-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 17 Oct 2025 20:26:34 -0300 Source: libsmb2 Binary: libsmb2-6 libsmb2-6-dbgsym libsmb2-dev Architecture: amd64 Version: 6.2+dfsg-2+deb13u1 Distribution: trixie Urgency: medium Maintainer: amd64 / i386 Build Daemon (x86-csail-01) Changed-By: Matheus Polkorny Description: libsmb2-6 - Libsmb2 is a SMB2/3 client library (library) libsmb2-dev - Libsmb2 is a SMB2/3 client library (development) Changes: libsmb2 (6.2+dfsg-2+deb13u1) trixie; urgency=medium . * Import upstream patches to fix CVE-2025-57632 - When processing SMB2 chained PDUs (NextCommand), libsmb2 repeatedly calls smb2_add_iovector() to append to a fixed-size iovec array without checking the upper bound of v->niov (SMB2_MAX_VECTORS=256) * d/p/CVE-2025-57632-pt*.patch: Import upstream patches to fix CVE * d/p/CVE-2025-57632-pt2.patch: Backport patch and Update hunks' offsets * d/p/CVE-2025-57632-pt3.patch: Backport patch and Update hunks' offsets * d/p/CVE-2025-57632-pt4.patch: Backport patch and Change hunk to reflect new code indentation Checksums-Sha1: e6d46d49c8c3441f1d94106b297768f7eeff8697 281236 libsmb2-6-dbgsym_6.2+dfsg-2+deb13u1_amd64.deb 2cec2f766f74bb5b9516a81be56232341983d3fa 97556 libsmb2-6_6.2+dfsg-2+deb13u1_amd64.deb e4910db9af3205d33327aae482f4918e0075c376 132736 libsmb2-dev_6.2+dfsg-2+deb13u1_amd64.deb dccd9c0113819bc3f0e69a9c58a471aaf3e7285e 7306 libsmb2_6.2+dfsg-2+deb13u1_amd64-buildd.buildinfo Checksums-Sha256: 06770b07aacb2e70654af8d483939442a880fac55e71a51398924b2e07dba004 281236 libsmb2-6-dbgsym_6.2+dfsg-2+deb13u1_amd64.deb 3f6662188fecba4c42bd2f45475156da6fc98b1746fe1de473c0df937afce3df 97556 libsmb2-6_6.2+dfsg-2+deb13u1_amd64.deb 2ed95d57e6f154c8025bdd605cf4a022e0ddf230353478e2d6f37e8c649bcbc6 132736 libsmb2-dev_6.2+dfsg-2+deb13u1_amd64.deb 5fb7c19f9e85e7feef8679c731201668c790ccc3794b8de6cdfdff597f56f3f8 7306 libsmb2_6.2+dfsg-2+deb13u1_amd64-buildd.buildinfo Files: 710111718d0fe7bd40e0287c9b74b0cd 281236 debug optional libsmb2-6-dbgsym_6.2+dfsg-2+deb13u1_amd64.deb ec90af9e560917245fc3dbec70cbcb3b 97556 libs optional libsmb2-6_6.2+dfsg-2+deb13u1_amd64.deb b2fda145d058c14f10b3b81db525afe9 132736 libdevel optional libsmb2-dev_6.2+dfsg-2+deb13u1_amd64.deb 3251be9363c072b3cc68ed1bca6c46d8 7306 libs optional libsmb2_6.2+dfsg-2+deb13u1_amd64-buildd.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEXNeYFUF3FbHcrtSeIy3Pg040HrAFAmkHsgAACgkQIy3Pg040 HrCYtBAAsVQrbEPyBv9ms/GnZa6effVOXc1vkxWh/SQ3zT9NNRFCqVWUzpJkiuDA GwmFtSbuZwmCESq4y32aFe4r6VnPNm5fQ8YEFR0f7fUGLAEOhlhZieOhNS/AP+D5 shW29j4Pt26bPxmaaIw69AyO/0bqxjo/cyMuR6py5mdEz9pmZtZTN8Bq1SqXJJ+4 2F91+a2pXKWN0IGOboijs+iIDWDiWBgr9yP+wJQm64eTbuFNbdMKb84RlkaAvApU xiONZFyG6DphkvAEdk5Q8vVE0yskycLWY4J+yrqiBVv2D4kL03MABjDVwNjZ3caL 6+ZA49ty/9BZtSkIMlr5Ff8RlZxq6zANu79VLvhFvYDnFmphW9JpYJ2dLl6x1TjA r5yIAzZ5pkGBZkpO0p9Lr6Tlqm9pnuXP+qxScbOsSsSekdjrmwzEKycYcBuSRP6b Zq6Wy0+/k6MDroHk3HPQymtpOQt+trFbBXSlFRjBUEhFrhGysDewYDIsvDx/aD5X TNW3YGtyzjmHRf2ZXTgh9c7rutTpwgsvLMy7I8P9EbOlPLgPuaV15GYcB7/JiEx+ vcBucOiMNH0rncrzgW2nnj4HMceLN4zufvMSIChhCP5DqWRFoRF5lITnUkrexlq9 6B86I3fMVMN278LPDnxKgCobFgwQaqdjCoA10SWkXRW7X1DxGxk= =5QLX -----END PGP SIGNATURE-----