Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-devel-changes@lists.debian.org>
Subject: Accepted rlottie 0.1+dfsg-4.3 (source) into unstable
Date: Tue, 18 Nov 2025 15:36:00 +0000
Signed by: Thorsten Alteholz <alteholz@debian.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 18 Nov 2025 12:05:10 +0100
Source: rlottie
Architecture: source
Version: 0.1+dfsg-4.3
Distribution: unstable
Urgency: medium
Maintainer: Nicholas Guriev <guriev-ns@ya.ru>
Changed-By: Thorsten Alteholz <debian@alteholz.de>
Closes: 1109341 1113469
Changes:
 rlottie (0.1+dfsg-4.3) unstable; urgency=medium
 .
   * Non-maintainer upload.
   * add cmake4.patch (Closes: #1113469)
   * CVE-2025-0634 (Closes: #1109341)
     CVE-2025-53074
     CVE-2025-53075
     Most patches to fix these issues are already part of:
       Fix-crash-on-invalid-data.patch
     The remaining boundary check is left in:
       CVE-2025-0634-CVE-2025-53074-CVE-2025-53075.patch
     For the sake of completeness, the whole upstream patch
     for these CVEs is added in:
       CVE-2025-0634-CVE-2025-53074-CVE-2025-53075.patch.org
Checksums-Sha1:
 91f9725dd560c47c2856946ebf3b6c78139b612f 2190 rlottie_0.1+dfsg-4.3.dsc
 b5c6a1fbed15d57b45f8321aa2fd9fa10dd376f9 2899072 rlottie_0.1+dfsg.orig.tar.xz
 df95145390aa9de6b7fea74789c209cb08494e89 23340 rlottie_0.1+dfsg-4.3.debian.tar.xz
 bdc80109f5b3adfe7da37c885f6aaad6ca3d0b10 7770 rlottie_0.1+dfsg-4.3_amd64.buildinfo
Checksums-Sha256:
 f2f88d3e9690165b46aff3c8208f0831d19366b53f86d6f0f0657ab9dac00048 2190 rlottie_0.1+dfsg-4.3.dsc
 23ef230681bfec7ed6f2d1e3918fed9456874392594297f9a5b70e0bc58a80eb 2899072 rlottie_0.1+dfsg.orig.tar.xz
 2bd62071470d57d401676981136a1add828a36abf138ddb85e7b0b249eaecb67 23340 rlottie_0.1+dfsg-4.3.debian.tar.xz
 171d90bc083bfed207c5dabdc5cc0648178a723bcf35173acd689902e01960f0 7770 rlottie_0.1+dfsg-4.3_amd64.buildinfo
Files:
 17b9990249ab33226da650ef8f3c5c99 2190 libs optional rlottie_0.1+dfsg-4.3.dsc
 4a1a9402dd50e0f917b01b762c98a7c8 2899072 libs optional rlottie_0.1+dfsg.orig.tar.xz
 ee29b980deb5c0ec087b35b87204ef39 23340 libs optional rlottie_0.1+dfsg-4.3.debian.tar.xz
 c7072e61279d6f8d6ca5b0f307acf376 7770 libs optional rlottie_0.1+dfsg-4.3_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQKnBAEBCgCRFiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAmkcjJBfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy
MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcTHGRlYmlhbkBh
bHRlaG9sei5kZQAKCRCW/KwNOHtYRwMhD/4vvhox6ZlLjCzIO69Qc7KKILYFy0SI
hnK5ueZgHtAE3/avX1mGZTArOO/Fh+zPFKiOVrSpjXB9SgTIjuAbZV9J6K0oht+8
MYhVB+iRnfTgNc9J4hYNlG1SNtYKOLRzqxWQk3AeRo7r/Yse3xyY61F9l5Qmp2Tm
m8/HrYrXO10qCGImT3C7fnoJ7EBSA7LBlk+86TVCN4Tk0XJaLgDTUPqM4xWMVx/6
4T3G1EcndBN09YaPyFmXQyW6zG/RKedwz8LnADXE3+sp2YvDySIxvI/hUAI7MzQE
hRNrxAzAXd8TBAKrE6jg332uNgIjR3QR1CKxkdubjkqF9uZ3jsK+yL4LIbsjhmcH
XoaG8N6lI2WQUCq+qmim638XC57LINGZGSTXySex1I2FHQ0cZYEqOD0KLVuS5jOU
L6mDt2jgBWYzIBrE5bdHxE3t+L+uC929WiEox81eGLI8RNa18nqL/AVxVgFAwDTY
Dlra8GP3VuCVhrcgS7Hsu8g1d9ZlBv6cplUKbx4s+VSiYjAWO6p7l31qm8CEGZcQ
eJNlRYgICtfE1V4B2HJYY4NZoQ5qf9wLJ8EIFgxOPXsliQUz8UFnmt2a8dKFhegI
fJ2yjKNDahax1a2w04OTfm/tcA/RzK7nm9TgC/Ka/yf7dpRUSfP9LKjK6Y0iCL/D
gas46wq/5bKnCg==
=PgqH
-----END PGP SIGNATURE-----
News for package rlottie
