-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 01 Oct 2025 02:06:28 +0200
Source: u-boot
Binary: u-boot u-boot-dbgsym u-boot-rpi u-boot-rpi-dbgsym u-boot-tools u-boot-tools-dbgsym
Architecture: armel
Version: 2023.01+dfsg-2+deb12u2
Distribution: bookworm
Urgency: medium
Maintainer: arm Build Daemon (arm-conova-02) <buildd_arm64-arm-conova-02@buildd.debian.org>
Changed-By: Daniel Leidert <dleidert@debian.org>
Description:
 u-boot     - A boot loader for embedded systems
 u-boot-rpi - A boot loader for Raspberry PI systems
 u-boot-tools - companion tools for Das U-Boot bootloader
Closes: 1098254
Changes:
 u-boot (2023.01+dfsg-2+deb12u2) bookworm; urgency=medium
 .
   * Non-maintainer upload by the Debian LTS team.
   * d/patches/CVE-2024-57254.patch: Add patch to fix CVE-2024-57254.
     - Fix an integer overflow in sqfs_inode_size (closes: 1098254).
   * d/patches/CVE-2024-57255.patch: Add patch to fix CVE-2024-57255.
     - Fix an integer overflow in sqfs_resolve_symlink (closes: #1098254).
   * d/patches/CVE-2024-57256.patch: Add patch to fix CVE-2024-57256.
     - Fix an integer overflow in ext4fs_read_symlink (closes: #1098254).
   * d/patches/CVE-2024-57257.patch: Add patch to fix CVE-2024-57257.
     - Fix a stack consumption issue in sqfs_size possible with deep symlink
       nesting (closes: #1098254).
   * d/patches/CVE-2024-57258-1.patch, d/patches/CVE-2024-57258-2.patch,
     d/patches/CVE-2024-57258-3.patch: Add patches to fx CVE-2024-57258.
     - Fix multiple integer overflows (closes: #1098254).
   * d/patches/CVE-2024-57259.patch: Add patch to fix CVE-2024-57259.
     - Fix an off-by-one error resulting in a heap memory corruption in
       sqfs_search_dir (closes: #1098254).
Checksums-Sha1:
 f569718217bc239c4565fd204e3ca450b2c197a5 49308 u-boot-dbgsym_2023.01+dfsg-2+deb12u2_armel.deb
 edcab34e100f257857fcef8ca30c336e51f05344 45404 u-boot-rpi-dbgsym_2023.01+dfsg-2+deb12u2_armel.deb
 5e4adb2457b7a000687540772c9e6bea989ba63a 242420 u-boot-rpi_2023.01+dfsg-2+deb12u2_armel.deb
 142db7c142bcf74d9ae4ee42578384b02f131b30 730120 u-boot-tools-dbgsym_2023.01+dfsg-2+deb12u2_armel.deb
 9b90eb9e27573977be1a65266d09de235d8a37bf 174452 u-boot-tools_2023.01+dfsg-2+deb12u2_armel.deb
 e8844f7fb3d8d340e93ebee306b5c50afe54cb92 9118 u-boot_2023.01+dfsg-2+deb12u2_armel-buildd.buildinfo
 469d16cfbe4bf6e5db6c22af2e8036c83b6dd28a 578336 u-boot_2023.01+dfsg-2+deb12u2_armel.deb
Checksums-Sha256:
 37ec8a54ba3491439ee3e7c5598794fc90aad5c4e56388f6ce88473ebd3ef6dd 49308 u-boot-dbgsym_2023.01+dfsg-2+deb12u2_armel.deb
 5c37dc1e1fa1567134b5aedc216f279f77ec809fa53daf7f209af7d4f23e84ce 45404 u-boot-rpi-dbgsym_2023.01+dfsg-2+deb12u2_armel.deb
 ef66242309adf361f436b9853ab947a9c970760b1a804fa126e407c577eb857c 242420 u-boot-rpi_2023.01+dfsg-2+deb12u2_armel.deb
 0ab13b10331659afb8802b7eb3abeeeb24db2d5aae83206c9926bd748b0acc84 730120 u-boot-tools-dbgsym_2023.01+dfsg-2+deb12u2_armel.deb
 1f43ff48854aafe9b5704c6dbb35024564d5929348f7ee3fdf887b87d3ae4290 174452 u-boot-tools_2023.01+dfsg-2+deb12u2_armel.deb
 4dfd5f8c86568d9fc05cf4a66555e05fee93d14863f783eb1f1578b85430f7d9 9118 u-boot_2023.01+dfsg-2+deb12u2_armel-buildd.buildinfo
 a0e23156317b50128bfef2f5899b7575460e49696021e3e149c08fb429a7b971 578336 u-boot_2023.01+dfsg-2+deb12u2_armel.deb
Files:
 5453ade8a769ae74edb0ca7bf7acedec 49308 debug optional u-boot-dbgsym_2023.01+dfsg-2+deb12u2_armel.deb
 1e8d564d818b34c9db554de9d3203691 45404 debug optional u-boot-rpi-dbgsym_2023.01+dfsg-2+deb12u2_armel.deb
 356a1796875c348c4da2d23601cd1ab5 242420 admin optional u-boot-rpi_2023.01+dfsg-2+deb12u2_armel.deb
 98ec724af46677f5fae8ad98c41c4bee 730120 debug optional u-boot-tools-dbgsym_2023.01+dfsg-2+deb12u2_armel.deb
 a601e4bc473d3c16bed36c9141a757dc 174452 admin optional u-boot-tools_2023.01+dfsg-2+deb12u2_armel.deb
 698f728a8cacd31a6aadef755ebd5ccf 9118 admin optional u-boot_2023.01+dfsg-2+deb12u2_armel-buildd.buildinfo
 46e4b3b89475dc4cc8dc8198b7cff59b 578336 admin optional u-boot_2023.01+dfsg-2+deb12u2_armel.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEWHj9K9pO9l4btbD1OQKMdMnEH5MFAmk1vVwACgkQOQKMdMnE
H5NSDxAA5OD0nYzmnD60TtIzvi7PIvtIkbVP++X3Ig6qZosNwKQcEiU/evlaieLr
mspmZqczijTCkUYunxFEHsu7pKfxzDQshwu2dACk90BSPbx0o47XLS85Clwz2/6k
1BXgl9q9yc2bKUoEuVGy7n+CBxGGF4DzihxgSIdUyO5LCS00zyYdgkdBz4enQM/x
fi6/9x0Tkg4hhaNHwItxDgYSpuRnke099QsGs1WT+QLAl7RQrqtF6SWS/CKTxI7G
PfgFrZlEWbtHL4Dbx5Jby9/Qeth55gimS3vo0ReWU4OxJ4H+88Md3xCEniMlyTqA
khItSN6AsHYPgtPeRe+qYsNeBtAMpB8w5NdSVEHGJAKudSTTuwweLMaRZ88mX+Lh
yr3GQ4XOrnVNy7mbfPOXQtuCSokEhA4hu+pETjQopMlU4B/PRCLFjfdPCSWWmJer
NrCHHFnHgZ+H65Kg+KkIdhk7sVpzF8W5XcmUOvug/b6Nwp/CAg0T0+fuYKA03gbV
aepuHMZ9pnPj538ohjSeTmxwk7IXPBWRSuZHyadTjRf8VHr8GGFCNfO06wrLAYvR
Gz+0IbdtrD2n6//OgqMVOOgj5zhmsdkiYG5n9U2Lvy/H5epL6dsB7JTqxm16oHxB
0AtHUHPTSeZSc9w4FSW/oVmvHT/7/U9Gf5ZI6gLBCEba0aHoRb0=
=1tbw
-----END PGP SIGNATURE-----