-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 25 Nov 2025 12:05:10 +0100
Source: rlottie
Architecture: source
Version: 0.1+dfsg-4+deb12u1
Distribution: bookworm
Urgency: medium
Maintainer: Nicholas Guriev <guriev-ns@ya.ru>
Changed-By: Thorsten Alteholz <debian@alteholz.de>
Closes: 1109341
Changes:
 rlottie (0.1+dfsg-4+deb12u1) bookworm; urgency=medium
 .
   * Non-maintainer upload by the LTS Team.
   * CVE-2025-0634 (Closes: #1109341)
     CVE-2025-53074
     CVE-2025-53075
     Most patches to fix these issues are already part of:
       Fix-crash-on-invalid-data.patch
     The remaining boundary check is left in:
       CVE-2025-0634-CVE-2025-53074-CVE-2025-53075.patch
     For the sake of completeness, the whole upstream patch
     for these CVEs is added in:
       CVE-2025-0634-CVE-2025-53074-CVE-2025-53075.patch.org
Checksums-Sha1:
 2bf1ad9550b6b56be87bb4f0066d1403199a5299 2214 rlottie_0.1+dfsg-4+deb12u1.dsc
 b5c6a1fbed15d57b45f8321aa2fd9fa10dd376f9 2899072 rlottie_0.1+dfsg.orig.tar.xz
 4583059c5c944d7ab0414b87f5ea6a6b2112c7ef 22472 rlottie_0.1+dfsg-4+deb12u1.debian.tar.xz
 47b3f95e2a9ec3d272bf9e2ffc6f9de154743112 8004 rlottie_0.1+dfsg-4+deb12u1_amd64.buildinfo
Checksums-Sha256:
 326aa015a6f35fd751b4d1d653c56297ca9fe6c0c5bc9640f6f6c3c1df886b8b 2214 rlottie_0.1+dfsg-4+deb12u1.dsc
 23ef230681bfec7ed6f2d1e3918fed9456874392594297f9a5b70e0bc58a80eb 2899072 rlottie_0.1+dfsg.orig.tar.xz
 94264e7d4b75dfdd3655ef9e269798ddf0134ad50d81d019855be884afe5084b 22472 rlottie_0.1+dfsg-4+deb12u1.debian.tar.xz
 12d034b242bcae01e821e62666f61014a941e7b0886619587cd15af238644d40 8004 rlottie_0.1+dfsg-4+deb12u1_amd64.buildinfo
Files:
 3e5de5569baa4aef3b75d1b3e7c46ca0 2214 libs optional rlottie_0.1+dfsg-4+deb12u1.dsc
 4a1a9402dd50e0f917b01b762c98a7c8 2899072 libs optional rlottie_0.1+dfsg.orig.tar.xz
 fccd0ed8ea983b4a6000d7829d973f65 22472 libs optional rlottie_0.1+dfsg-4+deb12u1.debian.tar.xz
 181a2c23668300f785f995004dd2824b 8004 libs optional rlottie_0.1+dfsg-4+deb12u1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQKnBAEBCgCRFiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAmk8VzNfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy
MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcTHGRlYmlhbkBh
bHRlaG9sei5kZQAKCRCW/KwNOHtYR9lqEACagBHKAu47apmCgek8Fm7cJC2OVNHr
9UZHfc/mY5kJgT1sV9FVa6os3cZjKBJuIBEMtdnLyQjU8i60O3utlQlzVHpjW9DM
26gqt20tZZ3PgFD5NJ9UimO81wcpu64dNutffQfE6xPNHWOdeb032FX7Ii05b729
0yt3bMhy8OPYHKEgmYHRQmKnlc48SkKFwg2PYQNuM1AmbNo5B6gWxIZizNUicqwP
8+oPaKjelQG//gYzXhsOByYVKwZaMWS9J272FNawY3Vbb3V0ZR6nCM6GdxbQQLUW
UFNvEblaNyllTscoad+hnKpjUK5PCDzA4UuGxfGkiEBsTV+JxMOcfNnT4WPpgjs6
/3NsJMSW52xO1x95TebSEupwqb0hqEYUqJEuIDHYWGOWO4wsGSiFrHgoo56vpNL0
ul81sbMhgchTV/tXq5Sd4c46T7zIDNA5MwcdekbarzStYSTpyzziLmSjDGm97yVe
MzcZvA06r9/tYaTPn1uVZf15DRh6VNA5+HYUQALZDUcfQ2BZJgvVCgM33t8ZIVUE
7Jf3hu/KXZCUkLY9tX6RyDAMwQhCWLx1KnmtheW58+DW4n4U05kcRT8H4z7XRxPi
j428R8r40Edtp8Fo1tcq54RZJXbz6LiFjKqV0V7KC6NFtg24Eyip3EDljtIDV8xZ
u5VaAHshH2Zplw==
=4AEt
-----END PGP SIGNATURE-----