-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 30 Apr 2024 23:57:11 +0200 Source: glibc Architecture: source Version: 2.31-13+deb11u10 Distribution: bullseye-security Urgency: medium Maintainer: GNU Libc Maintainers Changed-By: Aurelien Jarno Changes: glibc (2.31-13+deb11u10) bullseye-security; urgency=medium . * debian/patches/local-CVE-2024-33599-nscd.patch: Fix a stack-based buffer overflow in nscd netgroup cache (CVE-2024-33599). * debian/patches/local-CVE-2024-33600-nscd.patch: Fix a null pointer dereferences in nscd after failed netgroup cache insertion (CVE-2024-33600). * debian/patches/any/local-CVE-2024-33601-33602-nscd.patch: Fix a DoS in nscd in case of memory allocation failure (CVE-2024-33601) and a memory corruption in nscd when the underlying NSS callback function does not use the buffer space to store all strings (CVE-2024-33602). Checksums-Sha1: 238811deda60ea3a7dce9e0fac9cd0bd1a44e546 8351 glibc_2.31-13+deb11u10.dsc 8d3b353db627e39b81421a743ea9d3ae2a7ed433 965724 glibc_2.31-13+deb11u10.debian.tar.xz c74d054ea4f339d4777179562eb58e02236718e0 9274 glibc_2.31-13+deb11u10_source.buildinfo Checksums-Sha256: 44074406fbc83225b0c498b95cc8cd50b98be4007048082ba5b07e94f3735c6e 8351 glibc_2.31-13+deb11u10.dsc 540a944da49803b9d8b5053a0390bc476688761168a1917ad1a22b6969182eaa 965724 glibc_2.31-13+deb11u10.debian.tar.xz cc14bdbcdad80a2c4af53746258c82be81b7cd4957730ceaee3d3f292b295c33 9274 glibc_2.31-13+deb11u10_source.buildinfo Files: afb030b9d32f88947cc29b827b307d2d 8351 libs required glibc_2.31-13+deb11u10.dsc b5d79c05efed19437bbe5ad811b53cb1 965724 libs required glibc_2.31-13+deb11u10.debian.tar.xz bd3e09b8a4bf3c02a85dc0e1c2853557 9274 libs required glibc_2.31-13+deb11u10_source.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEUryGlb40+QrX1Ay4E4jA+JnoM2sFAmYxabAACgkQE4jA+Jno M2tMug//T2/k+gwpQ4IkNz84fV7e6aHk8It3OFZ7DB3pStOwExCz5FJ/lBqlwiBq xI8VwFwnzIJV3wS4c+3yGpHpEC5b1JUh1Z+IhhYCbqxfOawcI6FTCzThO0AYvhGl HZlKELs/HtTmwFgTtX0lLJD7TcxJf6uoX5b3BaarvAOsr6dV5hh4Ef9/unE4sWCA 2EW7vGJx2d8cZVwSwWZCv6Deu+MFHlWwX+lCQtCzHjNkYTS2lte/98nb5X4EWs8m CKPGlWpxSCdz/i5vI1aIGZ8P9wYP8v6+4jRc/Hl+Qp0Hzf0rbiWuwgqgNLdaV+Cn dS+qCSFH9pdJ4LD25R9qDRw+HUMS6jRXsAOD1SSdL3aSjifCUI70eLdI8F/bjwGu KQeRCeqEMTYLO5Xj5YUUoFw78jhSI/d7K1DGSjksxC28Fdqxn8seI5uSsP7bPl9x qYvk5SvPfg0BJLUIP0+RtedyG33nDSDqUxjec3bFLh7hY2JwbUzHtp+2a2GcJSrU qhEEufTMwUDoBrwd0Hp0QZSw4rv/xf38cAgHqjSMhgi83nAbOyy69BQdYQDuRVC3 8M7UJiGN50TyWYUQmfniJeME+oQ57XsZ0KGXBm6jyu4KpFchmHJ2IqHYBmFxks1Z QZLdVlbKQHeW/La9f0bLVPjPaHxB4mrUJnvUXX0x1UYtDaNLsLY= =bAIp -----END PGP SIGNATURE-----