[ubuntu/oracular-proposed] glib2.0 2.80.1-0ubuntu2 (Accepted)
Jeremy Bícha
jbicha at ubuntu.com
Tue May 7 19:07:15 UTC 2024
glib2.0 (2.80.1-0ubuntu2) oracular; urgency=medium
* Fix doc build
glib2.0 (2.80.1-0ubuntu1) oracular; urgency=medium
* New upstream release
* Drop patches applied in new release
glib2.0 (2.80.0-10ubuntu1) oracular; urgency=medium
* Merge with Debian. Remaining change:
- Don't enable sysprof integration in Ubuntu yet
glib2.0 (2.80.0-10) unstable; urgency=high
* Team upload
* d/patches: Add GDBus security fixes intended to be in 2.80.1
- If local users send signals on the D-Bus system bus that spoof a
trusted sender, do not deliver them to signal subscriptions for the
trusted sender's well-known bus name (CVE-2024-34397)
- Fix a use-after-free when subscribing to signals with an arg0
match rule, originally from 2.79.0 and necessary to make the test
for CVE-2024-34397 pass reliably
- Add a local backport of g_set_str(), required by the above
- Add proposed fix for a race condition that can cause a unit test
to regress after the above
* d/control: Add Breaks on gnome-shell (<< 44.9-2~).
The security fix breaks screen recording and screencasting in older
versions, so we should make sure both changes migrate together.
* Set high urgency for security fix
Date: Tue, 07 May 2024 14:51:49 -0400
Changed-By: Jeremy Bícha <jbicha at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/glib2.0/2.80.1-0ubuntu2
-------------- next part --------------
Format: 1.8
Date: Tue, 07 May 2024 14:51:49 -0400
Source: glib2.0
Built-For-Profiles: noudeb
Architecture: source
Version: 2.80.1-0ubuntu2
Distribution: oracular
Urgency: high
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Jeremy Bícha <jbicha at ubuntu.com>
Changes:
glib2.0 (2.80.1-0ubuntu2) oracular; urgency=medium
.
* Fix doc build
.
glib2.0 (2.80.1-0ubuntu1) oracular; urgency=medium
.
* New upstream release
* Drop patches applied in new release
.
glib2.0 (2.80.0-10ubuntu1) oracular; urgency=medium
.
* Merge with Debian. Remaining change:
- Don't enable sysprof integration in Ubuntu yet
.
glib2.0 (2.80.0-10) unstable; urgency=high
.
* Team upload
* d/patches: Add GDBus security fixes intended to be in 2.80.1
- If local users send signals on the D-Bus system bus that spoof a
trusted sender, do not deliver them to signal subscriptions for the
trusted sender's well-known bus name (CVE-2024-34397)
- Fix a use-after-free when subscribing to signals with an arg0
match rule, originally from 2.79.0 and necessary to make the test
for CVE-2024-34397 pass reliably
- Add a local backport of g_set_str(), required by the above
- Add proposed fix for a race condition that can cause a unit test
to regress after the above
* d/control: Add Breaks on gnome-shell (<< 44.9-2~).
The security fix breaks screen recording and screencasting in older
versions, so we should make sure both changes migrate together.
* Set high urgency for security fix
Checksums-Sha1:
6b2b3365feccc32df199b50440a5835caf50c740 4639 glib2.0_2.80.1-0ubuntu2.dsc
854a81f4e8c58888a14a35eb3f6d3e3a8525ad65 131852 glib2.0_2.80.1-0ubuntu2.debian.tar.xz
861e7603cd0539a71d6f13b74066a5b4338b6298 11681 glib2.0_2.80.1-0ubuntu2_source.buildinfo
Checksums-Sha256:
00f7d8a0c6c87b90bc7f0d2363a3fac64dbfc90164c99be6f2e0b96eb98f292b 4639 glib2.0_2.80.1-0ubuntu2.dsc
8e383d95441e4275ae13ea46e44c8fdc11b3c5adc10f956a606a5646140ab1b0 131852 glib2.0_2.80.1-0ubuntu2.debian.tar.xz
efd770f573fce27b355bafec1d1e5b6a4a65495c8924c2c0766603f494d98fca 11681 glib2.0_2.80.1-0ubuntu2_source.buildinfo
Files:
c26697210ebb514b1dfe939bd8af2c0a 4639 libs optional glib2.0_2.80.1-0ubuntu2.dsc
bcbb2780b3a9bdc7fd9f4c5c0ef32d3c 131852 libs optional glib2.0_2.80.1-0ubuntu2.debian.tar.xz
d4b6fc2bae0630a89f802ba003b30eb8 11681 libs optional glib2.0_2.80.1-0ubuntu2_source.buildinfo
Original-Maintainer: Debian GNOME Maintainers <pkg-gnome-maintainers at lists.alioth.debian.org>
More information about the oracular-changes
mailing list