-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 03 Jul 2025 16:06:10 +0800
Source: jpeg-xl
Binary: libjpegxl-java libjpegxl-java-dbgsym libjxl-dev libjxl-devtools libjxl-devtools-dbgsym libjxl-tools libjxl-tools-dbgsym libjxl0.7 libjxl0.7-dbgsym
Architecture: arm64
Version: 0.7.0-10+deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: arm Build Daemon (arm-conova-03) <buildd_arm64-arm-conova-03@buildd.debian.org>
Changed-By: Aron Xu <aron@debian.org>
Description:
 libjpegxl-java - JPEG XL Image Coding System - "JXL" (java bindings)
 libjxl-dev - JPEG XL Image Coding System - "JXL" (development files)
 libjxl-devtools - JPEG XL Image Coding System - "JXL" (dev command line utility)
 libjxl-tools - JPEG XL Image Coding System - "JXL" (command line utility)
 libjxl0.7  - JPEG XL Image Coding System - "JXL" (shared libraries)
Closes: 1034722 1055306 1088818
Changes:
 jpeg-xl (0.7.0-10+deb12u1) bookworm-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * CVE-2023-0645: out of bounds read in the exif handler (Closes: #1034722)
   * CVE-2023-35790: integer underflow in patch decoding can lead to a denial
     of service issue. (Closes: #1055306)
   * CVE-2024-11403: out-of-bounds write in the JPEG decoder when doing
     recompression. (Closes: #1088818)
   * CVE-2024-11498: stack buffer overflow in modular trees (Closes: #1088818)
Checksums-Sha1:
 4c240944881102705c8c36b7b278c63873d72e44 14409 jpeg-xl_0.7.0-10+deb12u1_arm64-buildd.buildinfo
 5790995adb8a40f2078337455ddeb5369b4517c0 7352016 libjpegxl-java-dbgsym_0.7.0-10+deb12u1_arm64.deb
 a8e0de0e9835f25e818e2356505cc91e181d10dc 300908 libjpegxl-java_0.7.0-10+deb12u1_arm64.deb
 bb24eabad5bce29c8e8f9d8b5b289976d63a8a7e 49632 libjxl-dev_0.7.0-10+deb12u1_arm64.deb
 cf00c3987192c3d39cb08c903737513be4170477 212481872 libjxl-devtools-dbgsym_0.7.0-10+deb12u1_arm64.deb
 727ff8279724f939f2b7fd7d0e940a7e0e048751 1928644 libjxl-devtools_0.7.0-10+deb12u1_arm64.deb
 3c37645d52994916394e1b4eb1de51591a0acf33 20751316 libjxl-tools-dbgsym_0.7.0-10+deb12u1_arm64.deb
 b3680cb34080100286533224073fa9986d06894a 706660 libjxl-tools_0.7.0-10+deb12u1_arm64.deb
 1d39dcf52be2a394ae949bc3df9b609c8e7d5149 17508776 libjxl0.7-dbgsym_0.7.0-10+deb12u1_arm64.deb
 1375fb73511b741ea50cf0defdb78f8eb350c89f 643892 libjxl0.7_0.7.0-10+deb12u1_arm64.deb
Checksums-Sha256:
 a51ee748ed18110052c4496baea1d70b861405a5e8a8c4028995998445ae4b8e 14409 jpeg-xl_0.7.0-10+deb12u1_arm64-buildd.buildinfo
 bde7d3363b95bc693fcdbe61504ef425fbbd08c2d70dc6b5da241e3fa6bff149 7352016 libjpegxl-java-dbgsym_0.7.0-10+deb12u1_arm64.deb
 8fb4703fc412b0be0db3a5dc62087cb8e207e9ba2872169bcd7546865cec601b 300908 libjpegxl-java_0.7.0-10+deb12u1_arm64.deb
 67f26e54cd109661d0431623f1d028be335fd347cb40e3b5858298918b35e26f 49632 libjxl-dev_0.7.0-10+deb12u1_arm64.deb
 ead9b532374bb366b0a19187f18ec09dd0e654fe9e4ad776e0d433b0587300ea 212481872 libjxl-devtools-dbgsym_0.7.0-10+deb12u1_arm64.deb
 8faa16e5f3c17a814c57c2484156dcfdf32fd790016bc6f098694d60fc84f99e 1928644 libjxl-devtools_0.7.0-10+deb12u1_arm64.deb
 d0108deb90cbce0a35dd8d8d916ff907de5cc7ec3066673f8cf02eeb7582ef37 20751316 libjxl-tools-dbgsym_0.7.0-10+deb12u1_arm64.deb
 8c32f6a6d0b944075f61c766b7eace7e1d8c9b1aefa388e89b8fcae63b6e2cb8 706660 libjxl-tools_0.7.0-10+deb12u1_arm64.deb
 1804fcff54c8b712edfe2febc4e41026acd4c144145b58cd147cbe61bc124e00 17508776 libjxl0.7-dbgsym_0.7.0-10+deb12u1_arm64.deb
 fc46d9d24c22e16726cc0fe131f52c4b3cc08db7ba408ef15173841bd3933f2e 643892 libjxl0.7_0.7.0-10+deb12u1_arm64.deb
Files:
 c42bd8df8f818c69966975eeb7551a91 14409 graphics optional jpeg-xl_0.7.0-10+deb12u1_arm64-buildd.buildinfo
 1cfb3d84273d35b6051f4a067400f139 7352016 debug optional libjpegxl-java-dbgsym_0.7.0-10+deb12u1_arm64.deb
 1dc20e9b33e527f6cc923d5f27f18063 300908 java optional libjpegxl-java_0.7.0-10+deb12u1_arm64.deb
 92dd6a6eb4aa506850349df6cafc6a37 49632 libdevel optional libjxl-dev_0.7.0-10+deb12u1_arm64.deb
 67da65149c72c8c88edfbe725e526b0c 212481872 debug optional libjxl-devtools-dbgsym_0.7.0-10+deb12u1_arm64.deb
 78d5fdd8a60ae4f92d52434a01135cb0 1928644 utils optional libjxl-devtools_0.7.0-10+deb12u1_arm64.deb
 c37fb169c5a55637f54dad5e9bcc60bc 20751316 debug optional libjxl-tools-dbgsym_0.7.0-10+deb12u1_arm64.deb
 33402ef85daf59eea107dcc5c6838ffb 706660 utils optional libjxl-tools_0.7.0-10+deb12u1_arm64.deb
 c3a6de93d70288a44cfd283d6d5fbbe5 17508776 debug optional libjxl0.7-dbgsym_0.7.0-10+deb12u1_arm64.deb
 d26e4719a9545586148b54a68bdb71e4 643892 libs optional libjxl0.7_0.7.0-10+deb12u1_arm64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEVM4SKBZumztS8zr3lST9Us03ywsFAmhmWoAACgkQlST9Us03
ywulOg/+PY3FT3SyYxuvQ6qJovzqd0xoNLOnGj5QJY1OaIu3Y6xJUKxKKl3EGa35
Yi92UU4zqLmETHTivYbfGIwDf3xA/1MaUmYT4mnHmIk1GAYPWyC4gHCZkJjpg3p1
SfWZ2QFLaT5xTQQ3dsspIQv3XuFBSIe3XW9iE/oNKacZLCEeZv2RoHl2ntfijhfu
lt6t3aBCfNbOva+z7BjjzfWAwdUIMY80FFTTbQI5Jk1bC9XDC/yaqspz7RSGW9UF
uZCOpNUULOZpvGqE9h5FflNgZXxTm88/np3ZTllRsYuIdnJDHvjUqCaEuCBCIewI
kbdgf/odtwj2yHSKT5V/vqM/REKrQlDmwe4zRCb1C0HkPUkebZeiL/7FEDRCIJwk
rqphC6wRHebYamobg7d7T1F/BRyr4vgNhzO+VWJc0SQQxPLAf2+T+OVzJu5U2tEq
3YQjEEG+Gr0k4ABF+3pSj8xaj2LQC5yNTLs0nEYk+6bGvybmNbD3fX/lQoQoqule
bvzmR7zxBhDUBf7x9yd2TyXEWTw6UqG/MrjXPo+Xi9Gr1iPB3uaGzztWM2mN9TjJ
iuDFkwB6ORLmtu3muqUDqjGbnA+b2vLG5CQbsiYGqdMLB6HRibl7Dt4xZQQmzCl3
a8YLcW1mv+bczrAQRJG4hq08wISe4BgN/5aH4hk4UjFxkS5vPCc=
=CmUa
-----END PGP SIGNATURE-----