rlottie - Debian Package Tracker

general

source: rlottie (main)
version: 0.1+dfsg-4.3
maintainer: Nicholas Guriev (DMD) (DM)
arch: any
std-ver: 4.6.1
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 0.1+dfsg-2
o-o-sec: 0.1+dfsg-2+deb11u1
oldstable: 0.1+dfsg-4+deb12u1
stable: 0.1+dfsg-4.2+deb13u1
testing: 0.1+dfsg-4.3
unstable: 0.1+dfsg-4.3

versioned links

0.1+dfsg-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.1+dfsg-2+deb11u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.1+dfsg-4+deb12u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.1+dfsg-4.2+deb13u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.1+dfsg-4.3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

librlottie-dev
librlottie0-1

action needed

Problems while searching for a new upstream version high

uscan had problems while searching for a new upstream version:

In debian/watch no matching files for watch source
  https://github.com/Samsung/rlottie/releases/latest

Created: 2025-11-27 Last update: 2026-06-10 16:01

7 security issues in trixie high

There are 7 open security issues in trixie.

1 important issue:

CVE-2026-49510: Integer overflow or wraparound vulnerability in Samsung Open Source rlottie allows Integer Attacks. This issue affects rlottie: before 21292665023e5074b38254432716866d00f1985f.

6 issues left for the package maintainer to handle:

CVE-2026-8916: (needs triaging) Out-of-bounds write vulnerability in Samsung Open Source rlottie allows Overflow Buffers. This issue affects rlottie: before dcfde72eae1b0464dc0dd760aec00ada6a148635.
CVE-2026-10305: (needs triaging) Out-of-bounds read vulnerability in Samsung Open Source rlottie allows Overread Buffers. This issue affects rlottie: before 223a2a41ba4f462e4abe767bebba49a366c9b9fd.
CVE-2026-47306: (needs triaging) Uncontrolled Recursion vulnerability in Samsung Open Source rlottie allows Oversized Serialized Data Payloads. This issue affects rlottie: before e2d19e3b150e0e4a9586fa90b56fd3061cc98945.
CVE-2026-47318: (needs triaging) Stack-based buffer overflow vulnerability in Samsung Open Source rlottie allows Overflow Buffers. This issue affects rlottie: before ce72b35a7ad0dded03051d3aa0ef75321c3bd035.
CVE-2026-47319: (needs triaging) Memory allocation with excessive size value vulnerability in Samsung Open Source rlottie allows Excessive Allocation. This issue affects rlottie: before 0b4e308fa88c72cbb60cc8a2c1d2c2ad89b101dd.
CVE-2026-47320: (needs triaging) Access of uninitialized pointer, Uncontrolled Recursion vulnerability in Samsung Open Source rlottie allows Pointer Manipulation, Oversized Serialized Data Payloads. This issue affects rlottie: before eae37633fda13ac05b25c6c95aacea4bc33c80a3.

You can find information about how to handle these issues in the security team's documentation.

Created: 2026-06-05 Last update: 2026-06-08 11:00

7 security issues in sid high

There are 7 open security issues in sid.

7 important issues:

CVE-2026-8916: Out-of-bounds write vulnerability in Samsung Open Source rlottie allows Overflow Buffers. This issue affects rlottie: before dcfde72eae1b0464dc0dd760aec00ada6a148635.
CVE-2026-10305: Out-of-bounds read vulnerability in Samsung Open Source rlottie allows Overread Buffers. This issue affects rlottie: before 223a2a41ba4f462e4abe767bebba49a366c9b9fd.
CVE-2026-47306: Uncontrolled Recursion vulnerability in Samsung Open Source rlottie allows Oversized Serialized Data Payloads. This issue affects rlottie: before e2d19e3b150e0e4a9586fa90b56fd3061cc98945.
CVE-2026-47318: Stack-based buffer overflow vulnerability in Samsung Open Source rlottie allows Overflow Buffers. This issue affects rlottie: before ce72b35a7ad0dded03051d3aa0ef75321c3bd035.
CVE-2026-47319: Memory allocation with excessive size value vulnerability in Samsung Open Source rlottie allows Excessive Allocation. This issue affects rlottie: before 0b4e308fa88c72cbb60cc8a2c1d2c2ad89b101dd.
CVE-2026-47320: Access of uninitialized pointer, Uncontrolled Recursion vulnerability in Samsung Open Source rlottie allows Pointer Manipulation, Oversized Serialized Data Payloads. This issue affects rlottie: before eae37633fda13ac05b25c6c95aacea4bc33c80a3.
CVE-2026-49510: Integer overflow or wraparound vulnerability in Samsung Open Source rlottie allows Integer Attacks. This issue affects rlottie: before 21292665023e5074b38254432716866d00f1985f.

Created: 2026-06-05 Last update: 2026-06-08 11:00

7 security issues in forky high

There are 7 open security issues in forky.

7 important issues:

CVE-2026-8916: Out-of-bounds write vulnerability in Samsung Open Source rlottie allows Overflow Buffers. This issue affects rlottie: before dcfde72eae1b0464dc0dd760aec00ada6a148635.
CVE-2026-10305: Out-of-bounds read vulnerability in Samsung Open Source rlottie allows Overread Buffers. This issue affects rlottie: before 223a2a41ba4f462e4abe767bebba49a366c9b9fd.
CVE-2026-47306: Uncontrolled Recursion vulnerability in Samsung Open Source rlottie allows Oversized Serialized Data Payloads. This issue affects rlottie: before e2d19e3b150e0e4a9586fa90b56fd3061cc98945.
CVE-2026-47318: Stack-based buffer overflow vulnerability in Samsung Open Source rlottie allows Overflow Buffers. This issue affects rlottie: before ce72b35a7ad0dded03051d3aa0ef75321c3bd035.
CVE-2026-47319: Memory allocation with excessive size value vulnerability in Samsung Open Source rlottie allows Excessive Allocation. This issue affects rlottie: before 0b4e308fa88c72cbb60cc8a2c1d2c2ad89b101dd.
CVE-2026-47320: Access of uninitialized pointer, Uncontrolled Recursion vulnerability in Samsung Open Source rlottie allows Pointer Manipulation, Oversized Serialized Data Payloads. This issue affects rlottie: before eae37633fda13ac05b25c6c95aacea4bc33c80a3.
CVE-2026-49510: Integer overflow or wraparound vulnerability in Samsung Open Source rlottie allows Integer Attacks. This issue affects rlottie: before 21292665023e5074b38254432716866d00f1985f.

Created: 2026-06-05 Last update: 2026-06-08 11:00

7 security issues in bullseye high

There are 7 open security issues in bullseye.

7 important issues:

CVE-2026-8916: Out-of-bounds write vulnerability in Samsung Open Source rlottie allows Overflow Buffers. This issue affects rlottie: before dcfde72eae1b0464dc0dd760aec00ada6a148635.
CVE-2026-10305: Out-of-bounds read vulnerability in Samsung Open Source rlottie allows Overread Buffers. This issue affects rlottie: before 223a2a41ba4f462e4abe767bebba49a366c9b9fd.
CVE-2026-47306: Uncontrolled Recursion vulnerability in Samsung Open Source rlottie allows Oversized Serialized Data Payloads. This issue affects rlottie: before e2d19e3b150e0e4a9586fa90b56fd3061cc98945.
CVE-2026-47318: Stack-based buffer overflow vulnerability in Samsung Open Source rlottie allows Overflow Buffers. This issue affects rlottie: before ce72b35a7ad0dded03051d3aa0ef75321c3bd035.
CVE-2026-47319: Memory allocation with excessive size value vulnerability in Samsung Open Source rlottie allows Excessive Allocation. This issue affects rlottie: before 0b4e308fa88c72cbb60cc8a2c1d2c2ad89b101dd.
CVE-2026-47320: Access of uninitialized pointer, Uncontrolled Recursion vulnerability in Samsung Open Source rlottie allows Pointer Manipulation, Oversized Serialized Data Payloads. This issue affects rlottie: before eae37633fda13ac05b25c6c95aacea4bc33c80a3.
CVE-2026-49510: Integer overflow or wraparound vulnerability in Samsung Open Source rlottie allows Integer Attacks. This issue affects rlottie: before 21292665023e5074b38254432716866d00f1985f.

Created: 2026-06-05 Last update: 2026-06-08 11:00

7 security issues in bookworm high

There are 7 open security issues in bookworm.

1 important issue:

CVE-2026-49510: Integer overflow or wraparound vulnerability in Samsung Open Source rlottie allows Integer Attacks. This issue affects rlottie: before 21292665023e5074b38254432716866d00f1985f.

6 issues left for the package maintainer to handle:

CVE-2026-8916: (needs triaging) Out-of-bounds write vulnerability in Samsung Open Source rlottie allows Overflow Buffers. This issue affects rlottie: before dcfde72eae1b0464dc0dd760aec00ada6a148635.
CVE-2026-10305: (needs triaging) Out-of-bounds read vulnerability in Samsung Open Source rlottie allows Overread Buffers. This issue affects rlottie: before 223a2a41ba4f462e4abe767bebba49a366c9b9fd.
CVE-2026-47306: (needs triaging) Uncontrolled Recursion vulnerability in Samsung Open Source rlottie allows Oversized Serialized Data Payloads. This issue affects rlottie: before e2d19e3b150e0e4a9586fa90b56fd3061cc98945.
CVE-2026-47318: (needs triaging) Stack-based buffer overflow vulnerability in Samsung Open Source rlottie allows Overflow Buffers. This issue affects rlottie: before ce72b35a7ad0dded03051d3aa0ef75321c3bd035.
CVE-2026-47319: (needs triaging) Memory allocation with excessive size value vulnerability in Samsung Open Source rlottie allows Excessive Allocation. This issue affects rlottie: before 0b4e308fa88c72cbb60cc8a2c1d2c2ad89b101dd.
CVE-2026-47320: (needs triaging) Access of uninitialized pointer, Uncontrolled Recursion vulnerability in Samsung Open Source rlottie allows Pointer Manipulation, Oversized Serialized Data Payloads. This issue affects rlottie: before eae37633fda13ac05b25c6c95aacea4bc33c80a3.

You can find information about how to handle these issues in the security team's documentation.

Created: 2026-06-05 Last update: 2026-06-08 11:00

lintian reports 6 warnings normal

Lintian reports 6 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2024-08-29 Last update: 2025-11-19 03:30

1 open merge request in Salsa normal

There is 1 open merge request for this package on Salsa. You should consider reviewing and/or merging these merge requests.

Created: 2025-08-19 Last update: 2025-08-19 06:28

debian/patches: 14 patches to forward upstream low

Among the 29 debian patches available in version 0.1+dfsg-4.3 of the package, we noticed the following issues:

14 patches where the metadata indicates that the patch has not yet been forwarded upstream. You should either forward the patch upstream or update the metadata to document its real status.

Created: 2023-02-26 Last update: 2025-11-19 10:47

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.7.4 instead of 4.6.1).

Created: 2022-12-17 Last update: 2026-03-31 15:01

news

[rss feed]

[2026-02-09] Accepted rlottie 0.1+dfsg-2+deb11u1 (source) into oldoldstable-security (Thorsten Alteholz)
[2025-12-26] Accepted rlottie 0.1+dfsg-4+deb12u1 (source) into oldstable-proposed-updates (Debian FTP Masters) (signed by: Thorsten Alteholz)
[2025-12-20] Accepted rlottie 0.1+dfsg-4.2+deb13u1 (source) into proposed-updates (Debian FTP Masters) (signed by: Thorsten Alteholz)
[2025-11-24] rlottie 0.1+dfsg-4.3 MIGRATED to testing (Debian testing watch)
[2025-11-18] Accepted rlottie 0.1+dfsg-4.3 (source) into unstable (Thorsten Alteholz)
[2025-09-10] rlottie REMOVED from testing (Debian testing watch)
[2024-09-03] rlottie 0.1+dfsg-4.2 MIGRATED to testing (Debian testing watch)
[2024-08-29] Accepted rlottie 0.1+dfsg-4.2 (source) into unstable (Matthias Klose)
[2024-08-25] Accepted rlottie 0.1+dfsg-4.1 (source) into unstable (Andrey Rakhmatullin) (signed by: Andrey Rahmatullin)
[2024-08-25] rlottie REMOVED from testing (Debian testing watch)
[2022-09-18] rlottie 0.1+dfsg-4 MIGRATED to testing (Debian testing watch)
[2022-09-12] Accepted rlottie 0.1+dfsg-4 (source) into unstable (Nicholas Guriev)
[2022-08-13] rlottie 0.1+dfsg-3 MIGRATED to testing (Debian testing watch)
[2022-08-08] Accepted rlottie 0.1+dfsg-3 (source) into unstable (Nicholas Guriev)
[2021-06-07] rlottie 0.1+dfsg-2 MIGRATED to testing (Debian testing watch)
[2021-06-02] Accepted rlottie 0.1+dfsg-2 (source) into unstable (Nicholas Guriev)
[2020-07-27] rlottie 0.1+dfsg-1 MIGRATED to testing (Debian testing watch)
[2020-07-21] Accepted rlottie 0.1+dfsg-1 (source) into unstable (Nicholas Guriev) (signed by: Mattia Rizzolo)
[2020-03-17] rlottie 0~git20200305.a717479+dfsg-1 MIGRATED to testing (Debian testing watch)
[2020-03-11] Accepted rlottie 0~git20200305.a717479+dfsg-1 (source) into unstable (Nicholas Guriev) (signed by: Mattia Rizzolo)
[2019-11-28] Accepted rlottie 0~git20190721.24346d0+dfsg-2~bpo10+2 (source amd64) into buster-backports (Andreas Tille)
[2019-10-14] Accepted rlottie 0~git20190721.24346d0+dfsg-2~bpo10+1 (source amd64) into buster-backports, buster-backports (Andreas Tille)
[2019-08-30] rlottie 0~git20190721.24346d0+dfsg-2 MIGRATED to testing (Debian testing watch)
[2019-08-23] Accepted rlottie 0~git20190721.24346d0+dfsg-2 (source amd64) into unstable, unstable (Nicholas Guriev) (signed by: Mattia Rizzolo)

bugs [bug history graph]

all: 4
RC: 0
I&N: 0
M&W: 0
F&P: 4
patch: 0

links

homepage
lintian (0, 6)
buildd: logs, reproducibility, cross
popcon
browse source code
other distros
security tracker
debian patches

ubuntu

[Information about Ubuntu for Debian Developers]

version: 0.1+dfsg-4.3