-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 18 Aug 2025 09:30:17 +0100
Source: glib2.0
Architecture: source
Version: 2.84.4-3~deb13u1
Distribution: trixie
Urgency: medium
Maintainer: Debian GNOME Maintainers <pkg-gnome-maintainers@lists.alioth.debian.org>
Changed-By: Simon McVittie <smcv@debian.org>
Closes: 1110640 1110696 1110825
Changes:
 glib2.0 (2.84.4-3~deb13u1) trixie; urgency=medium
 .
   * Go back to debian/trixie branch for a stable update
   * d/tests/manual/1065022.sh: Update manual test script used to reproduce
     and test fixes for #1065022
     - Adapt to upgrade from bookworm to trixie, rather than bookworm to sid
     - Optionally reproduce #1110696 instead
     - Optionally test the extra safety checks in the postrm
     - Add a simpler mechanism to test proposed packages for either
       bookworm or trixie
     - Improve diagnostic output
 .
 glib2.0 (2.84.4-3) unstable; urgency=medium
 .
   * d/control: Generate the intended Provides in libgirepository-2.0-0
 .
 glib2.0 (2.84.4-2) unstable; urgency=medium
 .
   * Mention #1110640 in previous changelog entry
   * libgirepository-2.0-0: Generate a dependency on a virtual package
     for libffi-related symbols, to avoid trouble during future libffi ABI
     transitions (Closes: #1110825)
   * libglib2.0-0t64: Make maintainer scripts shellcheck-clean
   * libglib2.0-0t64.postrm:
     - Refactor to use functions that early-return if we do not want to
       do the cleanup, avoiding stacking conditionals
     - Don't remove cache files if they would be non-empty,
       guarding against issues similar to #1065022 and #1110696
       (mitigates: #1110696)
   * libglib2.0-0t64.preinst: Disarm libglib2.0-0 postrm for all
     architectures, avoiding a corner case where the faulty postrm that
     suffered from #1065022 would still exist if it belonged to a former
     foreign architecture that was already disabled, but libglib2.0-0
     from that architecture was still in removed-but-not-purged state,
     resulting in #1065022 recurring when that version of libglib2.0-0
     was subsequently purged (Closes: #1110696)
   * d/tests/1065022-futureproofing:
     - Fix a test regression by generating a versioned Provides when
       building a mockup of a hypothetical future libglib2.0-0xyz.
       This regression wasn't immediately obvious because the autopkgtest
       is marked as flaky (it depends on various implementation details
       which we can't completely rely on).
     - Make sure required packages stay installed, failing the test early
       if their dependencies cannot be satisfied
     - Produce only TAP output on stdout, and a diagnostic log on stderr
     - Improve diagnostic output
 .
 glib2.0 (2.84.4-1) unstable; urgency=medium
 .
   * d/control, d/gbp.conf: Use debian/forky packaging branch.
     The debian/latest branch is now tracking 2.85.x for Debian
     experimental.
   * New upstream stable release
     - Ensure that generating temporary file names does not access memory
       outside the intended array of alphanumeric characters if a long-running
       program generates billions of temporary file names
       (CVE-2025-7039, glib#3716 upstream; believed to be unlikely to be
       exploitable in practice. Closes: #1110640)
     - Fix the intended ability for g_settings_bind_with_mapping_closures()
       to copy a value to the destination object
       (glib!4667 upstream)
     - If creating a thread pool fails, report a recoverable error instead
       of crashing with a fatal error
       (glib#3712 upstream)
     - Fix several memory leaks
       (glib#3721, glib!4702 upstream)
Checksums-Sha1:
 3781bde6582453bfd77761cbc62beca7af410459 5004 glib2.0_2.84.4-3~deb13u1.dsc
 58099bd57032eaef7ac563e94985a93fab1d0286 140748 glib2.0_2.84.4-3~deb13u1.debian.tar.xz
 aefb94cfef10277a3b57d47b132576f590fcf4fb 7520 glib2.0_2.84.4-3~deb13u1_source.buildinfo
Checksums-Sha256:
 6e3c859cdc1d47980408efb9743b72d8ef8934cf17b5e145a45bb9e2a0f143d3 5004 glib2.0_2.84.4-3~deb13u1.dsc
 f4116e98980d9fc272037bdcacccb2925026809894255be21e6c9e6cdbe47069 140748 glib2.0_2.84.4-3~deb13u1.debian.tar.xz
 9c3ee19aa0e036901d4b0d7ba004ba96a4b3a45930bd6d442404b0d9b83e4610 7520 glib2.0_2.84.4-3~deb13u1_source.buildinfo
Files:
 dc94b19bf019ac84735ba9361eaf67f2 5004 libs optional glib2.0_2.84.4-3~deb13u1.dsc
 07e72da60e495dbad3b19376e64fdaef 140748 libs optional glib2.0_2.84.4-3~deb13u1.debian.tar.xz
 aa07098535f1fa24e599bbaf0bac2897 7520 libs optional glib2.0_2.84.4-3~deb13u1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEegc60a5pT6Jb/2LlI1wJnT6zMHYFAmiq4aUACgkQI1wJnT6z
MHZ1QQ//To2a57S7M2soykU82nVJsIlqmZBmrNoiB3zny14rzzC7ub9ssmsTF0Fr
Jd03sbDrXzZ3xR6bdamjLGRPGuRTbrNq+HPK7TgTa4g79AsmISMTY6djXcYZa9Tr
t9RQWZJNeRTZ/zck6lDvd1LfQVPBTAObtjUOn2NgKHPaKVXbDvhTmj27iEuB4kjD
1Iz7s0/zLzcUGHiA+DYcdHCE1e/KmK7OPbyicSrcakDWt0DKdOJsGxEepHIHoW/l
AS3BKeSD2hpQKcRl+b00mBVLQgf5gDw4ZZEEDkJphpOyg+2n6srr90N5KIxhQCA7
jhAQXMShK2A60lxBAWvOgFTL/N8NB3ktZxIynN8LAPoPXrgHjJyKreoYho81UoaZ
eox7ag9ld3J3FUPlSiknaBnwW2RlyzrzYHMj854o9Sv02ryqQZqoetqHalez7UcT
L+XkKihf6O1PXLZEHF5iC8w0Qsf6imrah4bhh3fA9wrr/HulmiRVNgwSk3VaPP7U
bcZgyjJl6uiX6ZgooJNWpb/5mjIy4MdwDRe1te1hq82W8BKS5fIbzIzRBmabc/Ye
hzBwFWJQKgjAdSkIH/3R1ZHxvpDnqIlihzx0YvQOBk9axWJNYtld1a6rkeYcpiPD
b2EyWvRpVeyTnVgvLQSYj9yGSCUf4d/Q4OiUiOVVju/1B6EU3mI=
=wf3z
-----END PGP SIGNATURE-----