CLSA-2026-1778003565 Fix CVE(s): CVE-2026-40684, CVE-2026-40685, CVE-2026-40687
SECURITY UPDATE: out-of-bounds read in DNS reverse-lookup escape decoding when running against musl libc - debian/patches/CVE-2026-40684.patch: harden stringcopydnsdomain to consume 1, 2, or 3 digits incrementally instead of indexing past the input string when fewer than 3 digits follow a backsla...