Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-lts-changes@lists.debian.org> , <dispatch@tracker.debian.org>
Subject: Accepted alsa-lib 1.2.4-1.1+deb11u1 (source) into oldoldstable-security
Date: Thu, 05 Feb 2026 22:20:24 +0000
Signed by: Paride Legovini <paride@debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 01 Feb 2026 00:42:21 +0100
Source: alsa-lib
Architecture: source
Version: 1.2.4-1.1+deb11u1
Distribution: bullseye-security
Urgency: medium
Maintainer: Debian ALSA Maintainers <pkg-alsa-devel@lists.alioth.debian.org>
Changed-By: Paride Legovini <paride@debian.org>
Changes:
 alsa-lib (1.2.4-1.1+deb11u1) bullseye-security; urgency=medium
 .
   * Non-maintainer upload by the LTS Security Team.
   * d/salsa-ci.yml: add lts-team pipeline for bullseye
   * d/gbp.conf: set debian-branch to debian/bullseye
   * Fix heap-based buffer overflow in the topology mixer control decoder.
     Fixes CVE-2026-25068.
Checksums-Sha1:
 78d39b8abf938f6799effe4b4cf0b75409036aa3 2320 alsa-lib_1.2.4-1.1+deb11u1.dsc
 5404393a44906f92ba87189b6fd7fa0c031a037e 1044405 alsa-lib_1.2.4.orig.tar.bz2
 f7cb501ebba60efdce834cfe6593c3bcaee69544 31260 alsa-lib_1.2.4-1.1+deb11u1.debian.tar.xz
 27b51e6c53a3d772ca62c2678b6fda267657867b 6274 alsa-lib_1.2.4-1.1+deb11u1_source.buildinfo
Checksums-Sha256:
 042971430be9582b4cae5777b39774915bc4b3be732a29e948cdceb6d57fe868 2320 alsa-lib_1.2.4-1.1+deb11u1.dsc
 f7554be1a56cdff468b58fc1c29b95b64864c590038dd309c7a978c7116908f7 1044405 alsa-lib_1.2.4.orig.tar.bz2
 6f8dedc591762f00ffe4d5b78f9a6fd4073a4e60cfec804d4d6dadf5594d9185 31260 alsa-lib_1.2.4-1.1+deb11u1.debian.tar.xz
 96949beef4375d2f5b0f5de9e683d58e256f4d4946b35a79cd446f6cb6c89078 6274 alsa-lib_1.2.4-1.1+deb11u1_source.buildinfo
Files:
 69e5e566cf0b2ccc7de0faefba998d32 2320 libs optional alsa-lib_1.2.4-1.1+deb11u1.dsc
 875184646a96e34bbe7a91925cd7b2ba 1044405 libs optional alsa-lib_1.2.4.orig.tar.bz2
 6e2a8f7d18802d9c91572ac259cdaed5 31260 libs optional alsa-lib_1.2.4-1.1+deb11u1.debian.tar.xz
 76b6ae326fb0b22385cfe95787af524f 6274 libs optional alsa-lib_1.2.4-1.1+deb11u1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQEzBAEBCgAdFiEEVhrVhe7XZpIbqN2W1lhhiD4BTbkFAmmFEzsACgkQ1lhhiD4B
Tblu3wf8ClWy95FHasY9ILlIqjc8onZKsFUPbF76rk/ABp57F0BFgSK1+HmeN5ZI
w7ZderunRkd7IT5kJz2gi7siX6jo83OT/0NYCTJ1iKPZsXgTZZnBwpmhXNRn35IH
5xstfb/SjCvsxWbtFfxQVHXICPHRMQ7kPUG6ehBLZsjkZpm5CKgH/8pcASYjwI2s
cCbHoogorygpQ6XuaGDZNs/ZCzRzY5OdLvju1NImeuf3Rd8VTYo7/kxnRUtgXTnp
Er6hakvUyhB0zVe5aNFuZFpT9A/AlRjsPOG815VGWKvZK8b/MC5c0xl2E225ov9/
i+wBwk1pVd6a56XMOCPRtcdZhYG2/Q==
=vfuA
-----END PGP SIGNATURE-----

News for package alsa-lib