-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 17 Oct 2025 20:26:34 -0300 Source: libsmb2 Binary: libsmb2-6 libsmb2-6-dbgsym libsmb2-dev Architecture: i386 Version: 6.2+dfsg-2+deb13u1 Distribution: trixie Urgency: medium Maintainer: amd64 / i386 Build Daemon (x86-ubc-02) Changed-By: Matheus Polkorny Description: libsmb2-6 - Libsmb2 is a SMB2/3 client library (library) libsmb2-dev - Libsmb2 is a SMB2/3 client library (development) Changes: libsmb2 (6.2+dfsg-2+deb13u1) trixie; urgency=medium . * Import upstream patches to fix CVE-2025-57632 - When processing SMB2 chained PDUs (NextCommand), libsmb2 repeatedly calls smb2_add_iovector() to append to a fixed-size iovec array without checking the upper bound of v->niov (SMB2_MAX_VECTORS=256) * d/p/CVE-2025-57632-pt*.patch: Import upstream patches to fix CVE * d/p/CVE-2025-57632-pt2.patch: Backport patch and Update hunks' offsets * d/p/CVE-2025-57632-pt3.patch: Backport patch and Update hunks' offsets * d/p/CVE-2025-57632-pt4.patch: Backport patch and Change hunk to reflect new code indentation Checksums-Sha1: 88f046859e83b8ef990b8e63f78a8e3d997f2e22 234332 libsmb2-6-dbgsym_6.2+dfsg-2+deb13u1_i386.deb 883b5050f4a76352fc1b6ff6540cfbc3cfd13390 109976 libsmb2-6_6.2+dfsg-2+deb13u1_i386.deb 4ede7ebd2f599074373b787d20c93bc7a24a7e55 148376 libsmb2-dev_6.2+dfsg-2+deb13u1_i386.deb be1019f010d360b80e7750a281a65d68197bd2fa 7207 libsmb2_6.2+dfsg-2+deb13u1_i386-buildd.buildinfo Checksums-Sha256: 14f43eafd261b168ec952054caaae0a843e64cf656ebe4495c68fdd2c8d68afd 234332 libsmb2-6-dbgsym_6.2+dfsg-2+deb13u1_i386.deb 72ac012ef87bf130ccc7bd01b1b812eaae9fd3668127fadd2c2dc56f983366e2 109976 libsmb2-6_6.2+dfsg-2+deb13u1_i386.deb 7e91fa8963c6e14ec132c6a3ebc762a81b74fb86a78e35a434ae58a94287d592 148376 libsmb2-dev_6.2+dfsg-2+deb13u1_i386.deb ed66c162be566ab026cb73f8431a327c94137aab9c701c1e8f084e68fad711b5 7207 libsmb2_6.2+dfsg-2+deb13u1_i386-buildd.buildinfo Files: abb586ef4b68f45491a2e922df6aba13 234332 debug optional libsmb2-6-dbgsym_6.2+dfsg-2+deb13u1_i386.deb 8bc855da5eadbc7a0278d36a0fce8fd7 109976 libs optional libsmb2-6_6.2+dfsg-2+deb13u1_i386.deb b89ef400b9da74a31103c3fb5b02097a 148376 libdevel optional libsmb2-dev_6.2+dfsg-2+deb13u1_i386.deb 0f44c30bf3129889b363df59e66a1c21 7207 libs optional libsmb2_6.2+dfsg-2+deb13u1_i386-buildd.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEc5vuvf2HND40bnI+8IREj/cRiTMFAmkHsmgACgkQ8IREj/cR iTM+1BAAv4RlVb6HFhVOAm8bJt/2PD8+dQv2e00GJqw6tyCdz8SCIYJCyG8J9EP8 HzoCf8Dqso+AjZVyqmBLPa0J+/FBojMDC6za1v/5U7XcmMz8iN4dozZIEnTzOYXl zAYjmi8aZcqALaRk8qbq9ovOW7Nm4U3YZw++Jbb2Ns5M0dQiTkw8739cF3OfTQIr D232/artp7eKQQ+mFx9H+J6VaEMk44Pty69ODhGBmNtVRBsl4uQ9adSqHAr0uksu QZoNZX36fF6k3KWSx+HRxIj7vR0Sp7erBpXrtx4SvTx2mDoffuIIy3ZSiCAwdJiC Tk3Qz+q+PUTIBRda3bEqDXTReNZ4BfHtRTssEQhOhOjxit+oPSNTZHAoZfQBtDVv YAD7++SyC+vY4HewP4tCTrIysEi69yd3RHliPnhZI0ckTsI7yr9/en7x1oeqjzFz iROfuV3U0ACVkxMqzknhvU2qYNQAG/P2eE7jhLot05LRITM5IyztJV3wjmxL0UBY e/GuuhU8+mYw4oCHT3tvMPy1v11rwa3EoA4+MTJXHF6joiUWbB8wjtg9np8z9MoR 0FxkjnrvYKGvAWT+qq+r0xR6SE8VgwDpizfJywOpdPcj+z+lcwytr2t15Hl+wH55 QaKxdimk9ddJpPE3KtQBneNuEFCqNF20XAjmhPZDyqoCKDlVC3M= =kM3J -----END PGP SIGNATURE-----