-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sat, 07 Mar 2026 13:15:41 +0100 Source: dpkg Binary: dpkg dpkg-dbgsym dselect dselect-dbgsym libdpkg-dev Architecture: i386 Version: 1.21.23 Distribution: bookworm Urgency: medium Maintainer: amd64 / i386 Build Daemon (x86-csail-01) Changed-By: Guillem Jover Description: dpkg - Debian package management system dselect - Debian package management front-end libdpkg-dev - Debian package management static library Closes: 1061404 1065575 1070010 1107971 1108192 1129722 Changes: dpkg (1.21.23) bookworm; urgency=medium . [ Guillem Jover ] * dpkg-deb: Fix cleanup for control member with restricted directories. Reported by zhutyra on HackerOne. Fixes CVE-2025-6297. * Perl modules: - Dpkg::BuildDriver::DebianRules: Fix uninitialized Perl variables. Closes: #1107971 - Dpkg::BuildDriver::DebianRules: Fix R³ dpkg/target/ values handling. * Code internals: - libdpkg: Fix varbuf memory leak in pkg_source_version(). - dpkg-deb: Initialize threads_max in no-uniform-compression mode. - libdpkg: Handle tar long GNU names and links not being NUL terminated. Closes: #1061404 - libdpkg: Do not segfault when adding triggers in no-act mode. Closes: #1108192 - libdpkg: Terminate zstd decompression when we have no more data. Reported by Yashashree Gund . Closes: #1129722 Fixes CVE-2026-2219. * Build system: - Build gitlab CI images for bookworm instead of sid. * Localization: - Fix typos in Swedish man pages translations. Closes: #1065575 - Update Swedish translations. Thanks to Peter Krefting . Closes: #1070010 . [ Helge Kreutzmann ] * Localization: - Update German man pages translation. Checksums-Sha1: c667f47265030ac8fb32970d9a02345b7803ebff 1059368 dpkg-dbgsym_1.21.23_i386.deb 0afb9eca7a4d3c3c8d793b7a118ae0da39d69a2b 7644 dpkg_1.21.23_i386-buildd.buildinfo 4e886915306893c574edee2dc0cafffe0e4f3164 1591624 dpkg_1.21.23_i386.deb fa382bc7c7a5ee7acb447b148ea9af42542a49e1 224128 dselect-dbgsym_1.21.23_i386.deb b5a82dbfe9277229047109822ee89cb77a971688 572304 dselect_1.21.23_i386.deb 6623b376b7e7fa7661cd245f7681fe7d60ef346b 369232 libdpkg-dev_1.21.23_i386.deb Checksums-Sha256: 3046948aa0145bb40af052f216e9e376ad40a0f6f30760843abd290704aed82d 1059368 dpkg-dbgsym_1.21.23_i386.deb b1508e38df6817da8c50924dcad7c2cbdcbf21db2cccf02a0b8ee7b0f2418a50 7644 dpkg_1.21.23_i386-buildd.buildinfo ec50bd469baf81189fc02e88f5ca269bf5f6fb4d607686aefba0f2040c3fdd99 1591624 dpkg_1.21.23_i386.deb 80a3d532971124bba756a6a951a8205a714060a5635314a5f57e133ed8b7e302 224128 dselect-dbgsym_1.21.23_i386.deb b048d13ff82cb3b60e344b2296b1ad7173c65399e7cbb7102311ae4082895c4c 572304 dselect_1.21.23_i386.deb d1bf704b18e5e8f872dbbe3937ccb0eab632680c2f915ec644baa9d18fbc4913 369232 libdpkg-dev_1.21.23_i386.deb Files: b8cb45922cb966b9804e952742e201db 1059368 debug optional dpkg-dbgsym_1.21.23_i386.deb 89f83425f978cce4a0b7b9f80f1e77d7 7644 admin required dpkg_1.21.23_i386-buildd.buildinfo fca328a66f542ef3f2e1defdc0e7afc6 1591624 admin required dpkg_1.21.23_i386.deb d18c4fc6bf4bf97bc81a08858a71da1e 224128 debug optional dselect-dbgsym_1.21.23_i386.deb f9aaa2f0d8eacbf1bbeb0e32928fca40 572304 admin optional dselect_1.21.23_i386.deb 601df084102aabe937e05cc5f9559aba 369232 libdevel optional libdpkg-dev_1.21.23_i386.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEBDWXQb2umOtH4DRpYg9P9sm2dfEFAmn3x34ACgkQYg9P9sm2 dfGBEBAA1YEnR4wxL9ZYdxkGuN8P30yFN3Th0DMKyBhaSlE8LRZzCD+kFQq0VbUI xEc8KQOMbd2papE6ejyNdjWvuAvMQhoah3XToDV0M42p7uQdDFcdKpTAI6Dungim YdcY48eAYqwMfd/MuOKXS0OxOIL1VNK5i/97PmgK7qa/807C8lDaUdLsjZypFAdV UeZr5xMRsEpHTbf+CDeWCJKI0TNX9rDQyZXRGTKTiltAENoHSBXO195CvlCIuSao o8CWLBoHrS54ZC2s6xhfDapFovfkYLaLGvf0gfQYvAcQNjpuzlZMK+up0sWkZUSj 1F+kprzmz5sVobKksyKJYMPgeEkN3QpkYh6oy8oF6uF+Rky1tvi/YhhZ860WXsYS n7gV/FNYOWxCJ3pTcnirgRwEXyM/k59fBEZdr62wzjm8UPm3vJ8T6/X2VvWcD44J TLW5vSzWnWMUfgtZOgRvkgVKFmUd7+Idhaadh24ZXGjzoHcvahD/59Irn6Ij02In V0BEgPPbY29GIcKKskoWjwQEyVIevceG4xLevvxaS9zI0eXU1TWPMLDjF77WFH4U GVsN2YFXpGEY42L7A34m6XCEExVgAjV34LSgqQghWENjnkbWmUXtAUVtgeU8ZpDl vLCDA/SISXjbdOZp0ox1CeUteau9Yrxc6KnUe88NG/zU92as17g= =jTOP -----END PGP SIGNATURE-----