-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 22 Jun 2026 10:38:07 +0200
Source: u-boot
Binary: u-boot-tools u-boot-tools-dbgsym
Architecture: amd64
Version: 2023.01+dfsg-2+deb12u3
Distribution: bookworm-security
Urgency: high
Maintainer: amd64 / i386 Build Daemon (x86-ubc-01) <buildd_amd64-x86-ubc-01@buildd.debian.org>
Changed-By: Andreas Henriksson <andreas@fatal.se>
Description:
 u-boot-tools - companion tools for Das U-Boot bootloader
Closes: 1056750 1081557 1136954
Changes:
 u-boot (2023.01+dfsg-2+deb12u3) bookworm-security; urgency=high
 .
   * Non-maintainer upload by the LTS Team.
   * CVE-2024-42040: buffer overread vulnerability in the DHCP implementation.
     (Closes: #1081557)
   * CVE-2026-46728: mishandles use of unit addresses in a FIT.
     (Closes: #1136954)
   * Remove avr32 arch support removed in dpkg 1.22.0 (Closes: #1056750)
     - now also leads to dak rejecting uploads even for older suites
Checksums-Sha1:
 2b0324de775a634d43a8b7ca6cdceb73731d4b23 842188 u-boot-tools-dbgsym_2023.01+dfsg-2+deb12u3_amd64.deb
 18ac41454629227e863d2f5369f0e7147ced4409 205544 u-boot-tools_2023.01+dfsg-2+deb12u3_amd64.deb
 e78673beaaa12a4a997f429d685253c39e6a3e05 8050 u-boot_2023.01+dfsg-2+deb12u3_amd64-buildd.buildinfo
Checksums-Sha256:
 c594832878fb966bf063731a6eb186ae5444b4f1b948755f84879d90cb99df97 842188 u-boot-tools-dbgsym_2023.01+dfsg-2+deb12u3_amd64.deb
 7d0b9a230495f133f0fdfde4f6f2a9b740022ee5216a096a3d66ce23437aff15 205544 u-boot-tools_2023.01+dfsg-2+deb12u3_amd64.deb
 1bcb1c35fedee78bc149fc404a9f5cd63ece4601c5ca7fc008e8c8cae0a13406 8050 u-boot_2023.01+dfsg-2+deb12u3_amd64-buildd.buildinfo
Files:
 b3cd4f6f4eb67718f7223fb18c45df1a 842188 debug optional u-boot-tools-dbgsym_2023.01+dfsg-2+deb12u3_amd64.deb
 34f2ec06d8a86febf30818d0ed215ac9 205544 admin optional u-boot-tools_2023.01+dfsg-2+deb12u3_amd64.deb
 0f4159edea968e3ce3a174d13bcc1a4b 8050 admin optional u-boot_2023.01+dfsg-2+deb12u3_amd64-buildd.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEmtr4KUMaso2EQ6NrTwt/65ON6zcFAmo4+2MACgkQTwt/65ON
6zfang/+JfTYT4vMhs/c2oXhVvKo1J2BH++QJuGbH4lRLOciHSHjpv8StRzFqkA1
mNFlA2ZLBZU/CYK7msay5omQ5ZdZxP9n3e9nfSGCy1GZP49LUluYRe4wVAznx9MY
03FKOqNt2h1locpdD98p6Cixe9gDaqp/GLdghkGxFWOkGZJ4b4AMaH6Vk/mMC9Ep
3veSsQ/EtBJFa6s0qWL4MY8W+IwvUmpBKtZbMvx1ID3AsiUTxCyj7Tdyi82jhxGZ
XC/h9nPzMe2b9L5+zRJjTfK/1Jj11Bb9kShhfKby7Fx/Q2PRokk4oykA2JS94S2s
NImkQWE2zJPm/UbVmP1QqQloVlgDm7xesdC6qpeqQnovCFBRtp8fJDu33Xay347I
p2Q8IhZmtha4kRx2F8JjNoRdqIMofKiZX3WurjMTnbgak+/onCr1rSlwa/8rdJqZ
YrD+PcFBsU3oYKNMT06LCwncA8ksZ7QfIQ04RGtWcQLK+vEVAijv6tdaetn/omD3
SpPN4E4aWJJEsBCihOXj3zoWL+7jou0momB6dxpaeq63n6/Ieg+J1u2LJXjLQki1
hZ8kkySGG6pZBBT9dzI0CLSiBIJnEnpg/acDOe8WsUw93MdWrsOA8KkwX/cIzF4K
2AMeyP85Udi/QA8JTCeshGrnQsGKutT2PB9epoJbi5ZsRLQ+e7M=
=7zHJ
-----END PGP SIGNATURE-----