Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <dispatch@tracker.debian.org> , <debian-lts-changes@lists.debian.org>
Subject: Accepted gegl 1:0.4.26-2+deb11u1 (source) into oldoldstable-security
Date: Wed, 22 Oct 2025 13:10:23 +0000
Signed by: Sylvain Beucler <beuc@beuc.net>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 22 Oct 2025 12:20:06 +0200
Source: gegl
Architecture: source
Version: 1:0.4.26-2+deb11u1
Distribution: bullseye-security
Urgency: high
Maintainer: Debian GNOME Maintainers <pkg-gnome-maintainers@lists.alioth.debian.org>
Changed-By: Sylvain Beucler <beuc@debian.org>
Closes: 1002661 1116470
Changes:
 gegl (1:0.4.26-2+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the LTS Security Team.
   * CVE-2021-45463: load_cache allows shell expansion when a pathname in a
     constructed command line is not escaped or filtered. This is caused by
     use of the system library function for execution of the ImageMagick
     convert fallback in magick-load. (Closes: #1002661)
   * CVE-2025-10921: GIMP HDR File Parsing Heap-based Buffer Overflow
     Remote Code Execution Vulnerability (Closes: #1116470)
   * Salsa CI: add LTS configuration
   * debian/gbp.conf: target debian/bullseye branch
   * debian/libgegl-doc.doc-base: fix path (fixes lintian
     doc-base-file-references-missing-file)
   * d/copyright: Correct some duplicated glob patterns
Checksums-Sha1:
 a054e985eb45481c7b12cf6b1f520453e30be6a5 3075 gegl_0.4.26-2+deb11u1.dsc
 916ef2bea01e269b1bd1b3825d04331e17aeedb9 4942492 gegl_0.4.26.orig.tar.xz
 3995b4bee0873d7802311bc363bb9f9ea7b62074 25552 gegl_0.4.26-2+deb11u1.debian.tar.xz
 360aa27a3822557e98e68520527527fa6ef52aa2 18505 gegl_0.4.26-2+deb11u1_source.buildinfo
Checksums-Sha256:
 a0cc1d227c0e78bda6d4c90873d3329ccfb5fbcd91af7ade9ba747712a443acb 3075 gegl_0.4.26-2+deb11u1.dsc
 0f371e2ed2b92162fefd3dde743e648ca08a6a1b2b05004867fbddc7e211e424 4942492 gegl_0.4.26.orig.tar.xz
 1bc9e7145db90cbb900811f41fab5f0805e35d025adf07ab34b715c4444440c3 25552 gegl_0.4.26-2+deb11u1.debian.tar.xz
 44624d9c0eb5e971d4f4a349698cee6550dffec82192423487b316708e97133f 18505 gegl_0.4.26-2+deb11u1_source.buildinfo
Files:
 7b7f279cda15535adb57e384fecfa191 3075 devel optional gegl_0.4.26-2+deb11u1.dsc
 4756ac2a8cfca8591f12dbf3f6701b14 4942492 devel optional gegl_0.4.26.orig.tar.xz
 e00823a2bd7d322be36f867b457ef31e 25552 devel optional gegl_0.4.26-2+deb11u1.debian.tar.xz
 858068c36d993d53d808c7c195338b7b 18505 devel optional gegl_0.4.26-2+deb11u1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE1vEOfV7HXWKqBieIDTl9HeUlXjAFAmj4088ACgkQDTl9HeUl
XjCWxg/+IaAypoVLyVJ+2RnE+AWbkik3WEF0RZK5MBgFSKGHkqe5AvpBXF0383NT
/9BjxrdHuLqZj3edoks+aT9fD7KLiKbsA5ZH+O3rnFglPgYgMBHZlYKiA73gkzB9
scKlZnZ4gg4yQ7CoBcauWn14iQEMW2lGpIkVG8ru5W/7Yh2GyS2GfJFjPC9R7aIa
o3qUgdVXiY32sbTXTGpZSr8od0Y2yNKg+hRWUnK0Wo6QwHAIMBunHwDCp26A6h0o
lcFaUiSl81CKx438DwHJ1PXSmmlRHCPRtE08lfbuIWpqTpu8MnJwl+tJ8pKc7T8D
l1ihWEZyvUI/fY5HVLZixcACoKNRQslB5bIN/FbWWdXFNaGjBR5t54iE9I4dxP85
KlhO1YDmGHX2vFxHqBhpeoJoPHTaq4JsYtCyDJcJVD4LEKIiwCWiscjCRqhwf642
jqFi3j2ce3wCy3C2mDW2Z/H1RWRKOIztn+u627Bmi31RLkJSqbzY8iwMtjqoUs9i
Sc1eOkCSMAwT8/DN6/47vP6TSBwvUghkHYQXNVGSK3QnnNDWVYfCgoRoa7iY5hVT
JZyituzoww4mmFeyeQynC2mMM93LnRAlkQYkKZHKjYcr7idTMbnwprwbjcLgaQEn
XIBQ4YDki/G/RFQ+GnT5uNwRb6uq2qZSoceXYxjU6ATHncrdz2o=
=DOui
-----END PGP SIGNATURE-----

News for package gegl