-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 22 Jun 2026 10:38:07 +0200
Source: u-boot
Binary: u-boot-tools u-boot-tools-dbgsym
Architecture: ppc64el
Version: 2023.01+dfsg-2+deb12u3
Distribution: bookworm-security
Urgency: high
Maintainer: ppc64el Build Daemon (ppc64el-osuosl-01) <buildd_ppc64el-ppc64el-osuosl-01@buildd.debian.org>
Changed-By: Andreas Henriksson <andreas@fatal.se>
Description:
 u-boot-tools - companion tools for Das U-Boot bootloader
Closes: 1056750 1081557 1136954
Changes:
 u-boot (2023.01+dfsg-2+deb12u3) bookworm-security; urgency=high
 .
   * Non-maintainer upload by the LTS Team.
   * CVE-2024-42040: buffer overread vulnerability in the DHCP implementation.
     (Closes: #1081557)
   * CVE-2026-46728: mishandles use of unit addresses in a FIT.
     (Closes: #1136954)
   * Remove avr32 arch support removed in dpkg 1.22.0 (Closes: #1056750)
     - now also leads to dak rejecting uploads even for older suites
Checksums-Sha1:
 488d7843c03cbdb6bde2811d59c74273cf1a95c6 768432 u-boot-tools-dbgsym_2023.01+dfsg-2+deb12u3_ppc64el.deb
 d7325e2371e28b9bffe3d6b944802c23dbcb7a46 220236 u-boot-tools_2023.01+dfsg-2+deb12u3_ppc64el.deb
 ae4c63fd6edbf506f416903c999e33e25f578f74 8059 u-boot_2023.01+dfsg-2+deb12u3_ppc64el-buildd.buildinfo
Checksums-Sha256:
 32e6021be2fe3b9d40a77b99f3b4f19c4e10065ac4c93da3365c10d52d48fc02 768432 u-boot-tools-dbgsym_2023.01+dfsg-2+deb12u3_ppc64el.deb
 ed4037151e990da4d42722571b04f170dbb29836aa6b52a0d66db68e96c82ac7 220236 u-boot-tools_2023.01+dfsg-2+deb12u3_ppc64el.deb
 09afaba2404cd24e4b6776bd9e15e3284a59200d983dad73d730cef496706c2f 8059 u-boot_2023.01+dfsg-2+deb12u3_ppc64el-buildd.buildinfo
Files:
 c4042a35f09c8392db326a3413fc9f2f 768432 debug optional u-boot-tools-dbgsym_2023.01+dfsg-2+deb12u3_ppc64el.deb
 5ef81368ce11ee937bfd41d336fc900e 220236 admin optional u-boot-tools_2023.01+dfsg-2+deb12u3_ppc64el.deb
 f58a57938092af6e4198b39729e1566f 8059 admin optional u-boot_2023.01+dfsg-2+deb12u3_ppc64el-buildd.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEETLpi2USYGUNSlYhoNINNphgym2QFAmo4+2EACgkQNINNphgy
m2QWDg/+PuCmpk7DRNUTjK2epBhqy1T+a6vimDC5h2HzOqDnzpgcZN8KhPl+tJNw
uvX/Ai8BRYzVQZaSLqk6RSwYbrL/x4Cq/L4cJHYoLFTmF7T1Gzxb7gjyqu6/WLcw
z9YMqWy6wzfLqG0Bnl4zEFvwUewpmbiBElB9RvCAdlx4FHKqQuwX3kN8oQ5+Zrzi
r0QU7x+QwxP6wUU5hNPOFqX8IlSzJCRSYVQlycef8t+8v607acfrdXgO6C+wEATV
mkN97hDesUkD4a+CSAeF4LyoxL1b18XqR8IjtBXBTV5xj+dXLzK+pkrzTbf860Sg
RNeIGZry7KfimJC12thpxBsbRH2qsdWLCS1nLI57gfdI2+jgMLiW1HSvFMlnGqik
16lYcur7XbAJYTYJaxtjWEsUYQF/fyHy9aDA2XBZFtSFJx7QJTug6+zGHeb5vXyT
DYhRgzqNIhPy0Mfb+FzmvbTc9wXyHWjezAo4c1FFobiO6XW7oc7GmxK8T2gL6/xb
7ixKSSL/z90H7E0ackX42s7HSMBU1ePSrK1MF/lFto7pgISy5xE3rwZc71OLfKNX
w67U6eSMmG6etfjHX+Owu/UW9B3P6qAP5l4exbdgD8XQG+rzsKDf5zBOL4nFNOE5
P8xynYuAvadYGiRsOi0AeGPi54rokYw8AhEPQe+Zn8XMpPhY/fM=
=Q0d4
-----END PGP SIGNATURE-----