-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 03 Jul 2025 16:06:10 +0800
Source: jpeg-xl
Binary: libjpegxl-java libjpegxl-java-dbgsym libjxl-dev libjxl-devtools libjxl-devtools-dbgsym libjxl-tools libjxl-tools-dbgsym libjxl0.7 libjxl0.7-dbgsym
Architecture: i386
Version: 0.7.0-10+deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: all / amd64 / i386 Build Daemon (x86-conova-01) <buildd_amd64-x86-conova-01@buildd.debian.org>
Changed-By: Aron Xu <aron@debian.org>
Description:
 libjpegxl-java - JPEG XL Image Coding System - "JXL" (java bindings)
 libjxl-dev - JPEG XL Image Coding System - "JXL" (development files)
 libjxl-devtools - JPEG XL Image Coding System - "JXL" (dev command line utility)
 libjxl-tools - JPEG XL Image Coding System - "JXL" (command line utility)
 libjxl0.7  - JPEG XL Image Coding System - "JXL" (shared libraries)
Closes: 1034722 1055306 1088818
Changes:
 jpeg-xl (0.7.0-10+deb12u1) bookworm-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * CVE-2023-0645: out of bounds read in the exif handler (Closes: #1034722)
   * CVE-2023-35790: integer underflow in patch decoding can lead to a denial
     of service issue. (Closes: #1055306)
   * CVE-2024-11403: out-of-bounds write in the JPEG decoder when doing
     recompression. (Closes: #1088818)
   * CVE-2024-11498: stack buffer overflow in modular trees (Closes: #1088818)
Checksums-Sha1:
 7b911c682a6efd51313831859eb84656e3a6df04 14340 jpeg-xl_0.7.0-10+deb12u1_i386-buildd.buildinfo
 32603403096177b966e99b40a32f6e16222b8095 8342780 libjpegxl-java-dbgsym_0.7.0-10+deb12u1_i386.deb
 8317cd72396d33a206a2c0c55b3ddca3c9ab062a 400312 libjpegxl-java_0.7.0-10+deb12u1_i386.deb
 33a3d91b39601de8542f75fef7aee99470774e3e 49628 libjxl-dev_0.7.0-10+deb12u1_i386.deb
 5396798eaf925d184679786587290c8b3fd11c5d 237636196 libjxl-devtools-dbgsym_0.7.0-10+deb12u1_i386.deb
 37bb52ea509c46ec4ffa3083d118892e57c8b1e7 3254468 libjxl-devtools_0.7.0-10+deb12u1_i386.deb
 4401776f84b380814c52cb128fcb24acddd7792b 23053468 libjxl-tools-dbgsym_0.7.0-10+deb12u1_i386.deb
 59cfe01ef4d4da4fc3d55c37b182c07b677bca16 926384 libjxl-tools_0.7.0-10+deb12u1_i386.deb
 c9c5cad5a3ecc74801a4044e96672a393c564896 20095024 libjxl0.7-dbgsym_0.7.0-10+deb12u1_i386.deb
 2a1ed4267cd73d26f7c05312da95322b1cfc031c 865248 libjxl0.7_0.7.0-10+deb12u1_i386.deb
Checksums-Sha256:
 a56f2edfc686e9d89d79b56195665d0b22580c8dcc0c73a0b98d3201961ac6f1 14340 jpeg-xl_0.7.0-10+deb12u1_i386-buildd.buildinfo
 a53512bc405f85bc361ea20e233bc475d03cc498bb18b59abd734ce0a6dd3f22 8342780 libjpegxl-java-dbgsym_0.7.0-10+deb12u1_i386.deb
 5f8787aa5005b6812e1576f9ae17b98250adcf98a9cce21aca12006cd789be93 400312 libjpegxl-java_0.7.0-10+deb12u1_i386.deb
 6d9ff88f5842393547b1d48904f2a3b02f22d81b6babf96f7aaab251777967f0 49628 libjxl-dev_0.7.0-10+deb12u1_i386.deb
 7164bc3d8628220ae6e1921079ad2dd17e03c143b9e44a2a714c6e6ac0fac9a0 237636196 libjxl-devtools-dbgsym_0.7.0-10+deb12u1_i386.deb
 ee88caf32afae8ae584146ad064108d5a7d5d34ee571e18d21d40d0e2b1e15a1 3254468 libjxl-devtools_0.7.0-10+deb12u1_i386.deb
 65805ec12171886815952b28626cf9ae3fe81f4c8f07ad2f8d191614983c2a6c 23053468 libjxl-tools-dbgsym_0.7.0-10+deb12u1_i386.deb
 714b7711ab4a1f5dd7bce494e1402bcbbc53012ab09ef7af230029ae9de95e24 926384 libjxl-tools_0.7.0-10+deb12u1_i386.deb
 892960722c27b2574b8689391cbb9f8853779d5c8c0e71a825a1973ca161058e 20095024 libjxl0.7-dbgsym_0.7.0-10+deb12u1_i386.deb
 f9296e56ca5ba43dba5b40e693965ca11e31dbae3eb7cda5924be836562703c9 865248 libjxl0.7_0.7.0-10+deb12u1_i386.deb
Files:
 81867748b4486526734a17eb5334e68e 14340 graphics optional jpeg-xl_0.7.0-10+deb12u1_i386-buildd.buildinfo
 d019fc7f9650716bf476eb000e66d0e1 8342780 debug optional libjpegxl-java-dbgsym_0.7.0-10+deb12u1_i386.deb
 1579fa032fa1150ca98331c3da8a60eb 400312 java optional libjpegxl-java_0.7.0-10+deb12u1_i386.deb
 750de458a5908ae5a687215ebf4108bb 49628 libdevel optional libjxl-dev_0.7.0-10+deb12u1_i386.deb
 d1e147a73c3c42d947cd9d5baa32e9ac 237636196 debug optional libjxl-devtools-dbgsym_0.7.0-10+deb12u1_i386.deb
 4e98309f60b62437fdd0060fde4d4359 3254468 utils optional libjxl-devtools_0.7.0-10+deb12u1_i386.deb
 5b000cd4620e4bf228514a041781ffbb 23053468 debug optional libjxl-tools-dbgsym_0.7.0-10+deb12u1_i386.deb
 fe926881e1fa5b729f44d0d38ab64f85 926384 utils optional libjxl-tools_0.7.0-10+deb12u1_i386.deb
 a1a82c8aa62801b7bda17fcae8ac6131 20095024 debug optional libjxl0.7-dbgsym_0.7.0-10+deb12u1_i386.deb
 814b7ae0ef9288be713d7bb918cf2d9c 865248 libs optional libjxl0.7_0.7.0-10+deb12u1_i386.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEaPzFtKPtF0JrKPV5iZlfn74WV6kFAmhmXEYACgkQiZlfn74W
V6luFRAAlEcnd81nnh3+NhHAgvw/cnJnLctsisYOQaxKPozbrwM4qEmP1M2b8twL
ao4JKkhnIuxnb4W5/mB4jvaqdTNDEO1OsqP8shzwiVdMr/4Zith6g2+5KQBnIj4p
Xs6vBibfpq4QthFtSGHN1iwlVzN7fyN1UJfIm4JZbn1wU7U742WE02z/zyAKw7Oq
e7bOwK3Xi/GVkXYQ+0xJIaiweNRLvx34FFKoTNOIhskfXgra0PpqZT15V6L9grWi
mN+0o0Ks2vKfGh+GBY2s5HMJhrCD7rXR+1rM3uqSDRo+24CBnGJDEfDUGahBWY/m
jehqEMIsTVlD1gFY1x2pWOlW8iELkFzDCqWslZegoIKD8U/sznyp1VdglIrqmwiD
dkYy65Ionk+aZjYRP7zusI5MFQpPiC2Jy/xLzVqUQ7DsRc4d6OV325pvPJbE/u/m
zcAlFvauxRzErhmOPDJ2c8vQjsz4u8nldd1m+8cnR4QCNOyapKodhaSOzuWf2zks
XOXza7I7OD2yjy9BrgOafi5CpgZLRxLX91F2SD31/Ei7Ah9yf76sv/MYt0LfmfPE
Xo0ySlYZy9zuODKRFPSOYuGUd27OBTWjr585NHJN9ewYZmHoSnUA3xQs1uQFbIGh
dsJdvx778jlvfadePSzD6LEZCh2xKlGug/5A/wd/4GfW1dDZko4=
=JHse
-----END PGP SIGNATURE-----