-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 24 Jun 2026 11:07:15 +0200 Source: u-boot Architecture: source Version: 2025.01-3+deb13u1 Distribution: trixie Urgency: medium Maintainer: Vagrant Cascadian Changed-By: Andreas Henriksson Closes: 1081557 1136954 Changes: u-boot (2025.01-3+deb13u1) trixie; urgency=medium . * Non-maintainer upload by the LTS Team. * CVE-2024-42040: buffer overread vulnerability in the DHCP implementation. (Closes: #1081557) * CVE-2026-46728: mishandles use of unit addresses in a FIT. (Closes: #1136954) Checksums-Sha1: c322f9439d138542f772bdeaaf6cb73ef87d318d 4329 u-boot_2025.01-3+deb13u1.dsc f072610d78a718c451a799342c43c733426f68c7 32890299 u-boot_2025.01.orig.tar.bz2 ec5697bc3cb716bb931752fd537eb9b7064f24a0 687 u-boot_2025.01.orig.tar.bz2.asc d2f62720a03c68f3bd19a77f63e412b2c9f8ca94 174476 u-boot_2025.01-3+deb13u1.debian.tar.xz 56c7026f843bf341fa30711d9f66be2cfb4e8c5f 8268 u-boot_2025.01-3+deb13u1_source.buildinfo Checksums-Sha256: 21dbfd7fe193b127636814284b109382589eaa544a159d4b73b1cdae20a0094f 4329 u-boot_2025.01-3+deb13u1.dsc cdef7d507c93f1bbd9f015ea9bc21fa074268481405501945abc6f854d5b686f 32890299 u-boot_2025.01.orig.tar.bz2 8a25ad74cd740a6e89a212bd8d7412d2e65882fecf8bc56ed806da999bb26c4a 687 u-boot_2025.01.orig.tar.bz2.asc c73a4efe85614af359f0be220e061a0b5c36bb4b3a121ca776dd988444b536f1 174476 u-boot_2025.01-3+deb13u1.debian.tar.xz a7e60bf3f7f600a7abed20535acdcb0408aa7f03f4064832ee00981a77ee3fc9 8268 u-boot_2025.01-3+deb13u1_source.buildinfo Files: 82fbae83a04f7d35ec1fe70ded8b7e27 4329 admin optional u-boot_2025.01-3+deb13u1.dsc a9b03ef9a6a0fce2f913abc97a6f4bc5 32890299 admin optional u-boot_2025.01.orig.tar.bz2 748fdffefb540d3e84e005b61449a4ba 687 admin optional u-boot_2025.01.orig.tar.bz2.asc d4d7c9789bbab728091ba1d3a8e99a59 174476 admin optional u-boot_2025.01-3+deb13u1.debian.tar.xz 2693b5960df3c4f6a892ff8553e515b7 8268 admin optional u-boot_2025.01-3+deb13u1_source.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE+uHltkZSvnmOJ4zCC8R9xk0TUwYFAmpWmQAACgkQC8R9xk0T UwZ++g/+MvyLeK0AeIWI/ZBYxtsWyALTfd/Xk3aIpfhryfl06FfbHUQO0Q0lU1GR njNr0cOkD0NzNYEaq10Dz+m7F764sLwZGGtHN0YIpx0Z7hyI7GxBq5j9EGMdUtLo 11/bhDPWEWwSS0fRqi56is2KkIj0LpDthDvN39a8E8APncwmuPji8ruUCu6nJ3Wo z0J8Sjp5uf3SmLTBcFHAHxG5VTlYVYacpeBigaw8uJi6Fln5K4BzELsGLRf4x7y5 WbhCcwy3io+x6ZZyY1n7/dZkwqpiavafMke2PtvHvK2i6OEDKaMTZgUgDBvNUlBt pQmkZB9Z7t52Z6p2cqKzocDLJaAyCfkyR1cmAoZYglgUpaR/7HyYIhsxnsihFDJ4 ZNOit0Vev6lWqoR4195Z+d0feXc2pPm+wBMlmB2OSBSeuW8P4IbNYAjexDG75TnH PDQusO1RvsYha1ifJVyvJ9PQqJ89W/lGUHcmB4BjDQUpOjKjDT17wRYH7zzxWzZR a8fTRogDxR/mIDevDaYvNwt+n9g34tZ35OwjImh6O252oAeSxnDGDuQS1adoNvY2 FKwxY00ATlej5zS9mekIFrwYFHqpapyXl1o7YTWi5UdB7WxPgoEQszg/xnmrf+U3 bgLwutoOjKcJLEfX0eNsm12fE7QLzgXJm9ojdCR5MemRNjnE+ps= =7b8/ -----END PGP SIGNATURE-----