-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 27 Apr 2026 22:14:33 +0200
Source: glibc
Architecture: source
Version: 2.36-9+deb12u14
Distribution: bookworm
Urgency: medium
Maintainer: GNU Libc Maintainers <debian-glibc@lists.debian.org>
Changed-By: Aurelien Jarno <aurel32@debian.org>
Closes: 1125678 1125748 1126266 1131435 1131887 1132499
Changes:
 glibc (2.36-9+deb12u14) bookworm; urgency=medium
 .
   * debian/patches/git-updates.diff: update from upstream stable branch:
     - Fix a performance bottleneck with the Address Sanitizer (ASAN) on 32-bit
       arm.
     - Fix _dl_find_object when ld.so has LOAD segment gaps, causing wrong
       backtrace unwinding. This affects at least arm64.
     - Add GLIBC_ABI_DT_X86_64_PLT symbol version on amd64.
     - Fix typo in wmemset ifunc selector that caused AVX2/AVX512 paths to be
       skipped.
     - Fix POWER optimized rawmemchr function on ppc64el.
     - Optimize trylock for high cache contention workloads.
     - Fix and integer overflow in _int_memalign leading to heap corruption
       (CVE-2026-0861).  Closes: #1125678.
     - Fix stack contents leak in getnetbyaddr (CVE-2026-0915).  Closes:
       #1125748.
     - Fix bug in wordexp, which could return uninitialized memory when using
       WRDE_REUSE together with WRDE_APPEND (CVE-2025-15281).  Closes: #1126266.
     - Fix invalid pointer arithmetic in ANSI_X3.110 iconv module
     - Fix a typo preventing new tst-wordexp-reuse-mem to run
     - Fix incorrect handling of DNS responses in gethostbyaddr and
       gethostbyaddr_r (CVE-2026-4437).  Closes: #1131435.
     - Fix invalid DNS hostnames returned by gethostbyaddr and
       gethostbyaddr_r (CVE-2026-4438).  Closes: #1131887.
     - Fix random failure of tst-link-map-contiguous-ldso.
     - Fix a possible crash due to an assertion failure when converting
       inputs from the IBM139x character sets (CVE-2026-4046).  Closes:
       #1132499.
   * d/p/amd64/local-revert-x86-64-add-GLIBC_ABI_DT_X86_64_PLT-version.diff:
     revert addition of the GLIBC_ABI_DT_X86_64_PLT symbol version used as ABI
     flag, as the dpkg-shlibdeps version in bookworm is not able to handle it
     (see #1122107).
Checksums-Sha1:
 702906fdb0f1b37205a2000b6715025fed8018cb 9765 glibc_2.36-9+deb12u14.dsc
 42404623ac3ac7cb1bcce7dc7441ef3782c13871 918488 glibc_2.36-9+deb12u14.debian.tar.xz
 b3f4b4290dd4a504e3a062abdbf08444fe6abec2 10292 glibc_2.36-9+deb12u14_source.buildinfo
Checksums-Sha256:
 cfe1f0b8dc1fa211ce5a45b3725cc38b29f88667f1140ebdca6de35cf9c6f1fd 9765 glibc_2.36-9+deb12u14.dsc
 cf4ac9cd98185452cae3ef34e2e4ee12753e3d93fd0c62c61396d4a47eec902f 918488 glibc_2.36-9+deb12u14.debian.tar.xz
 6b273cd4e05adbfbb30e1f151a4d11eced4f2954b43d0b395ee1580b83c443c3 10292 glibc_2.36-9+deb12u14_source.buildinfo
Files:
 001a68ae63559b253dcb12f32d5657a4 9765 libs required glibc_2.36-9+deb12u14.dsc
 caad7ed8eedd10944370b3d01d08e3dd 918488 libs required glibc_2.36-9+deb12u14.debian.tar.xz
 187b0ea5e3a5a99bfb18b57dfce1c44a 10292 libs required glibc_2.36-9+deb12u14_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEUryGlb40+QrX1Ay4E4jA+JnoM2sFAmn3cHQACgkQE4jA+Jno
M2uPHQ/+J0rFsM+yxJir00Nvl258vlWnQEnorwXo8mcDMP74bB9n1zcQxsVo8bkV
7CiQ4vebLImGfAOSK4Dx8rlMP1XAF/w1+fxDMNfh8QWWtsXOHCN3B+u9lorKT+Nb
HZl99x8fpZsBNipTk2XkVCKUSagUCKnIL7rMQv9aCGo3qfB3RU2rCOC5kdWse+fz
USnpSBGFYzy8tr4RmDRfWJrUHAABTTFlzzZppcIvc084eEZ2JYBqKWNy0+gDYLOZ
2ZcahSnyIq2AJVdnsFP3HS/IFW92VjYw43QGow3TwhgLtvdxjZB0GHZS6t0s+FBH
GkOH9Vtsa/r0yjp4XocdXmLqAgSELtGT+KsYcN9nHtN382kfoEWHJQdRj1KEIsxk
aG37ym+LULEjoqAm3jj+OXxkYY+k2yhJwpycr5zuX6zAnppREphNOLBaZj44hWu9
l4i4m35TyVJUHDaVxofeAmbRiCm6DJYDLnZeTLikOSOzKhxwPDNdDtJvpLrFTYJM
vwMtqywWdcCP53vD8CDU7wQDtyA3wXoMtoTFwZ5Fwg3piTjMYdD8C7LKj6ZTxsS+
cHT54B6TBfvcNH4acilA5JlKHci4b87Xep0XL8a2NzkXulJeqb5ilUS5u9cRVbcv
33z7E61IwKCX1uIjkjS4oRDN9NuWiV9/HGTVC1KWkXkR8uMElD0=
=ymkd
-----END PGP SIGNATURE-----