-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sat, 07 Mar 2026 13:15:41 +0100 Source: dpkg Binary: dpkg dpkg-dbgsym dselect dselect-dbgsym libdpkg-dev Architecture: armel Version: 1.21.23 Distribution: bookworm Urgency: medium Maintainer: armel Build Daemon (arm-conova-04) Changed-By: Guillem Jover Description: dpkg - Debian package management system dselect - Debian package management front-end libdpkg-dev - Debian package management static library Closes: 1061404 1065575 1070010 1107971 1108192 1129722 Changes: dpkg (1.21.23) bookworm; urgency=medium . [ Guillem Jover ] * dpkg-deb: Fix cleanup for control member with restricted directories. Reported by zhutyra on HackerOne. Fixes CVE-2025-6297. * Perl modules: - Dpkg::BuildDriver::DebianRules: Fix uninitialized Perl variables. Closes: #1107971 - Dpkg::BuildDriver::DebianRules: Fix R³ dpkg/target/ values handling. * Code internals: - libdpkg: Fix varbuf memory leak in pkg_source_version(). - dpkg-deb: Initialize threads_max in no-uniform-compression mode. - libdpkg: Handle tar long GNU names and links not being NUL terminated. Closes: #1061404 - libdpkg: Do not segfault when adding triggers in no-act mode. Closes: #1108192 - libdpkg: Terminate zstd decompression when we have no more data. Reported by Yashashree Gund . Closes: #1129722 Fixes CVE-2026-2219. * Build system: - Build gitlab CI images for bookworm instead of sid. * Localization: - Fix typos in Swedish man pages translations. Closes: #1065575 - Update Swedish translations. Thanks to Peter Krefting . Closes: #1070010 . [ Helge Kreutzmann ] * Localization: - Update German man pages translation. Checksums-Sha1: 69d313c78bebe1dd5a512c19a7bf8ee047b17360 1099072 dpkg-dbgsym_1.21.23_armel.deb 5925212fd0edd388170296e23f3f8af7cfcebe8f 7586 dpkg_1.21.23_armel-buildd.buildinfo 152f2bf3eea018d5fe8ee6880ab30c2e0f98a434 1514824 dpkg_1.21.23_armel.deb 08dfee139e7be6b3c8a8f7b28c853b00b6c12676 258384 dselect-dbgsym_1.21.23_armel.deb db7719cd235204fb644b6877209089ee62c5f402 547780 dselect_1.21.23_armel.deb 081c542f636b107132caaaba9d3b86da23e35fbf 346324 libdpkg-dev_1.21.23_armel.deb Checksums-Sha256: 4727d739cf32dc3eee78956de281aa11f462b9d9d0bd122397fee89252ab5425 1099072 dpkg-dbgsym_1.21.23_armel.deb 2d728a14dce0213bddbf0f45c942d94457b3c67908fc7a587809b90533b4f31e 7586 dpkg_1.21.23_armel-buildd.buildinfo bfc53f278deeba238bf835c032b31e81b9ddc4b8a35836488d9ca35483e4cdce 1514824 dpkg_1.21.23_armel.deb 5273b2b872c55c05be8f65c97251a46ebb98f231695a3bfa0fa46a64997425df 258384 dselect-dbgsym_1.21.23_armel.deb f916fd1ae878ae9c47eed30f16853d6920511946a7177978a9c93727f1bac5b0 547780 dselect_1.21.23_armel.deb c82d7a658d9e31a8fbbab0574c314098aafa0ecb079b6ae5fbd638a19deaf4ca 346324 libdpkg-dev_1.21.23_armel.deb Files: 2e1ee3383e61d4c0917d9bb2ed2b35d6 1099072 debug optional dpkg-dbgsym_1.21.23_armel.deb 3304abe755b347838829beac4b1a2da3 7586 admin required dpkg_1.21.23_armel-buildd.buildinfo 531b3354b926fc4d6ac2bf821a1b53f2 1514824 admin required dpkg_1.21.23_armel.deb c4d98e5f99d0ad5a77c1b9e3d4dd269f 258384 debug optional dselect-dbgsym_1.21.23_armel.deb ee5183fe81fc996f2cfae935476cf561 547780 admin optional dselect_1.21.23_armel.deb 7a967ace312064dff5090f8714348241 346324 libdevel optional libdpkg-dev_1.21.23_armel.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEYxmcRLDHP0tCCM0oScpU3dYulLgFAmn3wYgACgkQScpU3dYu lLhUHQ//bqBiRurI1P8OFBE3PCb8iPOgrZlLBvFJwG2beKDCg7bswYQ4TYS21KqA mid/jUVl5XU+jmyeFTXJ4Lja3f1W6RhdERIOLGn1vSc8Hr8sruk2I9j407KM8jWN V5+bI4CXL397HUUw0W1iAfl8zB44RPnIXFDKLn9R1Ue8V1qR7A+md/2neDkZbXeE vnKjVpDsncRKUJ/lW0AGhSxyoC6fbcpbLXLH+e1mkLB+MJ8TOef57xSQrH641kY5 +AlodqqOgY5mw4NJjWeKyoIBKCEkIiXXSVqsdzt2JtFHw2h1hmTn+iOq5s7tIihl crPcYu8J4zgJXmXaryztDee25Z9yDqezk8CLxKocZShyt3H3Ea+KAI6bgM7vrTh1 rYYSzB/rkJoxz6VZU+ILkpvEu7MnfzLriYNtX4P3jw3eym2isAJ9xTY+03u52tSy osmTwD3ieI2WbFGmlUKZD68PXud0vz2QHkw1AlieelCaEZHluoaSRuGlzsLB3ctq QlOrWnsDGlpwGQky4d5UzauINVql3Bvkudl9QRFJ3VBt2uhvIvG1Q6uK2eltsYwT HO+tbUjiZkeT+P5gk/GwqtFEuNArpBNlkCvY7LTLB/JLttBGoxJzGC+d9Ao3opLj W/H+x+DFfS5FoGRpQb+o8gd/GRj7GyqBdBId36iH5nL53caVSiI= =h7RM -----END PGP SIGNATURE-----