-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 25 Nov 2025 12:05:10 +0100 Source: rlottie Binary: librlottie-dev librlottie0-1 librlottie0-1-dbgsym Architecture: ppc64el Version: 0.1+dfsg-4+deb12u1 Distribution: bookworm Urgency: medium Maintainer: ppc64el Build Daemon (ppc64el-conova-02) Changed-By: Thorsten Alteholz Description: librlottie-dev - library for rendering vector based animations and art (developmen librlottie0-1 - library for rendering vector based animations and art Closes: 1109341 Changes: rlottie (0.1+dfsg-4+deb12u1) bookworm; urgency=medium . * Non-maintainer upload by the LTS Team. * CVE-2025-0634 (Closes: #1109341) CVE-2025-53074 CVE-2025-53075 Most patches to fix these issues are already part of: Fix-crash-on-invalid-data.patch The remaining boundary check is left in: CVE-2025-0634-CVE-2025-53074-CVE-2025-53075.patch For the sake of completeness, the whole upstream patch for these CVEs is added in: CVE-2025-0634-CVE-2025-53074-CVE-2025-53075.patch.org Checksums-Sha1: d85f7a751936411a05f2e79d3dec1a0bcab0694d 20852 librlottie-dev_0.1+dfsg-4+deb12u1_ppc64el.deb 342c13ba9118e6d32bc7e7008f5b39d8df206afe 2549884 librlottie0-1-dbgsym_0.1+dfsg-4+deb12u1_ppc64el.deb b3111c9f99ae9a8ed662aae6c75e36b7320ccdcc 176804 librlottie0-1_0.1+dfsg-4+deb12u1_ppc64el.deb 3c91f89922a23ea859b31ec1fbff7abf10b3dbe3 7573 rlottie_0.1+dfsg-4+deb12u1_ppc64el-buildd.buildinfo Checksums-Sha256: c1b239a3b956582b53472e7741eabbfc39cdeedc13fac67c774eb4531902c248 20852 librlottie-dev_0.1+dfsg-4+deb12u1_ppc64el.deb 16ade7891767198a835ab5ae2e074241049a193bcd27008e910e983002ad004a 2549884 librlottie0-1-dbgsym_0.1+dfsg-4+deb12u1_ppc64el.deb 112f282866e1056f8091999b950cd684c633eb00b7b54de3bd18a6046716d6bf 176804 librlottie0-1_0.1+dfsg-4+deb12u1_ppc64el.deb 4ccbd7c0f22301ad25c7c493e795c13911b648d6179b226b17a6ead6b5d4a537 7573 rlottie_0.1+dfsg-4+deb12u1_ppc64el-buildd.buildinfo Files: 379b6ad6ba5a19b941d8fd65ae47e634 20852 libdevel optional librlottie-dev_0.1+dfsg-4+deb12u1_ppc64el.deb 1127117421971dfbaa46422eba9af15a 2549884 debug optional librlottie0-1-dbgsym_0.1+dfsg-4+deb12u1_ppc64el.deb 54426414eddb6eddf054d665fd564261 176804 libs optional librlottie0-1_0.1+dfsg-4+deb12u1_ppc64el.deb d0f3f87b7cf23fc57f1dd2a50aad8d4e 7573 libs optional rlottie_0.1+dfsg-4+deb12u1_ppc64el-buildd.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEySUEQfg5pZeb/U372FRWNm40e2YFAmlOpHQACgkQ2FRWNm40 e2aCrBAAoVzoNzYeeeqsJNwOnBqTzFn7fGKDRFvVyE6KYVYxsnRQXBY09/6Q9OWF 9Ie13gEFC+1H+v77xHBIp8NtadR1RFpt/jm5Tp5nNTrrSXrgwNkfGpOAL+aSS8mc Gq4IjJT1i7HEc9x+uB4B7dEJ8tin49ARrYMMRTDzy/oUTd+6ufR9LQRAp6tkjRkk cQTBmvMY3ifxg3Sye8DP8DQZ0UxRXyUtoh7w2zdLTbLUbc4t0p1Vy2bvS8mwBWR4 jrV/iwR810IuqV0tCV1TQUTlfV8Y8kh1WVAj2kjp2N/Y/bvT7F89yRTdACc5kTvv NzhiT5oFKxcBt5jpEHwSN/j0TAhi2MDB6y8bEvNzNDSWAjAi+qng33v9HO7raWuQ qPfEq8jsP+TnRavSwvmRSijeHKs7xIR66ov/oBL9++gTsx47DTGjn3ouIZRaHpzB 9/bjaIhH+vuYtG/PelewdkwfidYeURV0AmaJjo1LPAW2Mo+xqmoS6hGKHKtOHuI2 zWpTLhrjk54tvGJx4QG4FQemRqGWv7yCzQsp8vsnyt8kNye55qapZJuX/00J/e/+ SpbNE/jcmkb5PqOqxSFqCzy1d0IbFZr1nRfB9fPrNTZVkkE9Cw5cW93rHozQuPDE lbyFKhjKdJIEw5xSa7wFBONl6vobJio0GKx8FbqxwUG7Uv3D2I8= =AbsF -----END PGP SIGNATURE-----