-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Mon, 27 Apr 2026 22:14:33 +0200 Source: glibc Binary: libc-bin libc-bin-dbgsym libc-dev-bin libc-dev-bin-dbgsym libc-devtools libc-devtools-dbgsym libc6 libc6-dbg libc6-dev libc6-dev-dbgsym libc6-udeb locales-all nscd nscd-dbgsym Architecture: armhf Version: 2.36-9+deb12u14 Distribution: bookworm Urgency: medium Maintainer: armhf Build Daemon (arm-conova-01) Changed-By: Aurelien Jarno Description: libc-bin - GNU C Library: Binaries libc-dev-bin - GNU C Library: Development binaries libc-devtools - GNU C Library: Development tools libc6 - GNU C Library: Shared libraries libc6-dbg - GNU C Library: detached debugging symbols libc6-dev - GNU C Library: Development Libraries and Header Files libc6-udeb - GNU C Library: Shared libraries - udeb (udeb) locales-all - GNU C Library: Precompiled locale data nscd - GNU C Library: Name Service Cache Daemon Closes: 1125678 1125748 1126266 1131435 1131887 1132499 Changes: glibc (2.36-9+deb12u14) bookworm; urgency=medium . * debian/patches/git-updates.diff: update from upstream stable branch: - Fix a performance bottleneck with the Address Sanitizer (ASAN) on 32-bit arm. - Fix _dl_find_object when ld.so has LOAD segment gaps, causing wrong backtrace unwinding. This affects at least arm64. - Add GLIBC_ABI_DT_X86_64_PLT symbol version on amd64. - Fix typo in wmemset ifunc selector that caused AVX2/AVX512 paths to be skipped. - Fix POWER optimized rawmemchr function on ppc64el. - Optimize trylock for high cache contention workloads. - Fix and integer overflow in _int_memalign leading to heap corruption (CVE-2026-0861). Closes: #1125678. - Fix stack contents leak in getnetbyaddr (CVE-2026-0915). Closes: #1125748. - Fix bug in wordexp, which could return uninitialized memory when using WRDE_REUSE together with WRDE_APPEND (CVE-2025-15281). Closes: #1126266. - Fix invalid pointer arithmetic in ANSI_X3.110 iconv module - Fix a typo preventing new tst-wordexp-reuse-mem to run - Fix incorrect handling of DNS responses in gethostbyaddr and gethostbyaddr_r (CVE-2026-4437). Closes: #1131435. - Fix invalid DNS hostnames returned by gethostbyaddr and gethostbyaddr_r (CVE-2026-4438). Closes: #1131887. - Fix random failure of tst-link-map-contiguous-ldso. - Fix a possible crash due to an assertion failure when converting inputs from the IBM139x character sets (CVE-2026-4046). Closes: #1132499. * d/p/amd64/local-revert-x86-64-add-GLIBC_ABI_DT_X86_64_PLT-version.diff: revert addition of the GLIBC_ABI_DT_X86_64_PLT symbol version used as ABI flag, as the dpkg-shlibdeps version in bookworm is not able to handle it (see #1122107). Checksums-Sha1: 33e42cc9651d2cfb5e8d562fac1abe44afffd35d 12891 glibc_2.36-9+deb12u14_armhf-buildd.buildinfo 391a8e51e266a992b43b87a0180156251190dd12 2267188 libc-bin-dbgsym_2.36-9+deb12u14_armhf.deb 1234c099fd1f1609eb25c7e2308925ca7a3a1854 505596 libc-bin_2.36-9+deb12u14_armhf.deb 7ea136011f01ff4031470d8313f4552a13e76a0a 29676 libc-dev-bin-dbgsym_2.36-9+deb12u14_armhf.deb 2098b7b3f310cc3d8e0023a17e042273692e9459 46704 libc-dev-bin_2.36-9+deb12u14_armhf.deb 43a0c301554729aef1dd20ab7049103f0d2c2674 43264 libc-devtools-dbgsym_2.36-9+deb12u14_armhf.deb 8e13c9dfd552964d4b893453d437a45a27e07c5a 56676 libc-devtools_2.36-9+deb12u14_armhf.deb cfec7756eb24c239626cabcd4e1b267ee720fcff 6748588 libc6-dbg_2.36-9+deb12u14_armhf.deb 77cb8b00b237551b5c1678fa5211a64804a21efd 14540 libc6-dev-dbgsym_2.36-9+deb12u14_armhf.deb 2e88e911d23b6d3de48c197afb7ddb96603ac9bc 1270320 libc6-dev_2.36-9+deb12u14_armhf.deb c932cc7688ee91d40ca8f3bce20b81f885c1c24b 769088 libc6-udeb_2.36-9+deb12u14_armhf.udeb 09067e3219971a778c5f02ade0f9ad5955347d4c 2146016 libc6_2.36-9+deb12u14_armhf.deb 0f1137751b0d8eb20b6917e722d7c40f300b4171 10653448 locales-all_2.36-9+deb12u14_armhf.deb e2c000869ffde5ec42dcebe5cf98f9a10105eb58 268820 nscd-dbgsym_2.36-9+deb12u14_armhf.deb b732d486bfba4cc72b01b97385e8d64a4fa9972d 97880 nscd_2.36-9+deb12u14_armhf.deb Checksums-Sha256: e7e9d029bc9ec848287f7568f2abe4fe4fab37e3fbc6d67600d3f275c970c796 12891 glibc_2.36-9+deb12u14_armhf-buildd.buildinfo e023c768b17f33a2ae0680daf17adeb20a6db29ce5c84351942f8048794e7f03 2267188 libc-bin-dbgsym_2.36-9+deb12u14_armhf.deb f80ddaf59a2da5a10974bee1e6e5c02464f94198f255959cafb6df116039dcfa 505596 libc-bin_2.36-9+deb12u14_armhf.deb 26d7e9f1007ce5f347d7ef870ec66604835e737715ed9999199457054e05338c 29676 libc-dev-bin-dbgsym_2.36-9+deb12u14_armhf.deb 1259766964abe371968ab87dbbd3f963ecd3bfc8fd211fc0cdfc7532a461df65 46704 libc-dev-bin_2.36-9+deb12u14_armhf.deb c768e1e5f7fe2a6db96e6c6c4ee90bc5da2ac6ef18f0bbeb84ed61feb80ddf21 43264 libc-devtools-dbgsym_2.36-9+deb12u14_armhf.deb f583f64838622b51d9720a1641f3cb1072b2b92bb639f320e3c4b0f158bd5b85 56676 libc-devtools_2.36-9+deb12u14_armhf.deb fccd21832ccfe3e79e6bbc04ff4d3d1c6e901781017aecfb8a28987bec4620d7 6748588 libc6-dbg_2.36-9+deb12u14_armhf.deb 7966ee7d88f233be7b636ffbb1d5c3c41b09f2e805085d3efe3a389adf46cbbb 14540 libc6-dev-dbgsym_2.36-9+deb12u14_armhf.deb ca9486dc7f2dfb25c61c0c93d561c01f8abdf9866bd4c157f0ccd518295bbbb7 1270320 libc6-dev_2.36-9+deb12u14_armhf.deb cfea55cf4c26b260f1b794638945b9856aac80c4af905aec5b835d2069d072c3 769088 libc6-udeb_2.36-9+deb12u14_armhf.udeb 758c68b92654747025b48476a45c315bf16df1321224abdd9be672bfd120be45 2146016 libc6_2.36-9+deb12u14_armhf.deb 17ff23500c8fea939b5e72542a21ce0ce168efadead6117ff47c8c98f5a93c1d 10653448 locales-all_2.36-9+deb12u14_armhf.deb 8082a0ec5e5dd1a14f361c1110ae88f785d25cf25b4d80f32e27e0fd542881b4 268820 nscd-dbgsym_2.36-9+deb12u14_armhf.deb 71a9f13e316b731e875f10ca3159e75c028b7593034c253100af66bd2fac9adf 97880 nscd_2.36-9+deb12u14_armhf.deb Files: 695a30888de79ee5f3b04d18fdfb46aa 12891 libs required glibc_2.36-9+deb12u14_armhf-buildd.buildinfo e53b8df6bc46b83232fb4d08a279c1f3 2267188 debug optional libc-bin-dbgsym_2.36-9+deb12u14_armhf.deb 5c6e4d5c656cd614ef4440c66a0156f3 505596 libs required libc-bin_2.36-9+deb12u14_armhf.deb 3d1351d6df0bb3cec1ca9607f4930db5 29676 debug optional libc-dev-bin-dbgsym_2.36-9+deb12u14_armhf.deb 742d91409a37d155551b72422255e031 46704 libdevel optional libc-dev-bin_2.36-9+deb12u14_armhf.deb c8bd6f3696d305eb0bfac54661d8d61c 43264 debug optional libc-devtools-dbgsym_2.36-9+deb12u14_armhf.deb 81aeb5d196fa9aa772d0798d3a9aad54 56676 devel optional libc-devtools_2.36-9+deb12u14_armhf.deb 5b7dd36b7e158d1967376d25fcd8f89f 6748588 debug optional libc6-dbg_2.36-9+deb12u14_armhf.deb 32595e1cec2ddb632e7bdf9ab1e1acd4 14540 debug optional libc6-dev-dbgsym_2.36-9+deb12u14_armhf.deb 5c6f502695850694a1cd07f7e48fd97f 1270320 libdevel optional libc6-dev_2.36-9+deb12u14_armhf.deb b1dd807fcba41b843a721e3cf98092de 769088 debian-installer optional libc6-udeb_2.36-9+deb12u14_armhf.udeb 4e811d515f3a8ca808d1587117e662ef 2146016 libs optional libc6_2.36-9+deb12u14_armhf.deb 20f4b1a336d14c381ee6c3dc06567a55 10653448 localization optional locales-all_2.36-9+deb12u14_armhf.deb dc618dcf097e98d91c3c7ef17b882e5a 268820 debug optional nscd-dbgsym_2.36-9+deb12u14_armhf.deb 03337b77f80e6a85b9697c57883fe994 97880 admin optional nscd_2.36-9+deb12u14_armhf.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEO4qAQUSIo2p/kVRf8U6eOZMpj68FAmn3xWwACgkQ8U6eOZMp j69qlg/9EKQ0qMwl7rFDi9Ybat6ivmLflQhz5dAZEbGwgbyfqHQcTSS/rLttf/bC mLNsDqw7JyKgboy/zGmJ+knOH+Xlu0m00Ir0H0wLgdISzfJ4Q8EursTZmm7TLkXg Qvu0d+37K1w4A987FsnYGpdgQkeXccGhcpu3MaarRwd2dufSGspU0oMdV8QHe/H5 KNBGOfjVsZ4ObEirxtX/yjI+sdNNGzagbkrux+CNaJG9li7kICh05K7nZfsNTpvD TYOW+SV15UWhkHkfNyAKlhEF26amL3kXay5q0WHz7OhC9z45/zgSON2w4xEKqgSV ++7E5mgoIoinvTXOxtdtDkfa+q8Q0rM7SjijXfpXnW/9ZsXXFc7favzPedLSbMdz HQieJboUQqeJLWSfDKMgrPKzythNZcPB8Hv5MQIgNLD/U7rZM/couuhbC7xEXw32 wSQ85hnQ7G4CPeMP4LBqIY02eEZGYx9iWh4uV8YFU8x1PUcF5FOUqtmvHf85abgU u13lkA+lF0iPQXcqodhSpewI8YNdm9ZAXhsZO6qmxc8m0pskBjGe4fOzBZXYt3KE bDaU6k5akI0JL03AhM0nbzxPhcnLqjmrk2E3xo19MFt8rHGal63dJ67muAWS/0Tu tdSip8UWSE04iNV1u9cRkzgMNGLyhSw6wQmTe78gFvnHcVrZU6g= =rIuE -----END PGP SIGNATURE-----