-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 25 Nov 2025 12:05:10 +0100 Source: rlottie Binary: librlottie-dev librlottie0-1 librlottie0-1-dbgsym Architecture: armhf Version: 0.1+dfsg-4+deb12u1 Distribution: bookworm Urgency: medium Maintainer: arm Build Daemon (arm-ubc-05) Changed-By: Thorsten Alteholz Description: librlottie-dev - library for rendering vector based animations and art (developmen librlottie0-1 - library for rendering vector based animations and art Closes: 1109341 Changes: rlottie (0.1+dfsg-4+deb12u1) bookworm; urgency=medium . * Non-maintainer upload by the LTS Team. * CVE-2025-0634 (Closes: #1109341) CVE-2025-53074 CVE-2025-53075 Most patches to fix these issues are already part of: Fix-crash-on-invalid-data.patch The remaining boundary check is left in: CVE-2025-0634-CVE-2025-53074-CVE-2025-53075.patch For the sake of completeness, the whole upstream patch for these CVEs is added in: CVE-2025-0634-CVE-2025-53074-CVE-2025-53075.patch.org Checksums-Sha1: f58a149339b4947a59cf2356f2a6ace5186116e8 20856 librlottie-dev_0.1+dfsg-4+deb12u1_armhf.deb 9b257777538a4746da42d98e84f20cb4ba15a1b6 2471108 librlottie0-1-dbgsym_0.1+dfsg-4+deb12u1_armhf.deb 86a3906b33f63e1c69426a83287443ab0b53c16a 146164 librlottie0-1_0.1+dfsg-4+deb12u1_armhf.deb 2366cf9282bd8f2aecb3a7cde5c6d8b5c2aa760f 7414 rlottie_0.1+dfsg-4+deb12u1_armhf-buildd.buildinfo Checksums-Sha256: f8b98caddd80b1ad296592b48e3d0fbe3be712acb3c9776c37ed38b95c343eaf 20856 librlottie-dev_0.1+dfsg-4+deb12u1_armhf.deb 9e2f7622f54af34a49289b98406be9e1e4740d0f0cba1b3d93450b84ec1e8ebf 2471108 librlottie0-1-dbgsym_0.1+dfsg-4+deb12u1_armhf.deb 80b28c250fbf3a266fdb7eb3cb90e89dcb251f10b3004dae3dc6a9636320d066 146164 librlottie0-1_0.1+dfsg-4+deb12u1_armhf.deb 49dcefefe3f0976c9c5b231fab44657c5faa0028309101b6fc26a6511e804add 7414 rlottie_0.1+dfsg-4+deb12u1_armhf-buildd.buildinfo Files: e2420d9eee2ddd295b67e84cd9ba4994 20856 libdevel optional librlottie-dev_0.1+dfsg-4+deb12u1_armhf.deb 12337c76cf57e91af08ff4bd5df412db 2471108 debug optional librlottie0-1-dbgsym_0.1+dfsg-4+deb12u1_armhf.deb b1f983dfd5fcc5d08316ae5d98f931ee 146164 libs optional librlottie0-1_0.1+dfsg-4+deb12u1_armhf.deb 703f019aa39a1f3d4a1b53b4ec3517e2 7414 libs optional rlottie_0.1+dfsg-4+deb12u1_armhf-buildd.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEiIG3Q3DxwDgRKKeyLRECdjCZQkcFAmlOpCsACgkQLRECdjCZ Qkd6OA//Qw8p9qINMN8zgEUu6UtoQ8p2un/LcxpyyZTqz9inEZp0m3M/SF18MB7s i9rfaG+l2eQzYZbQOYgGyrj51NfuD5Oyyl23+VdxkoQoEw26fKsTVTAL8+ujChGA YQPOnwnz9oKlEa3nHCSetjVW4zH5at0FfwAtcShMSt7JwyBb2ZZXRU/62R8leF0Z 66kqFS5KlDrPxLuWEsG7DEqKwj2hHAnaxZ1TtpwRevdrBzmwAqGXbtu8gfLTGy0h Xsy7/Z2pK+fQ26TaMEiNLADk5B0BeCubiIvK+ikqO43HWH1G/LfWSUl+o5JgD9r6 wjfbNQ6b1AiSIrddFB4DlnOU+w2wL0/tsMVtaGSoaZbE3erWgfGvjQi22Ct0BgS4 nnX9mERUTtTVE8sxO8siSUW6PCczbw6Y7azq3x2nKJKLjvDn3oLHC2TL06/pX5Bw mUBrPRHtLqeEp0UG5BdnclyT4eGdcxuZ+S7CsAa/txm+XVAoeNTwQ4cn107expK2 aWwVclI9w9vsS7AZ3w0QYUS++71pbwvD1NJYTFmVpNQLTEVyzfePnHUEptSligtk SudRlKw5qM9TacQeTayMfbcMRxPpm+pVFlJMBfDHyUOu7JfmYHZhgpw6vr9J6Ymg IvUlawBnyrW+hmKAVo46mKqS7j1BqeMsCsSFVbml1xz5IIvrcSQ= =UfQ4 -----END PGP SIGNATURE-----