-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 29 Jul 2025 14:41:15 +0300
Source: erlang
Architecture: source
Version: 1:25.2.3+dfsg-1+deb12u2
Distribution: bookworm-proposed-updates
Urgency: medium
Maintainer: Debian Erlang Packagers <pkg-erlang-devel@lists.alioth.debian.org>
Changed-By: Sergei Golovan <sgolovan@debian.org>
Closes: 1104963 1107939
Changes:
 erlang (1:25.2.3+dfsg-1+deb12u2) bookworm-proposed-updates; urgency=medium
 .
   * ssh: fix strict KEX hardening (CVE-2025-46712) (closes: #1104963).
   * zip: sanitize pathnames when extracting files with absolute pathnames
     (CVE-2025-4748) (closes: #1107939).
Checksums-Sha1:
 98fb730478d5d861c9d118bb74fd26ffbe79e4fa 5041 erlang_25.2.3+dfsg-1+deb12u2.dsc
 17f9b115cb539f2f3688a207388a3eae67d8481b 48013400 erlang_25.2.3+dfsg.orig.tar.xz
 8861de8529015d7238436c04ee28dbbe7447a77a 78080 erlang_25.2.3+dfsg-1+deb12u2.debian.tar.xz
 06dbe70046898fc72dd0e16d77bbe46714a3c2db 31941 erlang_25.2.3+dfsg-1+deb12u2_amd64.buildinfo
Checksums-Sha256:
 6c19cb3c804e4c6fe539841227fea2de796e62e4b4ec580b06bd23f320c4f75d 5041 erlang_25.2.3+dfsg-1+deb12u2.dsc
 65c77675af31235d19ee7888fb2a9d858759b1089ba33126344697be7600d271 48013400 erlang_25.2.3+dfsg.orig.tar.xz
 de28da2ef934e0d712cfbc986fd39f916e600b08a67d46a01620f87bc2bb79d1 78080 erlang_25.2.3+dfsg-1+deb12u2.debian.tar.xz
 6bb10ecb9e225e2d47e3206d94a70640375d4f09b552bccc45015789c741be35 31941 erlang_25.2.3+dfsg-1+deb12u2_amd64.buildinfo
Files:
 fc218a7276483cbeeca1e2f500599e3a 5041 interpreters optional erlang_25.2.3+dfsg-1+deb12u2.dsc
 68f00d5a9b77d45d45be87ab98fa1d15 48013400 interpreters optional erlang_25.2.3+dfsg.orig.tar.xz
 13e3a72a2c5556a092ce4a474b6f091b 78080 interpreters optional erlang_25.2.3+dfsg-1+deb12u2.debian.tar.xz
 1d3282e5311ed9eecd49bbdb84d8d178 31941 interpreters optional erlang_25.2.3+dfsg-1+deb12u2_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE/SYPsyDB+ShSnvc4Tyrk60tj54cFAmiItuYACgkQTyrk60tj
54c4ZBAAjj/sBMDUqwajnL+rvRkLmZSeYSqXObWOfMOr8HvNitqtQy78LcwjmxHk
LyU6GbwtQDxsCvoufZDUzDszMBfZ2bcZnEzk8GURbmZ7L5ATPIAK6QDFv8xNCTu0
s2S9kzKEjBZBFOk6adIvwq+Ps7i5DImBvH9MmcxNfL4tzcPNly/ZPFo/nmwz3Vml
WGiIH64NluoL/+VkykpYvY2qiJ+ElpsKnLGaaZZSDDbltUi69OOpXwe3om9lCLON
BM79ZIoCad+dhzcri2/Vyg6hFrSi4Pc94ygyM7R+v3O9bwOCDaO7RZVRsZvR7z/w
BJvd6ITpF5GTAsiCgQ5KkvCumQh5vTongt7LVlMVA6jjJX11+clAr69QdxVxRCMn
pyX1IlizdW+kcIVg4yjlKVrMoYYT3oOV9X7h5i7F2/wRV9jF2zkraBC0Zwmo+jw6
qZJObwOqdsr9TLwTK8fM0bKk3fOLon75YJJiFJmn3Hw57YjMczEuoENvrR6fPoPl
AjpSZ+7Ac0jY/ZO81qhbYhlhzzBBwywnLrLswi6NzH9Br4fngGISH/GXiMSBx/Mq
f7CR+aKedeRunAmyeT2NHSXS7T0ixT/l+uggImM8MDu4Ygq4TDmXHiWnK8pZI/yF
8FVsfZvzYImexUz5A3qHSw2EN6uv5Ho2pli92NVpjmZgU00qiQU=
=CRDq
-----END PGP SIGNATURE-----