Package: libnuma1 Version: 2.0.16-1 Severity: important Tags: upstream Dear Maintainer,
The version of libnuma1 in Debian stable has a memory corruption bug that triggers simply from the library being loaded via dlopen(), which happens frequently as libnuma1 is a depdendency of many other libraries. This is fixed upstream in v2.0.19 via the following patch: https://github.com/numactl/numactl/commit/f9deba0c8404529772468d6dd01389f7dbfa5ba9 Would it be possible to backport this patch to stable? Thank you. -- System Information: Debian Release: 12.10 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 6.12.12+bpo-amd64 (SMP w/80 CPU threads; PREEMPT) Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages libnuma1 depends on: ii libc6 2.36-9+deb12u10 libnuma1 recommends no packages. libnuma1 suggests no packages. -- no debconf information
