-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 25 Nov 2025 12:05:10 +0100 Source: rlottie Binary: librlottie-dev librlottie0-1 librlottie0-1-dbgsym Architecture: s390x Version: 0.1+dfsg-4+deb12u1 Distribution: bookworm Urgency: medium Maintainer: s390x Build Daemon (zandonai) Changed-By: Thorsten Alteholz Description: librlottie-dev - library for rendering vector based animations and art (developmen librlottie0-1 - library for rendering vector based animations and art Closes: 1109341 Changes: rlottie (0.1+dfsg-4+deb12u1) bookworm; urgency=medium . * Non-maintainer upload by the LTS Team. * CVE-2025-0634 (Closes: #1109341) CVE-2025-53074 CVE-2025-53075 Most patches to fix these issues are already part of: Fix-crash-on-invalid-data.patch The remaining boundary check is left in: CVE-2025-0634-CVE-2025-53074-CVE-2025-53075.patch For the sake of completeness, the whole upstream patch for these CVEs is added in: CVE-2025-0634-CVE-2025-53074-CVE-2025-53075.patch.org Checksums-Sha1: 7e953f1944b03d1c4d91e71c1a0475d4be1eef5d 20852 librlottie-dev_0.1+dfsg-4+deb12u1_s390x.deb 4d082b5686020702130d27f9cc13a3fd7f5380f6 2506712 librlottie0-1-dbgsym_0.1+dfsg-4+deb12u1_s390x.deb 3a17273a7a6f6ba0d814d0c291e6531fffdfcf46 147840 librlottie0-1_0.1+dfsg-4+deb12u1_s390x.deb a660112cadb501fcfe78865b0d4138e1e2bb2ffd 7442 rlottie_0.1+dfsg-4+deb12u1_s390x-buildd.buildinfo Checksums-Sha256: c95c18c69c54c6cf77b53bf0aaab7aaf9eeed9a910deb58444cd77662bb5dece 20852 librlottie-dev_0.1+dfsg-4+deb12u1_s390x.deb dbfbf63deb6584837fdd949a27e6ed3620ccc0fd56324c2fc48ef50c0a0d5269 2506712 librlottie0-1-dbgsym_0.1+dfsg-4+deb12u1_s390x.deb e880a7453eb6de891bdad591a45761378c9fcc27137e9dd761ced135a3b38f6c 147840 librlottie0-1_0.1+dfsg-4+deb12u1_s390x.deb 51604ff35b4229d6fdbde58e021bcf2a59d91679515d434189100a19c89cf7da 7442 rlottie_0.1+dfsg-4+deb12u1_s390x-buildd.buildinfo Files: 67a8f2d7eaed4ca5c9d16cabf250cb84 20852 libdevel optional librlottie-dev_0.1+dfsg-4+deb12u1_s390x.deb bbd54fc76eae308f127493326946c11a 2506712 debug optional librlottie0-1-dbgsym_0.1+dfsg-4+deb12u1_s390x.deb 52daa84deade7f6d7af4724973490199 147840 libs optional librlottie0-1_0.1+dfsg-4+deb12u1_s390x.deb 28dbff3ce662f523c7acc8a2d94513b5 7442 libs optional rlottie_0.1+dfsg-4+deb12u1_s390x-buildd.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEENly2ANlpa4eeqnluvVOPI7pYNpgFAmlOpa4ACgkQvVOPI7pY NphCqg//SBemZ+WXjKq+24IZYEwuzwwofdvyL6/qg+NWqHiA73l9LtJiIeihbTC6 +5ejiQL5sAHurJlanzJr9YTLyAiQ5OPKm2gKxwwDEGhR5iqOy+lmDeOjQhnbfaY6 jgyDp8BWgyReztUSX6eAki4seX09m9Vy/uvX1LnhTwvhOpbw5ltAUfdhvizx+FsY azxhMIynOPs1rQ6b1cw6LYnhUNlPlqEdbPqWsvYEmFDPJoWbL2EPXcGA6juilzxA 1KzUhEAAbV3EnOgZyjNSDSBLm1xpnu118zDN8qV6IqgIEbS7elwUhEeCuG67Fbrt 5qTtaWPmVoI7X8vBfc6Asp8WQzia6QUjwMJoT0ebp9V8zBzKhRrGkwisjn73asV/ d5/9kv49DE+9SL7PfqPgbV4r1ZElWW6KDoMKqDU0mhs/26Aqm2EB8l3QxsV4Bicq Th+ao2Joe6mQooJQs+Fb/MRPqhHp7GTvZ43cWRd8xrrCaokuuRxYb+OnI3ZE0urA S6yS6nw3wFmRExJfT7gKJOClLZMXHELRuv5lgHN+wkEQDPKeViGtqoKEweetS8xD wGlzVLKDEvKNMrZJD4KZn8wOGSAbTe0d/9bi7D48A88j6BDRgTf9G6YK2/xg9ash Tpf9ltZIAJWPdsw4xDXqqAFijNeLnW51byFQrFYNUWnrHhyjHb4= =NmzB -----END PGP SIGNATURE-----