-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 01 Oct 2025 02:06:28 +0200 Source: u-boot Architecture: source Version: 2023.01+dfsg-2+deb12u2 Distribution: bookworm Urgency: medium Maintainer: Vagrant Cascadian Changed-By: Daniel Leidert Closes: 1098254 Changes: u-boot (2023.01+dfsg-2+deb12u2) bookworm; urgency=medium . * Non-maintainer upload by the Debian LTS team. * d/patches/CVE-2024-57254.patch: Add patch to fix CVE-2024-57254. - Fix an integer overflow in sqfs_inode_size (closes: 1098254). * d/patches/CVE-2024-57255.patch: Add patch to fix CVE-2024-57255. - Fix an integer overflow in sqfs_resolve_symlink (closes: #1098254). * d/patches/CVE-2024-57256.patch: Add patch to fix CVE-2024-57256. - Fix an integer overflow in ext4fs_read_symlink (closes: #1098254). * d/patches/CVE-2024-57257.patch: Add patch to fix CVE-2024-57257. - Fix a stack consumption issue in sqfs_size possible with deep symlink nesting (closes: #1098254). * d/patches/CVE-2024-57258-1.patch, d/patches/CVE-2024-57258-2.patch, d/patches/CVE-2024-57258-3.patch: Add patches to fx CVE-2024-57258. - Fix multiple integer overflows (closes: #1098254). * d/patches/CVE-2024-57259.patch: Add patch to fix CVE-2024-57259. - Fix an off-by-one error resulting in a heap memory corruption in sqfs_search_dir (closes: #1098254). Checksums-Sha1: 9ed3f49e9d36874697926430ae96b782031b45d1 3618 u-boot_2023.01+dfsg-2+deb12u2.dsc f4b94556f10cf7ff07807c3b1390ee190ca8028c 15684556 u-boot_2023.01+dfsg.orig.tar.xz ad853c8432c8bb77abb364a1a86ab44d5b477457 54632 u-boot_2023.01+dfsg-2+deb12u2.debian.tar.xz a76921823de8a5d34e65044ca1abe3283c9eb643 13227 u-boot_2023.01+dfsg-2+deb12u2_amd64.buildinfo Checksums-Sha256: 44dfd4b096bd5b0b74af51b077369a9cc0d53ecc1f1b7c6641bbbf62069b4005 3618 u-boot_2023.01+dfsg-2+deb12u2.dsc e75da6f089d063aaef39a1c17f1631791d87700662624e18de2121fa39a1ed44 15684556 u-boot_2023.01+dfsg.orig.tar.xz a59895767ff702302b8dbfdbcb570f2a3a3e1c44f3ececdd43bcef8d6a00ecdd 54632 u-boot_2023.01+dfsg-2+deb12u2.debian.tar.xz 2657e2f53491386e6e63269ed90ff6a1ed744d0aa408b436e8bb6485f4d1f118 13227 u-boot_2023.01+dfsg-2+deb12u2_amd64.buildinfo Files: fa813de6ba4f47bf71401ea3e90de21f 3618 admin optional u-boot_2023.01+dfsg-2+deb12u2.dsc 745c3ae196dd1c8b0128b600cd919741 15684556 admin optional u-boot_2023.01+dfsg.orig.tar.xz 971fe169156920d02d72df1887e6a64b 54632 admin optional u-boot_2023.01+dfsg-2+deb12u2.debian.tar.xz 7de72f5de8b86c63be03566bf8aec171 13227 admin optional u-boot_2023.01+dfsg-2+deb12u2_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEvu1N7VVEpMA+KD3HS80FZ8KW0F0FAmk1WjEACgkQS80FZ8KW 0F29VBAAslFgVcIqUpeiDUxlvdyfX2eW3F890OkfS75HwkvVbj3ngbjHfPP/N+q1 Gze2A/hBrPucGWzqilXgsUnnJqnkAD+xR9B83+yVugOmscdIQkzPzIP7EsmV5ChH 6s1RZ8/R0oQRAcQunKl3twsxVJpxySosF6qGhiNzArJtZFtIT6GKXeyybRgGQdo8 qE5Fec2kVVSF1ytMn+dlWr7x/jObrdDsrQpKy+eJWo49f81lFcBxSU1vapOupFDj rniQfLQ4ORiGjdnh/YTRhOshxqC6qS2AxzEgUoKuGsSip4FBafb9LM/hPlcg8EtP INGZODyl11OkvnE6F00hZelFbCSp6zQ82TtuWNj96PrAOjHNGmeSdZYmNtOoRciW wzX9dCVO7oqfU8gCoGk3GnWZzXCDpnk0sWWbh73dKTS0u7sSyAgNzGteB2GFwk0F Pyx4jBPDZt4Yw28CyLVYpS+dCzN96iYU08sSpbOOGTy+rdxcQpKFsyCgRzenrIoG WMcyj3QuNk8ZcGyQ8gclz4kz3JLGJF0wbE1Lb5kb8k4Kq5a2imiWxiaGBtyRypVt ts253oU7mwNDJMPaE8+Vs37T6nSHldI4uq20L6laAB5ejHuggdX1b7bD9JeAR8zp 4himwxq4ceH8r3n2NOhydg2ner+W9Kr9IUriKtdc74liRTDgJ90= =PYN/ -----END PGP SIGNATURE-----