Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-devel-changes@lists.debian.org>
Subject: Accepted libavif 1.2.1-1.1 (source) into unstable
Date: Sat, 17 May 2025 15:49:05 +0000
Signed by: Salvatore Bonaccorso <carnil@debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 17 May 2025 16:03:36 +0200
Source: libavif
Architecture: source
Version: 1.2.1-1.1
Distribution: unstable
Urgency: medium
Maintainer: Debian Multimedia Maintainers <debian-multimedia@lists.debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Closes: 1105883 1105885
Changes:
 libavif (1.2.1-1.1) unstable; urgency=medium
 .
   * Non-maintainer upload.
   * Add integer overflow checks to makeRoom (CVE-2025-48174) (Closes:
     #1105885)
   * Add integer overflow check to makeRoom (CVE-2025-48174) (Closes: #1105885)
   * Fix format errors (CVE-2025-48174) (Closes: #1105885)
   * Declare *RowBytes as size_t in avifImageRGBToYUV() (CVE-2025-48175)
     (Closes: #1105883)
Checksums-Sha1:
 a0ad0728938d35748ccbbfdf9653b708b2008e30 3022 libavif_1.2.1-1.1.dsc
 748bf2c2eb676b37b9f5fba1af78db2afa26de25 13368 libavif_1.2.1-1.1.debian.tar.xz
 9d3caf13de39f09a6215ad18fd4f964638dbc83c 7062 libavif_1.2.1-1.1_source.buildinfo
Checksums-Sha256:
 e03ab313572372a52ebf18d100c4506fefbced99059f61e411c5085c51e4d2ac 3022 libavif_1.2.1-1.1.dsc
 dee27c52a59e7359f5f668bf695d6135ef12f8a6987c9ebeb58a3872ee5cce81 13368 libavif_1.2.1-1.1.debian.tar.xz
 54e5bce8cd5e5de6ea84709cd9d8e7602a2e127a55d2891d8edc748e1c68e7ad 7062 libavif_1.2.1-1.1_source.buildinfo
Files:
 6b709af22dbebc027e3eaa4b0c7e0661 3022 libs optional libavif_1.2.1-1.1.dsc
 9b2c19b8a07d1f598f4a8420cad53fe8 13368 libs optional libavif_1.2.1-1.1.debian.tar.xz
 e891dcbf021a91903a518ef2c663f66f 7062 libs optional libavif_1.2.1-1.1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmgombZfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89EEf8P/3uKGB3uBvRPJfOKnq55TY5ULUor5ip3
iHovkYeTeVxYDd2m+wm/5aQMrRlnc7Bws3s6UxnUTpQbWIIjlFU7dPbSGEDkW2Bs
Qa/V9TDrO520m0c7vVCP6tBVlGTHzNNXrKjmF2yqz1efJELxcQvhJOnjIk3B/bVU
CaLnOeCAeeXbegKXxmybD2+cza0kvk0ixewwTlr2PkZINZJAFpoGMNhawa8LXTxF
OHVUK/VJMnaLCW8q+N260tHdk/QMSDrZSuATIwidlmri7CNpb6MAxK7j3kpYrjPu
y6va2hijzSQpmJcwwUvBn/5jNO4H5hZL9rRybIUQSAILaj3Rk2spKazTB7Jzoicl
4Bh0JOakA7ux83wI3Lq+3COcqjW4gGWbeop3pm5kWypKkkGJMDT3XmDsOIl1/5F5
Fd3RZtnDGTQiJqaS3edeUAiVcLyUY8bSgipufXNNPXNphwVTromz99Wbcf5rOH2W
9MuVxo5UV5YPjRM+L6F82Udwp9pJzc2ShTmDp5orqJ+NHxVJV35jFiGGd49eGF+Y
WEqSOnoy3Gb3G1d30shsTXjDmi4UxWgUITbYbccTCxBNT2idChfgdMMmbYOMJGtq
50Lex/w5/7x6FKdxJr5a0sI6LvHKnwI9r6BOJ7KKX/mAjRKHXYA6HqEGbrLAzfPe
OcaGQ0+ojn1b
=zN5k
-----END PGP SIGNATURE-----

News for package libavif