-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Mon, 27 Apr 2026 22:14:33 +0200 Source: glibc Binary: libc-bin libc-bin-dbgsym libc-dev-bin libc-dev-bin-dbgsym libc-devtools libc-devtools-dbgsym libc6 libc6-dbg libc6-dev libc6-dev-dbgsym libc6-udeb locales-all nscd nscd-dbgsym Architecture: armel Version: 2.36-9+deb12u14 Distribution: bookworm Urgency: medium Maintainer: armel Build Daemon (arm-conova-02) Changed-By: Aurelien Jarno Description: libc-bin - GNU C Library: Binaries libc-dev-bin - GNU C Library: Development binaries libc-devtools - GNU C Library: Development tools libc6 - GNU C Library: Shared libraries libc6-dbg - GNU C Library: detached debugging symbols libc6-dev - GNU C Library: Development Libraries and Header Files libc6-udeb - GNU C Library: Shared libraries - udeb (udeb) locales-all - GNU C Library: Precompiled locale data nscd - GNU C Library: Name Service Cache Daemon Closes: 1125678 1125748 1126266 1131435 1131887 1132499 Changes: glibc (2.36-9+deb12u14) bookworm; urgency=medium . * debian/patches/git-updates.diff: update from upstream stable branch: - Fix a performance bottleneck with the Address Sanitizer (ASAN) on 32-bit arm. - Fix _dl_find_object when ld.so has LOAD segment gaps, causing wrong backtrace unwinding. This affects at least arm64. - Add GLIBC_ABI_DT_X86_64_PLT symbol version on amd64. - Fix typo in wmemset ifunc selector that caused AVX2/AVX512 paths to be skipped. - Fix POWER optimized rawmemchr function on ppc64el. - Optimize trylock for high cache contention workloads. - Fix and integer overflow in _int_memalign leading to heap corruption (CVE-2026-0861). Closes: #1125678. - Fix stack contents leak in getnetbyaddr (CVE-2026-0915). Closes: #1125748. - Fix bug in wordexp, which could return uninitialized memory when using WRDE_REUSE together with WRDE_APPEND (CVE-2025-15281). Closes: #1126266. - Fix invalid pointer arithmetic in ANSI_X3.110 iconv module - Fix a typo preventing new tst-wordexp-reuse-mem to run - Fix incorrect handling of DNS responses in gethostbyaddr and gethostbyaddr_r (CVE-2026-4437). Closes: #1131435. - Fix invalid DNS hostnames returned by gethostbyaddr and gethostbyaddr_r (CVE-2026-4438). Closes: #1131887. - Fix random failure of tst-link-map-contiguous-ldso. - Fix a possible crash due to an assertion failure when converting inputs from the IBM139x character sets (CVE-2026-4046). Closes: #1132499. * d/p/amd64/local-revert-x86-64-add-GLIBC_ABI_DT_X86_64_PLT-version.diff: revert addition of the GLIBC_ABI_DT_X86_64_PLT symbol version used as ABI flag, as the dpkg-shlibdeps version in bookworm is not able to handle it (see #1122107). Checksums-Sha1: dff58f2230e15c7c37ffcba79f59aca793f0fb58 12889 glibc_2.36-9+deb12u14_armel-buildd.buildinfo 5ba0876cd90f27e2047c52121315749974aeea3f 2283336 libc-bin-dbgsym_2.36-9+deb12u14_armel.deb bc9b42bca9bb025143e4811766f115adbd99c3ab 496560 libc-bin_2.36-9+deb12u14_armel.deb 51c7c7d19a8c0e75967cb3cd5888b4f7a6901379 29332 libc-dev-bin-dbgsym_2.36-9+deb12u14_armel.deb acba5e1afaedc14c234874ccb3c0807675a94850 46736 libc-dev-bin_2.36-9+deb12u14_armel.deb 827ab7a1787613e8e5c85e45af0298414716f82e 43180 libc-devtools-dbgsym_2.36-9+deb12u14_armel.deb 24a57fb50ae3ee6e5aa954e2c19f3e4c64010031 57316 libc-devtools_2.36-9+deb12u14_armel.deb 112f6b423dc3f1bbfe90887238cac63be53ad4c8 6873692 libc6-dbg_2.36-9+deb12u14_armel.deb 9c49500bc7d175ba8d0b9f76795c2e7e60e4cb02 14368 libc6-dev-dbgsym_2.36-9+deb12u14_armel.deb cea5fc448eba7f79834253785cd5b35629e9ccfc 1295196 libc6-dev_2.36-9+deb12u14_armel.deb 5a6802fb55de43b5bbbc1ce6540e42c35d63164a 787196 libc6-udeb_2.36-9+deb12u14_armel.udeb fa3da884948ec025a58dbdb45c992e790af935a5 2141784 libc6_2.36-9+deb12u14_armel.deb 8d22c4ad36920ecd9a5f8b01caba235fd4f20154 10653344 locales-all_2.36-9+deb12u14_armel.deb 035dcdf807144f7c647f53bdfbef65ebc3625afe 267308 nscd-dbgsym_2.36-9+deb12u14_armel.deb 3cfd7bbd6efad3981e4c8a42757fae86e1e3262b 97052 nscd_2.36-9+deb12u14_armel.deb Checksums-Sha256: ae6d7a22c17884cbe121bd390def6a561b55b36d0a2cb954947c1a976b105233 12889 glibc_2.36-9+deb12u14_armel-buildd.buildinfo a4dc6d4297a2036b42f59ae1aaa72712030e30e4ee2de2a7dcbed74e3916090b 2283336 libc-bin-dbgsym_2.36-9+deb12u14_armel.deb ec07a9ba6521e0e5bbe37c64f0a86bf8c14391d169b2506212f5b7351d02d619 496560 libc-bin_2.36-9+deb12u14_armel.deb 6e177abedcc34874550595cbcc85355b640651a14fd5e4f8d7bf6c4ebf9e0dc0 29332 libc-dev-bin-dbgsym_2.36-9+deb12u14_armel.deb f25d3f539fa6abe3e320fac545f3ffa4d94dfeab62905be1cb898c07aa7296bc 46736 libc-dev-bin_2.36-9+deb12u14_armel.deb 0dd0fbf16e05043766ceb2c201893150fc6b5e6cc14840f3fd785f517c18bb15 43180 libc-devtools-dbgsym_2.36-9+deb12u14_armel.deb 50d34b186557f719bee9d3e394ae6712cd0c2eff62efdc338245454616861ea2 57316 libc-devtools_2.36-9+deb12u14_armel.deb 8259c718cd21d632a6f1d045af4167189be307bf89c2a5161204132e310e830b 6873692 libc6-dbg_2.36-9+deb12u14_armel.deb bbcc360e93c588e52889a1258dcb7fef990d108d6aa86af69dcb5a4c6d5d878e 14368 libc6-dev-dbgsym_2.36-9+deb12u14_armel.deb f3a7f1a276d8676fe9ae60298577b7f33cc5c4571a2c2960f616ce80f24c6045 1295196 libc6-dev_2.36-9+deb12u14_armel.deb a0232da69a0862fcf0995ed3bcd0791ac0156d04b9bbf29ebc7a65b6af414a32 787196 libc6-udeb_2.36-9+deb12u14_armel.udeb 5eb674d8a73cccad372a7d35878209fc403266da1c23eb5974cdadb69de4091e 2141784 libc6_2.36-9+deb12u14_armel.deb 7c70072ae9f06422c9f79318c564af3843f09b0b9d1887f93e992a60186f6056 10653344 locales-all_2.36-9+deb12u14_armel.deb 3c2167ec3396d8212b79b02cc0817c8002e11b212011615b47c04d1c2bb64a77 267308 nscd-dbgsym_2.36-9+deb12u14_armel.deb 3330c8cc3a5e671bf945dfc913cbb4809ea7153f826a602a9cc1b928100197b7 97052 nscd_2.36-9+deb12u14_armel.deb Files: 18eba9a6d5528d6d706c898d8c8c9f92 12889 libs required glibc_2.36-9+deb12u14_armel-buildd.buildinfo 04338463f3ab4239d0a0e3efb5e12d24 2283336 debug optional libc-bin-dbgsym_2.36-9+deb12u14_armel.deb 39cd1f98344c1fc8f41f61ff76ee9a00 496560 libs required libc-bin_2.36-9+deb12u14_armel.deb 8623b94b957e2076fb0adc693c105fd2 29332 debug optional libc-dev-bin-dbgsym_2.36-9+deb12u14_armel.deb b1a014fad30e34b4189dd1a60b838375 46736 libdevel optional libc-dev-bin_2.36-9+deb12u14_armel.deb fa91bb5de16a4a1e218228d0dfd59839 43180 debug optional libc-devtools-dbgsym_2.36-9+deb12u14_armel.deb 775cb14713d1a966d8ef14572b88101e 57316 devel optional libc-devtools_2.36-9+deb12u14_armel.deb c87a6a4a073646792c9eb3c4e762c726 6873692 debug optional libc6-dbg_2.36-9+deb12u14_armel.deb 9aa3ffb5f62c7c68c38cdfc8ac50f39b 14368 debug optional libc6-dev-dbgsym_2.36-9+deb12u14_armel.deb 75072180aeeb3755293844862e607926 1295196 libdevel optional libc6-dev_2.36-9+deb12u14_armel.deb 33543d530c63c7e5cf613cb527a64ee3 787196 debian-installer optional libc6-udeb_2.36-9+deb12u14_armel.udeb dca84f3beab3781ff915f47e5dea8ed7 2141784 libs optional libc6_2.36-9+deb12u14_armel.deb 24ac6e33ae8527ab23153b6757a38382 10653344 localization optional locales-all_2.36-9+deb12u14_armel.deb 0fde82c515c0035e420b420e4ab65e95 267308 debug optional nscd-dbgsym_2.36-9+deb12u14_armel.deb a706cb794dae9be5fd069cc85aa64796 97052 admin optional nscd_2.36-9+deb12u14_armel.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEWHj9K9pO9l4btbD1OQKMdMnEH5MFAmn3xm0ACgkQOQKMdMnE H5NPlxAA8XBu71d9f09b1h+x+mFpc/PmH0cufN4NNaTAGVgrUg9VKO1nMtXOK5Nd v/bDQrmHOvf3sgKvRKkPnP2jXeGIxylb8nHiUIuW9eKnKTRaEfsJeghNzPPpbX4Z 558oQFdP8K8ZeJELHIzPu7DbY+EPM8iBFRqgqvep8kPKkm3Q0/0wLrRrlN6G7LS2 8eA+/Wsv3tiKMIp9xdRFJATgnoIsC6rfnwEvPvltWTbTMqXZRhmtG0DWfF7JWCgR +5ca5W4RUvuwWEP29H0ydPrtlYaW0sbPxPsUBAcVhoZdN76aWd6gFCvfd0hBjeso 8v388bsBarY3d5lTeLbBG5kyXye0UUlcdKq2MspDk1eMuLRSIp7ZL1+th6Y/n/nz iQeD1+D0nWJ8B+RyDIpH3kQ+OBiAyaSED6FhmQP+PYw4Vs6NTqoOL3BXLnki2SQZ A8txczwdGxd+uLKhtDzJSWsdAJSTmIVrYQbZvEXXUFmx4WF73jpoj+9QEQJP1yuG 9HflWZDgiKl9Jqvu8kwJaUVkE4YVPaGguUTwLRCCRFAQudJopNLSoiEKWUSk9bfq mGmVX/FxCzR7505DLRt3Hh/S49sW9o0yXXM9LOJoY7Vcl58H8TXWfj08+hkIvnLl jHxBQ9OhR52eApZ6ftMkSA3sbaY8MB+VIb758QNeEyhBKyMWAzg= =WkSC -----END PGP SIGNATURE-----