2iwZuwr8ucB62G+H7a1C1ssIBWrMC8VNprMay+
aMgreQ8AKPRnVwU7c6siS3QzSyAcrceg6cBydpy4hOrryQMs5Z3M9o1cFr6kJ7P7
5g8wSLNiB3hxRDMjzfayf18XQHoTs25Jd0lzjaCnV7K+23ahpXBaaY0T5hLw8MYP
TAGM9cTB9pLeXSspBkEKqtXhe7Z2LcgKeGBzKEGsS1bHbLqpkGMRZ/UnJJDize75
0E4+jqFDAN1MUCDqi4EEvu4+ln9uuW9vjrvSnZzjGGPecN12MI0eEGC0kiLT/haq
JN17mfwp1N3qSfpWigdSn4P1ZsTAGlyqcySkLVLCPP9ayVQue8Q1toZJ6dafvSA+
NthlSpOMjdX2lc/mFN6WZen31J/bhttvIDpnCQgB41DC5L/EJRvH2F0Rh2PxDhhk
v1IrWZTWcDp5XMFcd+o+y/SCZztULPVnwGm11yeMEAmli++xjTw1MX09kn2XcZab
gl/2pYi+M0nD903yTUrCHL8KgNoTk5Dg83B8Jt/JUaIun77TyHo0R6Dp3Ndops+Y
vURLobaNnHMFvmbAFRF9c016dHySVg4jzKhkquqB/Irv806OAMM=
=mK41
-----END PGP SIGNATURE-----