-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 25 May 2025 17:51:18 +0200
Source: libavif
Architecture: source
Version: 0.11.1-1+deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: Debian Multimedia Maintainers <debian-multimedia@lists.debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Closes: 1105883 1105885
Changes:
 libavif (0.11.1-1+deb12u1) bookworm-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Add integer overflow checks to makeRoom (CVE-2025-48174)
     (Closes: #1105885)
   * Avoid integer overflow in (32-bit) int or unsigned int arithmetic
     operations (CVE-2025-48175) (Closes: #1105883)
Checksums-Sha1: 
 d59f31c294e5344e6247f37a49dfd5b31fb4989e 2763 libavif_0.11.1-1+deb12u1.dsc
 5d9b62d2853cba9d4adef1d4f217b67741e07d94 5826813 libavif_0.11.1.orig.tar.gz
 5662e96cf71fb4beb6822e064cff910e55832895 7608 libavif_0.11.1-1+deb12u1.debian.tar.xz
Checksums-Sha256: 
 87b4faee8aba6052663493f484f7b58754f727fdc33024e5bbb6e821f5de58bd 2763 libavif_0.11.1-1+deb12u1.dsc
 0eb49965562a0e5e5de58389650d434cff32af84c34185b6c9b7b2fccae06d4e 5826813 libavif_0.11.1.orig.tar.gz
 1c8169da17c31882c0e008e661152bbb697ff49c97fd94a9565a5053cd72c21c 7608 libavif_0.11.1-1+deb12u1.debian.tar.xz
Files: 
 3870586659ec661c7a2ec96061efbe1d 2763 libs optional libavif_0.11.1-1+deb12u1.dsc
 dde524dfc0e0e37a468277b128662990 5826813 libs optional libavif_0.11.1.orig.tar.gz
 011ba4479544a620de35ab083f81afd9 7608 libs optional libavif_0.11.1-1+deb12u1.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmgzPplfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89EUpEQAJjmFIlu09m0vds2/ejvc9CZr0DZPb60
VegtHPlAo+eF57XR+Ojz7uQRs7/xF8LHzDC+r4/HEzcWLjeIwqe4mh3yLisb03Ae
fPrZcI4Xyd/cZ3jFQBFpg2/9BfFifnKExRy2UO3pu7x1ZFqYzwzic+2tnQRflcE4
w2ziW2tu2UJRkM1FPmmWfEdoCccxVtn9dorTrsmhrQBarP6jpfjyWTczwyfioyEn
i9fGnJpcnpigmc0uFUr/uQxPmILGNJ4qxzgcf+jRQ/y7LedeZ7uYGJjTu4ljRqoJ
HLzCcpsKVQwx7lqY5RkQPdARs2Z1wwz13hNMHriZGVQusD6Z++CtVTEBzDUiLD5m
gJiJmaePXXGKlApRmygKEZpZP4mDSmfp0uYvT//UuGWtuL/Invx4nQlTqSI8qEgy
b5nX+KZ3EsT7RERnXgpTkmWVUAH/ejaV+c2YxkihVikiudpURinYcFmSu35L2hsq
/fZbyIcUHUeyShW6n4U7PoUTa5eogjoOTYL1IKstluOi917b3obc9VoQoC9xeJxj
+SqEoO3wKvBAngDNXzwmh+256nhMRbCEnnYdCM3XBg5gW76kfN5C2WL1+Km+gBcD
MaTUh9qoZc7ZSJDJ2sF9+0VBt1tV2WGv4PJ5+ZofvxQRm7cckiTitwXLRwHVsQZQ
ZyoufXH3uNg6
=fffy
-----END PGP SIGNATURE-----