-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 21 Jun 2026 15:36:07 +0200 Source: protobuf Architecture: source Version: 3.21.12-16 Distribution: unstable Urgency: medium Maintainer: Laszlo Boszormenyi (GCS) <gcs@debian.org> Changed-By: Laszlo Boszormenyi (GCS) <gcs@debian.org> Closes: 1126302 1134895 Changes: protobuf (3.21.12-16) unstable; urgency=medium . [ Adrian Bunk <bunk@debian.org> ] * Fix CVE-2026-0994: JSON recursion depth bypass (closes: #1126302). * Fix CVE-2026-6409: PHP Denial of Service (closes: #1134895). Checksums-Sha1: 8008be478cbff43043aedfd5c7d725f42889cff4 3073 protobuf_3.21.12-16.dsc af34331566c514742aa230acf04ffb285be4f79a 49176 protobuf_3.21.12-16.debian.tar.xz Checksums-Sha256: 17d46b94cf664e3711bf63b6847d14db255c77035a96603f56469c76a1866573 3073 protobuf_3.21.12-16.dsc 30b0925b802e58cb4883dd414f64dfbc50b139893da7f65c3a9f42a97a785f82 49176 protobuf_3.21.12-16.debian.tar.xz Files: a6b7b363a7928e08f442575be04dfb0d 3073 devel optional protobuf_3.21.12-16.dsc 40351a274987c4cc79f0ec85be30b1ed 49176 devel optional protobuf_3.21.12-16.debian.tar.xz -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEfYh9yLp7u6e4NeO63OMQ54ZMyL8FAmo375cACgkQ3OMQ54ZM yL+Fuw//YLOgc61F7SHcGv7YY0+v9qNSBap4wrLVxed098qUKnSE8LJtBoC8i8TX d36ZkRr3HZ1NqZYZmSAw/iFtdGYKfx2cjNn+iH12D0X+ARE2u6A/g3q/ejxqgz+o xQ0085kzkuGTFV3Q0e44s3XvX7cvjghD4/AfqgElOOLo1oZC1U9HNHMWNu6sfzXX 45dnaq1TWk6J3arNbwGETLogP1O4BlzQS8gjGRTujq2ijA9gG8ZMoGpoXgo+c3n8 g5PO0LpukfhnkC0EAohiwdjGajh2xu/OH93+mQapLRmAX20AC6U9/xQJktO5c1SS TkPgVGOq6K9mmGo5cNeYpxBBIxytWSibQUSIStdymE6YQg/S9Lz6DidrYAIlyjit +U79nQAl1WwxImYcMl58YZ7+zLEFB3GmlDX2xeWQcaT+uD7GBfr5ywEKo/btKmZW yow3gVi3eO7C9T6i74EUfBNSYWGk7GgCaTnNcq3tRlD0ip6q9m0dmTdQn1hMB4gS DP6URRHzl6FVPWkmzCbx2ZLeHqz5mvxcdklEFGKr4PYqTX/cpRoeLGQ8xkaKcViL RgPBVE5LJe6fCoyNM0bhkJ1BB3t9Qc23ZqZrcCFjp8LsARY1f7mB2UMh8rYnfi/V BAzrgh9REeVzbjRLpiJVgLKUjF3NPxoVTb9weO0JfiUKNouQaMg= =KgAU -----END PGP SIGNATURE-----
