-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 24 Nov 2023 08:15:30 -0500 Source: glewlwyd Architecture: source Version: 2.5.2-2+deb11u3 Distribution: bullseye Urgency: medium Maintainer: Debian IoT Maintainers Changed-By: Nicolas Mora Changes: glewlwyd (2.5.2-2+deb11u3) bullseye; urgency=medium . * d/patches: Fix CVE-2022-27240 possible buffer overflow during webauthn signature assertion * d/patches: Fix CVE-2022-29967 static_compressed_inmemory_website_callback.c in Glewlwyd through 2.6.2 allows directory traversal * d/glewlwyd-common.install: copy bootstrap, jquery, fork-awesome instead of linking it * d/patches: Fix CVE-2023-49208: possible buffer overflow during FIDO2 signature validation in webauthn registration Checksums-Sha1: 48fe18365f63fa7fb4722c9db1024bd2a8631f40 2673 glewlwyd_2.5.2-2+deb11u3.dsc 84fdbd7b288dabe6e683af2c5f18031206693604 5437175 glewlwyd_2.5.2.orig.tar.gz 9c22f95de5225af68adfa196e6a11dafef283e7f 26100 glewlwyd_2.5.2-2+deb11u3.debian.tar.xz 6bc43f6517de21992fce25db5ab793d24caad5f8 19877 glewlwyd_2.5.2-2+deb11u3_amd64.buildinfo Checksums-Sha256: d80f544e84047477e670130e753def5e0cb75b480f851536f45d5787c0c6c98b 2673 glewlwyd_2.5.2-2+deb11u3.dsc 2630d4e3ea2350c7060ff39321ff7e0cbef5893b9bd99ad098fc5fafba31fe4f 5437175 glewlwyd_2.5.2.orig.tar.gz 781ca13ef6d2759e16a8441c5ee5fd84e953aab8d619a47b7646f818cb854e6f 26100 glewlwyd_2.5.2-2+deb11u3.debian.tar.xz d9cb20583e1820670ee3cd98ab673b40c9ab244e38d1c959a9837e0f2ec40399 19877 glewlwyd_2.5.2-2+deb11u3_amd64.buildinfo Files: 4328d446c20011afc4bc429c23f0c832 2673 web optional glewlwyd_2.5.2-2+deb11u3.dsc fa6d6f99894aae2b0e16a36e9322f4a8 5437175 web optional glewlwyd_2.5.2.orig.tar.gz b9e307a88bfaf56fbaacba4011f4c48c 26100 web optional glewlwyd_2.5.2-2+deb11u3.debian.tar.xz 21e3939501beaa13d0388183b23e6eca 19877 web optional glewlwyd_2.5.2-2+deb11u3_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEhAWwL8wo75dEyPJT/oITlEC9IrkFAmaUQB8ACgkQ/oITlEC9 IrlQnw/9HQ72hpR0je42OEJWs97xqvDqmmQDdOXBPaIAWneClNoqjdQUtJ4WKFnX 7LeJ1543YqxBnCxuzkdOj+8QR7UTpWQbOxTro8fXfXc4b3dhGlHdFh+bjBrSqkYG lyJdJkZAr23meFVMe9vc8VSH+8Ry+gPYgB2yi4HdBseLIUEIoHZZ6XaGxf6l9Tzr aiIBbNBbchV5G04vWkH/UZKvcp8SG7geQ3juos6LQSBqR2+Q4tyWgew9V8BCD/4a 9Idw7sfQnCoLW5fRhVr9pGzN+8TCXLtHZJD8U7enTPoS2sMVa2ZjBvo+MqFymmUq jN8yBsNGEH69RuQ2m78hLIjoh1OtnnFgaQT84HSg5iUnNH3q5XMeHi5YgzMJnt5e Pvg3dD/LuyDtXXFA7JKHU0p1GcWFjh51tVpC6zmgfGNKUPlazFOly4o1XEH5jLXb OSm7+pybPLvBs/NeyP9mw9j7Qbqf7Izb3VlhcGSYGAC9F7mFvyXBHxD59AgGE86/ HlrQlxlBOlN49kI68ZLWUNvyfJUjb40kMmcht3TUzEKhg8vKvTy7A2d1IwQtXKNJ jRdSpHSWDOOh3Td2dHaowNPO1ui1obFzPColYxjtNk5o5PefGnVg0sYVrwMZeq50 N5DKNvwXLmos5leJFYuq5B9RHacBU09m/essTtEvznNdMUqn89w= =4kia -----END PGP SIGNATURE-----