Accepted libraw 0.20.2-1+deb11u2 (source) into oldstable-security

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 29 Apr 2025 13:01:22 +0200
Source: libraw
Architecture: source
Version: 0.20.2-1+deb11u2
Distribution: bullseye-security
Urgency: medium
Maintainer: Debian PhotoTools Maintainers <pkg-phototools-devel@lists.alioth.debian.org>
Changed-By: Andreas Henriksson <andreas@fatal.se>
Closes: 1103781 1103782 1103783
Changes:
 libraw (0.20.2-1+deb11u2) bullseye-security; urgency=medium
 .
   * Non-maintainer upload by the LTS Security Team.
   * CVE-2025-43961, CVE-2025-43962:
     In LibRaw before 0.21.4, metadata/tiff.cpp has an out-of-bounds read in
     the Fujifilm 0xf00c tag parser. In LibRaw before 0.21.4, phase_one_correct
     in decoders/load_mfbacks.cpp has out-of-bounds reads for tag 0x412
     processing, related to large w0 or w1 values or the frac and mult
     calculations.
     (Closes: #1103781)
   * CVE-2025-43963:
     In LibRaw before 0.21.4, phase_one_correct in decoders/load_mfbacks.cpp
     allows out-of-buffer access because split_col and split_row values are not
     checked in 0x041f tag processing.
     (Closes: #1103782)
   * CVE-2025-43964:
     In LibRaw before 0.21.4, tag 0x412 processing in phase_one_correct in
     decoders/load_mfbacks.cpp does not enforce minimum w0 and w1 values.
     (Closes: #1103783)
Checksums-Sha1:
 2494f6c739f2442b561b88e0bc78d7197643b347 2216 libraw_0.20.2-1+deb11u2.dsc
 0b425d9a5ed873adeeb68ea1b4945745f3ec1507 512176 libraw_0.20.2.orig.tar.gz
 2aca1ba845bb325a7ce92c9cb4a3110355f2ed50 25316 libraw_0.20.2-1+deb11u2.debian.tar.xz
 ab26533bf06492682a95b90e968ce20ff7695a05 6309 libraw_0.20.2-1+deb11u2_source.buildinfo
Checksums-Sha256:
 d4d3f3586e10f90bfa8b6a9ca260131039ff21d41311c3e4b47eb87ea96dbe1d 2216 libraw_0.20.2-1+deb11u2.dsc
 02df7d403b34602b769bb38e5bf7d4258e075eeefbe980b6832e6e1491989d60 512176 libraw_0.20.2.orig.tar.gz
 b7182049ebfef233c4e158e36c3d7eb01378625907de3ca2e48ab6e1e73b246f 25316 libraw_0.20.2-1+deb11u2.debian.tar.xz
 05b5ee3ff0273dd0fedc940dd27263bb21623ee50085a5bffa5c975834f3390d 6309 libraw_0.20.2-1+deb11u2_source.buildinfo
Files:
 b301db42ff817abef9af842bc3cc6e91 2216 libs optional libraw_0.20.2-1+deb11u2.dsc
 f92fd7c0f47b771e18607a2198618d15 512176 libs optional libraw_0.20.2.orig.tar.gz
 767370f565758f8eb47b9e72226ab5f6 25316 libs optional libraw_0.20.2-1+deb11u2.debian.tar.xz
 5425b63db994afd6d12f15b5dffbe21a 6309 libs optional libraw_0.20.2-1+deb11u2_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE+uHltkZSvnmOJ4zCC8R9xk0TUwYFAmgQsgQACgkQC8R9xk0T
UwZCJg//QyXMcEunqiw+pLwhk4zhwhTQiiR6n01UDUghxycspGVZwHL21BDmz8kk
skxS2zbAAPiHWmzXAOrtDKaeA3j07Cb16gh2+W/BVfxNqpIK+51Z/I6w0pOYuRgW
wHnWqlqbSsobM1K35H09KKMRFxMtHJIax9a8D1E3no0uz94KOyZFWaA27sDm6x3l
RTcuTKVzD5T4fCuhxOVSGGiaweDOHiEZqK1kmQBgE37G0Z3nan+PJNjEwqkkwsHu
00EVxf6B76dYUnoznBGu7sPXhunTpVjDGUnuzadsGyPNEWmAptxwVJ4iYIHvxwE3
1vHPhrt0iTY08MYmLNTWtofmn/2OIDtxTRhCk+GOIBRu3/mcmAinNyKDM9kWUoWq
Q5cuJdHqQJXjxePDAVVshvwDpMkUjnOXV6asMbUDJHO0t5sEB8IlGEL5EWPpFHW7
C5Q4pKUOtU5O0hnURbsp8Eq+QTK6VjARMx7fsVdtGB+7O28tS/YsHNKYmWcQQ8Bo
efY97NrnPMK0d7nCGT16o4K7B/H4AghrpPYgpWr2k+ZqVF08vxdeZNr9VJ7YgJDg
tGTyahlK0JyERkd2UX973syM16hQnpd3GUWb6m/lS2a9E1eJsArJmoGpILIC6Nl+
EezpofRI4ALo2r/jIt3AIyWFolyQIDadH1qefymqCPRsqmftqmU=
=DKYr
-----END PGP SIGNATURE-----