-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 03 Feb 2026 19:07:11 -0400 Source: wheel Architecture: source Version: 0.46.3-1 Distribution: unstable Urgency: medium Maintainer: Debian Python Team <team+python@tracker.debian.org> Changed-By: Stefano Rivera <stefanor@debian.org> Closes: 1126274 Changes: wheel (0.46.3-1) unstable; urgency=medium . * New upstream release. - Fixes CVE-2026-24049, potentially altering permissions of files outside the destination tree, given malicious wheels. (Closes: #1126274) * Refresh patches. * Bump Standards-Version to 4.7.3, dropping Priority: optional. * Drop Rules-Requires-Root: no, no longer needed. * Patch: Support packaging 25 in tests. Checksums-Sha1: 23f60d3f7a0ff02a06bde0a673d064aad9b9c41e 1853 wheel_0.46.3-1.dsc 24aa3cf121e5d807e77e01b0dd3567e13d792ff5 60605 wheel_0.46.3.orig.tar.gz 38e83c7a1f8b6e957104681bc0e948b520cfc61b 7788 wheel_0.46.3-1.debian.tar.xz 8753b82859a3bb11d5b5df828a142b2eb917bb48 7302 wheel_0.46.3-1_source.buildinfo Checksums-Sha256: f65abaf45ddd0c7eb0dd2602a9c02666dfb96293e0b04ebb407d4d285e80532a 1853 wheel_0.46.3-1.dsc e3e79874b07d776c40bd6033f8ddf76a7dad46a7b8aa1b2787a83083519a1803 60605 wheel_0.46.3.orig.tar.gz f629f6fcfe87790f8ac54c68de0a6c2e43fc5b1df8f55ed542f44b3894604ab7 7788 wheel_0.46.3-1.debian.tar.xz e3197e9e57044b57851b7e4e1d280804f055c971715b2a5acb326b37795cd5c4 7302 wheel_0.46.3-1_source.buildinfo Files: 8e509b8c4beee25d68dbcfd6fbcbac7d 1853 python optional wheel_0.46.3-1.dsc 61fb0c9633fe7492933a8f338db23508 60605 python optional wheel_0.46.3.orig.tar.gz 34a674c16f9ef9c87e291208eebafe09 7788 python optional wheel_0.46.3-1.debian.tar.xz 49cd221a72e05336ba0d65da907c7217 7302 python optional wheel_0.46.3-1_source.buildinfo -----BEGIN PGP SIGNATURE----- iIoEARYKADIWIQTumtb5BSD6EfafSCRHew2wJjpU2AUCaYKVHBQcc3RlZmFub3JA ZGViaWFuLm9yZwAKCRBHew2wJjpU2D+QAQCpYFhdr8bN6qwyGmGA8UYzi77Z+C/D x434VtLYB4+mewD8DU4BtDh4pYBcxAQCj0iJ53gl8OzNbN6MwRQMPKLgKQ8= =BQmK -----END PGP SIGNATURE-----
