-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 04 Feb 2026 08:10:15 +0100
Source: munge
Architecture: source
Version: 0.5.15-2+deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: Gennaro Oliva <oliva.g@na.icar.cnr.it>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Changes:
 munge (0.5.15-2+deb12u1) bookworm-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Fix out-of-bounds read in credential decoding
   * Fix buffer overflow when unpacking message address length (CVE-2026-25506)
Checksums-Sha1:
 7f34d609ab87f0aafe2e157c2822928130234a1f 2162 munge_0.5.15-2+deb12u1.dsc
 1781dfc02d480d53e60c49e149f1cc15f95eeebb 459468 munge_0.5.15.orig.tar.xz
 4e48b0ee6d0932002c45d5f257e783c72df2c255 12164 munge_0.5.15-2+deb12u1.debian.tar.xz
 d79ab3ae3240a3719d3a4c79c0b39eaadca034e8 6406 munge_0.5.15-2+deb12u1_source.buildinfo
Checksums-Sha256:
 8e55a3e5ae51a70b78ca09ae32c9fc883ab295344f484b2cde5d00215a11b0f1 2162 munge_0.5.15-2+deb12u1.dsc
 3f979df117a34c74db8fe2835521044bdeb08e3b7d0f168ca97c3547f51da9ba 459468 munge_0.5.15.orig.tar.xz
 a3c996ac9cbc7d2cb55710849c0ff9766fab932e06eb6533fed03c22810444e3 12164 munge_0.5.15-2+deb12u1.debian.tar.xz
 eb4ef00989b752d8dca5653a65c599255dbc1c4eec4e73f4c3530a39c40ebb69 6406 munge_0.5.15-2+deb12u1_source.buildinfo
Files:
 b7e39e5605ff3241151cda313c9e5790 2162 admin optional munge_0.5.15-2+deb12u1.dsc
 34c2f68dd5b161e1f0e855e29af55113 459468 admin optional munge_0.5.15.orig.tar.xz
 d12dda5c62fe5c61cb8bf433e38d4080 12164 admin optional munge_0.5.15-2+deb12u1.debian.tar.xz
 767152c42e1dd4e78158840086bed8c0 6406 admin optional munge_0.5.15-2+deb12u1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmmIoBZfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89EcZMP/3JFBomCJ/+/s1pmPlo8N2aThIq9OLZc
OVAJtcu+xrZ1PbkdT1RxxtcoGLF9zB66y+Py1xol02tsUTdp/dS/20JvHqX/C6uW
lUX2SicSc8aFM1oMA0JClhecY7uNiWxxSc/DhPm54gLkraD5vCiUOpXaAukA70Vp
K7msju3QhQFsTNS6KN6r4TuV1nY2k1twH1t9mD/pXlBdshYTUJkPjp5fUXBlvxF1
laW4bpgOqcBKMZNS1Qd0no0pqfIQhMPlXNvItcjhH8Df0R31Sc9kUbJjHI/vu9Rs
iqOLpGUUpz6RR6Qb4sMeXaB+sqCjgn4RVzbAp0Zcjo8uwaKk81wirb1Wb6WCxhRD
Ed7QwSpvAACitBDdcav76HIkniAnS5Kqj8n7lO2KmkVzkVPOYQP0KrC7bjMZQo+Z
aFjgJ9Cys7VoN0HjqgyZxEUwBlbKoXVY+C8iwPcVWZp9AWj019Rpml/pgepv0VBS
4IfS79fTvkf3DeRqZ8Bg+VZRIr2scLTzzHrkiKYe4kn1jA0wA3jOGPF6C85MtYmN
Lr1cdplMntVQsGrKsWSFPASyx+rYad2tTleiiW6W10C0coIdiW0xOS9xs/NZ5pej
/NI4NgQ89c36RcWO5tzGppa6G7wEDnNYsoW4wIrnwhqpQv7u3Owh0nxrv07H905f
iA4yoVkS60pf
=T7Tl
-----END PGP SIGNATURE-----