-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 03 Jul 2025 16:06:10 +0800 Source: jpeg-xl Binary: libjpegxl-java libjpegxl-java-dbgsym libjxl-dev libjxl-devtools libjxl-devtools-dbgsym libjxl-tools libjxl-tools-dbgsym libjxl0.7 libjxl0.7-dbgsym Architecture: mips64el Version: 0.7.0-10+deb12u1 Distribution: bookworm-security Urgency: high Maintainer: mipsel Build Daemon (mipsel-osuosl-03) Changed-By: Aron Xu Description: libjpegxl-java - JPEG XL Image Coding System - "JXL" (java bindings) libjxl-dev - JPEG XL Image Coding System - "JXL" (development files) libjxl-devtools - JPEG XL Image Coding System - "JXL" (dev command line utility) libjxl-tools - JPEG XL Image Coding System - "JXL" (command line utility) libjxl0.7 - JPEG XL Image Coding System - "JXL" (shared libraries) Closes: 1034722 1055306 1088818 Changes: jpeg-xl (0.7.0-10+deb12u1) bookworm-security; urgency=high . * Non-maintainer upload by the Security Team. * CVE-2023-0645: out of bounds read in the exif handler (Closes: #1034722) * CVE-2023-35790: integer underflow in patch decoding can lead to a denial of service issue. (Closes: #1055306) * CVE-2024-11403: out-of-bounds write in the JPEG decoder when doing recompression. (Closes: #1088818) * CVE-2024-11498: stack buffer overflow in modular trees (Closes: #1088818) Checksums-Sha1: 437048ee2fd5bf6e1bbec68b002d9cc0c7bbee6f 14277 jpeg-xl_0.7.0-10+deb12u1_mips64el-buildd.buildinfo 2ea2b5e893d7df52a22c717453f740cc394d0191 7201420 libjpegxl-java-dbgsym_0.7.0-10+deb12u1_mips64el.deb 4d00d1779660c6d248523d7623988d28fc74f621 332048 libjpegxl-java_0.7.0-10+deb12u1_mips64el.deb eced7b9bf910dd486a4b7dd8e32a29f0ee1b348d 49648 libjxl-dev_0.7.0-10+deb12u1_mips64el.deb d9a24dbc3872aecbb58935f2863ca5c9229302fd 207025800 libjxl-devtools-dbgsym_0.7.0-10+deb12u1_mips64el.deb c7ade44bdbdbf1e9152b5aef149a9b40b8eb85d4 2307252 libjxl-devtools_0.7.0-10+deb12u1_mips64el.deb 6b1c87ccf4b5f6ca02e3c7020d31dfe55ae0538a 20302524 libjxl-tools-dbgsym_0.7.0-10+deb12u1_mips64el.deb 77c101f2e5e84213b6124101de7afce26f133ff0 768256 libjxl-tools_0.7.0-10+deb12u1_mips64el.deb 884d9c68352f1dfb00bb0048c21ec9a26e9aa068 16531288 libjxl0.7-dbgsym_0.7.0-10+deb12u1_mips64el.deb f9e87aa3a503834940427f70eb085abe757ba11f 690164 libjxl0.7_0.7.0-10+deb12u1_mips64el.deb Checksums-Sha256: 00021f195c4d9bd3f44e66743350313ced579ba46ddade7d0d125d91ce2c409d 14277 jpeg-xl_0.7.0-10+deb12u1_mips64el-buildd.buildinfo 889886de710f17731722ab39fe59db343e4a22caeb86e4c743bccbe720600ae3 7201420 libjpegxl-java-dbgsym_0.7.0-10+deb12u1_mips64el.deb 5d867ffce338b8f1a2421ebfba3b918b7908edb8bd66a41a5193a56b92d2d7c1 332048 libjpegxl-java_0.7.0-10+deb12u1_mips64el.deb 6c5825292b6c9f857c1820674840c4599c587a33d597180739a8b24233d019e7 49648 libjxl-dev_0.7.0-10+deb12u1_mips64el.deb 621371bb0d5d221f9730e7d86fac7b5f4696e71f603d50b75b2d00911190eaab 207025800 libjxl-devtools-dbgsym_0.7.0-10+deb12u1_mips64el.deb ea46d39dfa4add97236009d4e40105f157810513a579e0f6b1f3d59a06a07011 2307252 libjxl-devtools_0.7.0-10+deb12u1_mips64el.deb f3893a193b3007ca024265b79dd4256c1ee74785acca7e06bcd968c07966b95e 20302524 libjxl-tools-dbgsym_0.7.0-10+deb12u1_mips64el.deb 18f62b84ba8695ca607d5bd40918bac2d859898de751d001b5048306416c5d32 768256 libjxl-tools_0.7.0-10+deb12u1_mips64el.deb 8e8cf9abfeaf6fc10df13ecb960a5089db56767def375d7a8da546f6b685e226 16531288 libjxl0.7-dbgsym_0.7.0-10+deb12u1_mips64el.deb b320006d1e74c66a0c8e63493cb604dd58637da82ce1263ed9c9236a362175a6 690164 libjxl0.7_0.7.0-10+deb12u1_mips64el.deb Files: e46dc756055bcd517cf193705e6b9b77 14277 graphics optional jpeg-xl_0.7.0-10+deb12u1_mips64el-buildd.buildinfo 3194aa66fb1caf0b1be39b696bdf1ea6 7201420 debug optional libjpegxl-java-dbgsym_0.7.0-10+deb12u1_mips64el.deb a767ca1080641ce3024b5d8e289b44eb 332048 java optional libjpegxl-java_0.7.0-10+deb12u1_mips64el.deb f03f109c923232a7f224174b9902ba76 49648 libdevel optional libjxl-dev_0.7.0-10+deb12u1_mips64el.deb b065d44a6316461aee2263c2c7dddbee 207025800 debug optional libjxl-devtools-dbgsym_0.7.0-10+deb12u1_mips64el.deb 14988051437327f08982502549410d0e 2307252 utils optional libjxl-devtools_0.7.0-10+deb12u1_mips64el.deb a595f0e67f5fba04ec24e446e8ec2a5f 20302524 debug optional libjxl-tools-dbgsym_0.7.0-10+deb12u1_mips64el.deb 4fee6f51e82d968fa08795d046d3781b 768256 utils optional libjxl-tools_0.7.0-10+deb12u1_mips64el.deb 317ccf2f9a52a5d8baadba305fb1cb3b 16531288 debug optional libjxl0.7-dbgsym_0.7.0-10+deb12u1_mips64el.deb a39e151d6191d94c529691122ef9f27a 690164 libs optional libjxl0.7_0.7.0-10+deb12u1_mips64el.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEesE3YcWKZXIkRPMemf85J+x5/aoFAmhmYwsACgkQmf85J+x5 /ap7wA/9EDMVsMoNRAwgZa3FqUwlxP8wwkMKI5QjrUHRAq+qFui8U0XRm7QaXnW/ 5ncDQggbDJyWaaj5RVBKodjENyrQiNtAE02maWFTERiFuUjR97LegaDEKbPwlpn9 2BvJrUh8qhb4yWTDawAsq1si/LV9yuwMv6+8zzzswlu1F/dKd4r4KSa0xvAMsMwq qKMSezIvTINHKXj+d6A0Q6VFMKQeeZ+a6+Gj2OocGJM74Rb1xuBx2jqfskXWdbU1 0ChyDEAKNBm0eU11Hz68vWvQVjmEo8xfxSfMs3Q0T1NIJFKI9K0QbrmTmmnBd55V lBfXTRxI4YIv0crG2zp7LBUXL2mLlQpE6w2MFxfmRHEENtumLzGdHJdV7sHaxYXy CCs0i7W9wk7AgXDwKQh/+nHTWQXJgwNNESXyjTMofwJdJnVUcU4EZJQQ3amNadMo Z9hTIzDM1ClS4mZU4lvJbw9S5iRSJ6gmQmahHXfp+QEU/aWOmRkNif6k/i43hzzy r8L298ODIi6tmnyj31Z4XYReGnp6YPMXGnCd5/RUsS11RszQ26f8RSdbl5Z9l9J2 FK+cOUM7Jh3a67X3p4yXIW+hS6CxCcEBiozqZmknTqnY+o1ILNfl0AeYA/TtQhpk xtaJc1tkIOTXF5Y0lQV3LvXd0dS3tAFYzcXCIwPQyBpTSKoo8PY= =0Dqo -----END PGP SIGNATURE-----