-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 23 Oct 2025 12:31:38 +0200
Source: syslog-ng
Architecture: source
Version: 3.38.1-5+deb12u1
Distribution: bookworm
Urgency: medium
Maintainer: syslog-ng maintainers <syslog-ng-maintainers@alioth-lists.debian.net>
Changed-By: Jochen Sprickerhof <jspricke@debian.org>
Changes:
 syslog-ng (3.38.1-5+deb12u1) bookworm; urgency=medium
 .
   * Non-maintainer upload by the LTS Security Team.
   * Add fix for CVE-2024-47619: `tls_wildcard_match()` matches on certificates
     such as `foo.*.bar` although that is not allowed. It is also possible to
     pass partial wildcards such as `foo.a*c.bar` which glib matches but should
     be avoided / invalidated. This issue could have an impact on TLS
     connections, such as in man-in-the-middle situations.
Checksums-Sha1:
 c50bebf7846c33ef495a49ad37a963105f7dbfc1 4424 syslog-ng_3.38.1-5+deb12u1.dsc
 28923144ed8682295d40d714f621e9f5d2ade104 1878050 syslog-ng_3.38.1.orig.tar.gz
 c31036c69e5bf623e4e3fe704884c4bdbcca6878 44552 syslog-ng_3.38.1-5+deb12u1.debian.tar.xz
 33b4ec0b41d3f23c8453f464d42956d03cdcc7ba 6423 syslog-ng_3.38.1-5+deb12u1_source.buildinfo
Checksums-Sha256:
 915808b867eb548aa0fe96439b47abfbeb2ea425140bcc80f3c53dd747c1c900 4424 syslog-ng_3.38.1-5+deb12u1.dsc
 e834737c9a57ea60deab3c61176f728189b37ac9eddcb7c7e56b603eba3f394c 1878050 syslog-ng_3.38.1.orig.tar.gz
 45d7dd06eff2d0984d13c3681a7c9d4a286b8d4f72349fee671080fef34a6297 44552 syslog-ng_3.38.1-5+deb12u1.debian.tar.xz
 11bec088c556d4ab6cc49229af618f0aa87ec6dd90c497c497c13fde94e2a7c3 6423 syslog-ng_3.38.1-5+deb12u1_source.buildinfo
Files:
 50295559fe0fe3e93d35bc6c1046872f 4424 admin optional syslog-ng_3.38.1-5+deb12u1.dsc
 231a7a57db0c0f5604095aa09ebca7a2 1878050 admin optional syslog-ng_3.38.1.orig.tar.gz
 fbc5f9bf4c0b3b39070187273d238e0d 44552 admin optional syslog-ng_3.38.1-5+deb12u1.debian.tar.xz
 785ecae3fd49100be9b6d86b013fe028 6423 admin optional syslog-ng_3.38.1-5+deb12u1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

wsG7BAEBCgBvBYJpF3MCCRAX+9y/2ZKP9EcUAAAAAAAeACBzYWx0QG5vdGF0aW9u
cy5zZXF1b2lhLXBncC5vcmdhAXnT0Q31GXnJTk6HZhgteE0MqLpxRcCcF0f2FbLT
vRYhBOxHhMWwhZqan8X88Bf73L/Zko/0AACNChAAolYjGAL40GV7jR48GPzMrMxE
bzrzYOb0sb6+tTKy6zo1QCEyw8x5iZBfnnr81RAIvZWLfEsXaU6a7xM6YbI66/UE
VmFYKMnVrpz1TfG7bGShhg4uGClyqoXD+GYF8Eni7erHXgixiCz4KsadHgXLTFpA
LGDxWkaireokuJi9evH2SEfpvPHgIas2RA9kkAUzNLvQ0ClA16WkGgMe030bjCN7
lyp/lI6Szr31E+R/n3t42dTYUaNvJZZrrXcuTOk4GwId4qoRpD4TwLSnLK+KQYpv
nYxuJGPMM6k65lrX4fw4tXH12H4EWm3oaqvB+/ikTxVPu/1D8FMhXk8UZFiYv/CC
8JcWvziekjHoJY3offLRTIMrleQNVyuK1J9PqWiRbfU8gS6YuyU4oWJq2kjA09Fh
6O82ORg5BRvVJn0OCNOhDYXhM+3/QPztVHbQSeNgNX/Fs8kKcqSZEKu6Q/V7vKvU
zI2u3hTP83UwKrC4dw22YtqgqLJF3uxQBIsF7Ni8AzQE2wMW9oTkjRBsH5MdeY7G
liFkly1EgZ2tRK8f6c60SVwy9RCuoddTbZ51UqkZ5NGHk8VtBgMIeaF0Uh5b+puJ
VbLfRZxJOtxz1u9T2/zbttpuzsdsO2pkCsY/AjK0thnnSqB1e2jyT7XHEv8Sp2mu
WtiYgD7FHJmoWzo4gIA=
=PIC8
-----END PGP SIGNATURE-----