-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Mon, 22 Jun 2026 10:38:07 +0200 Source: u-boot Binary: u-boot-tools u-boot-tools-dbgsym Architecture: i386 Version: 2023.01+dfsg-2+deb12u3 Distribution: bookworm-security Urgency: high Maintainer: all / amd64 / i386 Build Daemon (x86-conova-02) Changed-By: Andreas Henriksson Description: u-boot-tools - companion tools for Das U-Boot bootloader Closes: 1056750 1081557 1136954 Changes: u-boot (2023.01+dfsg-2+deb12u3) bookworm-security; urgency=high . * Non-maintainer upload by the LTS Team. * CVE-2024-42040: buffer overread vulnerability in the DHCP implementation. (Closes: #1081557) * CVE-2026-46728: mishandles use of unit addresses in a FIT. (Closes: #1136954) * Remove avr32 arch support removed in dpkg 1.22.0 (Closes: #1056750) - now also leads to dak rejecting uploads even for older suites Checksums-Sha1: 6a1c58b7799abe66d43e8f77677b9559403c480e 753952 u-boot-tools-dbgsym_2023.01+dfsg-2+deb12u3_i386.deb 533453e44b3c090a21340a6abf899924f4723926 208848 u-boot-tools_2023.01+dfsg-2+deb12u3_i386.deb 3feaff52384426c713bc62e1b1604b92e0ee9386 7971 u-boot_2023.01+dfsg-2+deb12u3_i386-buildd.buildinfo Checksums-Sha256: c93b61d7e7c9f59739257d324f96cee731ec3cfafc8cc0eb8a15d91238911980 753952 u-boot-tools-dbgsym_2023.01+dfsg-2+deb12u3_i386.deb 927461111deb63374c9d57c31dd62e01f63c3ecb4ab6010031724a4132be65d7 208848 u-boot-tools_2023.01+dfsg-2+deb12u3_i386.deb 4c62e69eabf13aa51b5b09893f3be606aab3b008bfb1130ff02834158d271e22 7971 u-boot_2023.01+dfsg-2+deb12u3_i386-buildd.buildinfo Files: 80dfb8aa8a0dbcf80f6daf08cbde2125 753952 debug optional u-boot-tools-dbgsym_2023.01+dfsg-2+deb12u3_i386.deb 36cf625e678f3aa5d7f18fe1e01bfe29 208848 admin optional u-boot-tools_2023.01+dfsg-2+deb12u3_i386.deb 69767798513a376e2006ed395b6a2cd8 7971 admin optional u-boot_2023.01+dfsg-2+deb12u3_i386-buildd.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE+i/sCsF3puL4e7qIGNGWmfrqILEFAmo4+28ACgkQGNGWmfrq ILEBQg//QXDSk5dhaM4h0vWfC12EP+EcX+WUoyRNrG2Tn8IUxNMeUpuetr4KPJyD xu1ON+Ay+ltcTp1Gl8ltRSmcnffU6YZoRWoji/3WesU0VWB8mS3h4+MSKYB9EAtj 83qZQ8EnqPhJmqMtfJZ8UQzy9dXPbjmTc7hBcM5y1STp/GRZxDsycvjiWlvn9Ckm h3KyXuILO4NaZpfUJJ2x5MJXIX/F9Ov0phsJ7oKhsknXswKbZZy4pvHOdy8OW92k 5783XR5sIkAofPY1UVB3d4WT+YBiekYcvKjM6tmfZJpd1wzvxMeFpqskiInupBKM p/gopOIJQ5qdacVvjN2nMljc4l4ZUGT/6GJf+zxTs5YKRxuyWanN5vzWVpPxoXS7 DqMLWDFaSDqNbqrq8d2CjekrF2CbX393yv1xhjPS3+BxWZFXZrzbPCD1/TNyGFz0 WqbWr25QAB0unCOfkBpD4LEXBKraOzbhKmrYqGzwmI44AGVzq6SoS5egMl40hJp8 cppO3pFgtgjJ8kjyLOJeDKLC4t/AvieozhgP1ST0tg1CU7hGgneuub6HIwqn3SGH J+zVzI8hgg+A6beJjFOXpyx3+0Dn7Nb/xE9sgxDqEilN+zYDdtE2QjDzdJBGxpWm fCCV5CEMk0yKuhjh/DgqnVwhska8131J6xl0h15jv/qV69b37LU= =+zUS -----END PGP SIGNATURE-----