Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-devel-changes@lists.debian.org> , <debian-experimental-changes@lists.debian.org>
Subject: Accepted opencolorio 2.5.1+dfsg-1 (source amd64) into experimental
Date: Tue, 17 Feb 2026 01:00:21 +0000
Signed by: Matteo F. Vescovi <mfv@debian.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 14 Feb 2026 17:26:26 +0100
Source: opencolorio
Binary: libopencolorio-dev libopencolorio2.5 libopencolorio2.5-dbgsym opencolorio-tools python3-pyopencolorio
Architecture: source amd64
Version: 2.5.1+dfsg-1
Distribution: experimental
Urgency: medium
Maintainer: Debian PhotoTools Maintainers <pkg-phototools-devel@lists.alioth.debian.org>
Changed-By: Matteo F. Vescovi <mfv@debian.org>
Description:
 libopencolorio-dev - complete color management solution - development
 libopencolorio2.5 - complete color management solution - runtime
 opencolorio-tools - complete color management solution - utilities
 python3-pyopencolorio - complete color management solution - Python bindings
Closes: 1125416
Changes:
 opencolorio (2.5.1+dfsg-1) experimental; urgency=medium
 .
   [ Matteo F. Vescovi ]
   * New upstream release (Closes: #1125416)
     This release addresses CVE-2025-15506:
     | A vulnerability was found in AcademySoftwareFoundation OpenColorIO
     | up to 2.5.0. This issue affects the function
     | ConvertToRegularExpression of the file
     | src/OpenColorIO/FileRules.cpp. Performing a manipulation results in
     | out-of-bounds read. The attack needs to be approached locally. The
     | exploit has been made public and could be used.
   * debian/: SONAME bump 2.1 -> 2.5
   * debian/control:
     - b-dep switch pkg-config -> pkgconf
     - libminizip-ng-dev b-dep added
     - strict versioning for pystring added
     - S-V bump 4.6.1 -> 4.7.3 (no changes needed)
     - Priority field dropped (obsolete)
     - RRR field dropped (obsolete)
   * debian/watch: v4 -> v5 switch
   * debian/python3-pyopencolorio.install: path fixed
   * debian/libopencolorio2.5.lintian-overrides: file dropped (useless)
 .
   [ Jordan Justen ]
   * d/patches: Update patches for v2.5.1
   * d/rules: Stop deleting Findyaml-cpp.cmake.
     Ref: c075bff0 ("Import Debian changes 2.1.2+dfsg1-4.1")
Checksums-Sha1:
 db38b8dafab30d9e4dcef62a27fb08f94cb6da7f 2941 opencolorio_2.5.1+dfsg-1.dsc
 66cb37c8eec8292183131c611e9e7f327ccc6e60 10216204 opencolorio_2.5.1+dfsg.orig.tar.xz
 7e6a3e9fd0e314c04d52b8feb1063faa496d08a1 11280 opencolorio_2.5.1+dfsg-1.debian.tar.xz
 5ec77b63de72c2e6f875a0033d38c5e4bb09f7bf 80404 libopencolorio-dev_2.5.1+dfsg-1_amd64.deb
 58d1d6c9a0669a16edd124d7ac9169a5f6f5347c 27943736 libopencolorio2.5-dbgsym_2.5.1+dfsg-1_amd64.deb
 5316c843b397251a519dac8283dbee9a19763da2 1750284 libopencolorio2.5_2.5.1+dfsg-1_amd64.deb
 4dfbadc7fe9b9af14c3b40340cce7350b81918b4 124516 opencolorio-tools_2.5.1+dfsg-1_amd64.deb
 b8ae40e72a53a381bc6a9b0ef660271d32f288b5 19330 opencolorio_2.5.1+dfsg-1_amd64.buildinfo
 92cfe40a2f903a3497690e621ff66f07ae4d20fb 1074712 python3-pyopencolorio_2.5.1+dfsg-1_amd64.deb
Checksums-Sha256:
 8599cf7db7bdad9e3fb7deadf3af9764903de7c3ea520ae190de41b394da369d 2941 opencolorio_2.5.1+dfsg-1.dsc
 3b5b54b827b317d9c58a5318db8b58ebad30c5cba470e829683cf9bd5984e3df 10216204 opencolorio_2.5.1+dfsg.orig.tar.xz
 4c68a4b28aae282170e6bb47d37442d814ac9606f0e4399f0e4095a391f13678 11280 opencolorio_2.5.1+dfsg-1.debian.tar.xz
 c2d9e3388fbb4187f8fa3fb97f6a7e78d6152f6d21f6aacb3b3204025473d9c3 80404 libopencolorio-dev_2.5.1+dfsg-1_amd64.deb
 910e9ef709e8c94cb313693b78cc5b65e1bb8f5a4568593be7c83a64207687d4 27943736 libopencolorio2.5-dbgsym_2.5.1+dfsg-1_amd64.deb
 f7c9dc198f72663a609c67903c9c077bf937426add9c77d9714c1a8baa48063a 1750284 libopencolorio2.5_2.5.1+dfsg-1_amd64.deb
 ae343fa4c641216522785c27fc8d96c487039e4a237391846ed496bc4417bc38 124516 opencolorio-tools_2.5.1+dfsg-1_amd64.deb
 d0392311b70506963527200f4381619dd7510ac82d7dd11d3b56825f582f9148 19330 opencolorio_2.5.1+dfsg-1_amd64.buildinfo
 02922dd1516d5b1df780a2aac70ba5e1783cdceca48e5a3181537024b39291ab 1074712 python3-pyopencolorio_2.5.1+dfsg-1_amd64.deb
Files:
 c095a2436bd315aa08ef2c9c43602d6b 2941 libs optional opencolorio_2.5.1+dfsg-1.dsc
 0f3bfc805608e75b94c5fa8da228fe78 10216204 libs optional opencolorio_2.5.1+dfsg.orig.tar.xz
 f3780ebe4e8f9eea576d46072bde961c 11280 libs optional opencolorio_2.5.1+dfsg-1.debian.tar.xz
 b2cd6040c920402bb579a5b0cff303a5 80404 libdevel optional libopencolorio-dev_2.5.1+dfsg-1_amd64.deb
 18314af087703f0f0bb712bdb116b7a2 27943736 debug optional libopencolorio2.5-dbgsym_2.5.1+dfsg-1_amd64.deb
 c8625baf1f2d4e87ad56836ff94fb802 1750284 libs optional libopencolorio2.5_2.5.1+dfsg-1_amd64.deb
 ee43df8c1437b49fd72509b220f62abb 124516 utils optional opencolorio-tools_2.5.1+dfsg-1_amd64.deb
 a02f89e43ed5a3b7ca410ffc0f9dc76b 19330 libs optional opencolorio_2.5.1+dfsg-1_amd64.buildinfo
 6e810689915d46e60a82d250cd8de803 1074712 python optional python3-pyopencolorio_2.5.1+dfsg-1_amd64.deb

-----BEGIN PGP SIGNATURE-----
Comment: Debian powered!

iQKTBAEBCgB9FiEE890J+NqH0d9QRsmbBhL0lE7NzVoFAmmQublfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEYz
REQwOUY4REE4N0QxREY1MDQ2Qzk5QjA2MTJGNDk0NEVDRENENUEACgkQBhL0lE7N
zVomqxAAlRe14I9Y56JQIgSxzIInZOQls2p5xc0S/5XkzOJ72Vwp/Hvs0PkHwXrW
UTL0kn9yTf+75KqZB91L+D84VgG61OrHXIAXAA0aq+DUqZ77+tHTyVJolUe1FPe8
1bZpEfidiyGTCdd44cQ1JQxuRLRlmvTZzs+ySAI8AJuvGzEWemgOFkOXyx3heYzm
ql1zooNfEbyiqZXO2PGMrCfJfFjnxG3CW4uCc4mf5WLPY0fu8OkEOcte2nL0yQvr
4HeE8/MbThK6FbYTOd9OjcULxdnClgHXaoG9+ya1Dxh3myl7qL9JmeieIEvefX/g
CfBQPnKE8MrO/ccDvvei7m8oZab78XVG2UxdBMh9p/bkTiZA4AlcG3tJ7tFszPRK
+sOEoN0FEl1EEaLLWNx15qze0PcIzOhibCDjg82wLR53D9mc0ExnPdBrS+wd5vKm
0mmRNIVZ3ZdUniomWvdVjqGHBP6Catm9oCImFQquKMY75Dn2UOTr/kOGBN+uRhCc
sx7Bf+3HK2jdzTv1uwPWGYvV/rXiTSRecN+R9BYDM48hn8NTB1kMbuU0ZedZtEdU
glPSZwXG043d8c4/SP+vEqX519/3msxy5GF0YHO3alKzsao3C5zp0e9dvRuxjo7X
mGF8gQP5vQkk4nU85sN3ZlckaqV/g8RSWSlIAuza0diIqc8nwP4=
=MxzB
-----END PGP SIGNATURE-----
News for package opencolorio
