-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sat, 07 Mar 2026 13:15:41 +0100 Source: dpkg Binary: dpkg dpkg-dbgsym dselect dselect-dbgsym libdpkg-dev Architecture: armhf Version: 1.21.23 Distribution: bookworm Urgency: medium Maintainer: armhf Build Daemon (arm-conova-03) Changed-By: Guillem Jover Description: dpkg - Debian package management system dselect - Debian package management front-end libdpkg-dev - Debian package management static library Closes: 1061404 1065575 1070010 1107971 1108192 1129722 Changes: dpkg (1.21.23) bookworm; urgency=medium . [ Guillem Jover ] * dpkg-deb: Fix cleanup for control member with restricted directories. Reported by zhutyra on HackerOne. Fixes CVE-2025-6297. * Perl modules: - Dpkg::BuildDriver::DebianRules: Fix uninitialized Perl variables. Closes: #1107971 - Dpkg::BuildDriver::DebianRules: Fix R³ dpkg/target/ values handling. * Code internals: - libdpkg: Fix varbuf memory leak in pkg_source_version(). - dpkg-deb: Initialize threads_max in no-uniform-compression mode. - libdpkg: Handle tar long GNU names and links not being NUL terminated. Closes: #1061404 - libdpkg: Do not segfault when adding triggers in no-act mode. Closes: #1108192 - libdpkg: Terminate zstd decompression when we have no more data. Reported by Yashashree Gund . Closes: #1129722 Fixes CVE-2026-2219. * Build system: - Build gitlab CI images for bookworm instead of sid. * Localization: - Fix typos in Swedish man pages translations. Closes: #1065575 - Update Swedish translations. Thanks to Peter Krefting . Closes: #1070010 . [ Helge Kreutzmann ] * Localization: - Update German man pages translation. Checksums-Sha1: 924ed6e1c2f2f58c963a10b594e098fad5af2442 1117848 dpkg-dbgsym_1.21.23_armhf.deb 82a5760f597d4ad32efb8209fdc27f81ebc9e698 7588 dpkg_1.21.23_armhf-buildd.buildinfo 7b2fb49dd544a9838772b7256e391849fddf88ed 1522020 dpkg_1.21.23_armhf.deb fcc5b6e77e9deef128dfbf9f08d9d156206d0fff 261456 dselect-dbgsym_1.21.23_armhf.deb c0c8b041e661f99c23858eb457cd0bec64abb775 548992 dselect_1.21.23_armhf.deb 0a2cbeed53bdd0e2e0c5eb3911ca5c022ae0ada0 345768 libdpkg-dev_1.21.23_armhf.deb Checksums-Sha256: d2be185b8635c292c61857ec59ba10f06660a85dfbac2adaad571c68538aeb20 1117848 dpkg-dbgsym_1.21.23_armhf.deb f8df4189f1d09135c507ea3f5c8978d5217903d148b4dd558c0155148563b2ff 7588 dpkg_1.21.23_armhf-buildd.buildinfo 53c66ba6e645e5a4b7df0bfd9d6559d8905f1d4190ee891fc530940b4a7eb038 1522020 dpkg_1.21.23_armhf.deb 84288461f1feb061ccc33b52e2bfa13433df0f864ae8b627cc90feeed7d6ab10 261456 dselect-dbgsym_1.21.23_armhf.deb 4e0343f7c1bdda29c7f488c4e7e329178b3dd2a1abb301fff044e7cb237a24c2 548992 dselect_1.21.23_armhf.deb 24ff1d233ea9b496cd2842f61392b1afd468a14ada5ad86b91c4b6aabf9dc7ed 345768 libdpkg-dev_1.21.23_armhf.deb Files: 4d94af9e7445045c3d05baa03c84ef0b 1117848 debug optional dpkg-dbgsym_1.21.23_armhf.deb d45fddc5213c1b81ce63d6c19afd5d50 7588 admin required dpkg_1.21.23_armhf-buildd.buildinfo 7a8f284fa75b966dc740fb21d02ab1a4 1522020 admin required dpkg_1.21.23_armhf.deb 75cf98736a6940f7cffd708ec413636e 261456 debug optional dselect-dbgsym_1.21.23_armhf.deb 7ddedba70a62b64a153534a9c556ee4c 548992 admin optional dselect_1.21.23_armhf.deb 20af90e93daeeefd639258ac939dd960 345768 libdevel optional libdpkg-dev_1.21.23_armhf.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEElFiH1oZRZh1t4FSiXVp1sEH/1mIFAmn3xYMACgkQXVp1sEH/ 1mI92g/8DJdYdibeRRgufKoFl9to03qm6xOdezWMUlDmQSC+5NimjNuy76KINhlA EY5ErMku4oy5cUBP/ElrGZeBVAICMZ221+aa7t8gprhZ47Ouz/c83L81Q9PR1xgt PcZVt4f9mayXooFOWtIHhK7xWM0PedERLbgE+H7ruM5OhZ/ardYEZFt0m60AmIiK c5VXd5fbynM+vzUI+Tcsxo/1YOGBveukz6J+s7Vri+8cyRcmv/WeE2VK24xAFDu6 3BkfEcIdtc5EdNhw3AvLIwv6/f+ynXXw0JBkFTMoYxhbqZpiqiy3QLrZtLx8PliJ 5Hhws50AFhye3R3XdOr6BOGAdGl/HQ7wT8gX9iVKsG79dICGZwFVBIGJ7y4+LCuj H7oy8O+huPiMM4ilMvw8xr7l6dmdPAxt7WkJvASNkq63AgjlHYhCsdo5GRQGAKTo +0cdHjouj10ometxxSerRNXbXa2uI+DtOskr8zsgYWVN0jX9ox6bnXw4MVVev7cp WwRGCE9qTE+9e6nFLIPxBswASmmjL7WzVNS5MvLgp7xnIzwITl6WavObjrkI3JVV 9DcVXPo6QukTIzRWrbxDGvbAXiboY4jnv6NIEaKdM8WRAQ2CvqoEPgZWO593o1jG YDAP3gpdONqgbAl0E8wzslBwBOz7oIdRtMwFeDXVtWghLh18/tM= =X4I8 -----END PGP SIGNATURE-----