-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 03 Jul 2025 16:06:10 +0800
Source: jpeg-xl
Binary: libjpegxl-java libjpegxl-java-dbgsym libjxl-dev libjxl-devtools libjxl-devtools-dbgsym libjxl-tools libjxl-tools-dbgsym libjxl0.7 libjxl0.7-dbgsym
Architecture: armhf
Version: 0.7.0-10+deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: arm Build Daemon (arm-conova-01) <buildd_arm64-arm-conova-01@buildd.debian.org>
Changed-By: Aron Xu <aron@debian.org>
Description:
 libjpegxl-java - JPEG XL Image Coding System - "JXL" (java bindings)
 libjxl-dev - JPEG XL Image Coding System - "JXL" (development files)
 libjxl-devtools - JPEG XL Image Coding System - "JXL" (dev command line utility)
 libjxl-tools - JPEG XL Image Coding System - "JXL" (command line utility)
 libjxl0.7  - JPEG XL Image Coding System - "JXL" (shared libraries)
Closes: 1034722 1055306 1088818
Changes:
 jpeg-xl (0.7.0-10+deb12u1) bookworm-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * CVE-2023-0645: out of bounds read in the exif handler (Closes: #1034722)
   * CVE-2023-35790: integer underflow in patch decoding can lead to a denial
     of service issue. (Closes: #1055306)
   * CVE-2024-11403: out-of-bounds write in the JPEG decoder when doing
     recompression. (Closes: #1088818)
   * CVE-2024-11498: stack buffer overflow in modular trees (Closes: #1088818)
Checksums-Sha1:
 d6b3a47a4b9cc74f3f39c84db94b415bd8bc2a10 14253 jpeg-xl_0.7.0-10+deb12u1_armhf-buildd.buildinfo
 d9c14df301de81b9dc01a3f2101b27a01d3e3021 8110036 libjpegxl-java-dbgsym_0.7.0-10+deb12u1_armhf.deb
 1ac8a5c119a00fbadfc6a4145418ec22fc99950c 351892 libjpegxl-java_0.7.0-10+deb12u1_armhf.deb
 55b5f6067a8062600224614161282d8673a0a096 49636 libjxl-dev_0.7.0-10+deb12u1_armhf.deb
 bdf5443d6422477c479c416f702bd717580ce198 232977008 libjxl-devtools-dbgsym_0.7.0-10+deb12u1_armhf.deb
 81fcb054c69afbedd187bb2042e8368ec6fdbef7 1989928 libjxl-devtools_0.7.0-10+deb12u1_armhf.deb
 fabb679edd6f3c3732baafde19de6b4b0d0b91f5 22589032 libjxl-tools-dbgsym_0.7.0-10+deb12u1_armhf.deb
 884fbd548946141a7906b17f6c38cca3bce1374f 818648 libjxl-tools_0.7.0-10+deb12u1_armhf.deb
 f4b8d540e02d15570e87f09247bcf00515b766ca 20174844 libjxl0.7-dbgsym_0.7.0-10+deb12u1_armhf.deb
 80eb26b882854d0577698cada578dde6975f79d3 796524 libjxl0.7_0.7.0-10+deb12u1_armhf.deb
Checksums-Sha256:
 85d97513e5aec0834911bb4ed92e34e26b29d321188f5f7c8ab39fdac9283651 14253 jpeg-xl_0.7.0-10+deb12u1_armhf-buildd.buildinfo
 06c5e52ff683794008af56b1370cf75557cd08698d9d860577c20d27459e05ff 8110036 libjpegxl-java-dbgsym_0.7.0-10+deb12u1_armhf.deb
 bc2e5f651beb3b1949bd295bedee2affd754178da66f1ea5f0776ee334761710 351892 libjpegxl-java_0.7.0-10+deb12u1_armhf.deb
 a2880bb581790d37ab050407b7e202db3b94ab2050546cf9200937744df58720 49636 libjxl-dev_0.7.0-10+deb12u1_armhf.deb
 0c8d970e49a11280774226a8c91014d85d3083d727f6bc55fca7fff02c83d95d 232977008 libjxl-devtools-dbgsym_0.7.0-10+deb12u1_armhf.deb
 4f253fec22864f39cdc21f2abee9ce7ae779b819adf3d72951a919c0564b06fd 1989928 libjxl-devtools_0.7.0-10+deb12u1_armhf.deb
 2fb5f72a5f1bc81eafb7cc23900b37cb69f35b765ec42a5187ca422d4deb39c8 22589032 libjxl-tools-dbgsym_0.7.0-10+deb12u1_armhf.deb
 780526ae4b4cf1ac24ed7b16d0717404feeaccb55b44c68cf0e6064d52e12fa0 818648 libjxl-tools_0.7.0-10+deb12u1_armhf.deb
 1a5467608cbe9143ffe423a0b1e8943026b8085f7b3fd14d979a46ebfe03a41c 20174844 libjxl0.7-dbgsym_0.7.0-10+deb12u1_armhf.deb
 6affb1ea3ac5d1fdf3115e1439a5ff116df35ff1ed998e3de52fad64e5f7e15e 796524 libjxl0.7_0.7.0-10+deb12u1_armhf.deb
Files:
 5832027be508867287a01783c360c10d 14253 graphics optional jpeg-xl_0.7.0-10+deb12u1_armhf-buildd.buildinfo
 4433804885a2b55865f0419a7ab1eb40 8110036 debug optional libjpegxl-java-dbgsym_0.7.0-10+deb12u1_armhf.deb
 c61391dec9c8b189c1e55bf01314a610 351892 java optional libjpegxl-java_0.7.0-10+deb12u1_armhf.deb
 9b84206eb0a5c7938079fd1639801536 49636 libdevel optional libjxl-dev_0.7.0-10+deb12u1_armhf.deb
 5a4736eb2e7462749ad999a7b258ead5 232977008 debug optional libjxl-devtools-dbgsym_0.7.0-10+deb12u1_armhf.deb
 4e631b5f261f73e4c62f7b6ea8bbe6eb 1989928 utils optional libjxl-devtools_0.7.0-10+deb12u1_armhf.deb
 b96974aededec6112d11778dd40aff91 22589032 debug optional libjxl-tools-dbgsym_0.7.0-10+deb12u1_armhf.deb
 678e4fdedc18dbbcb4089fd7643a4602 818648 utils optional libjxl-tools_0.7.0-10+deb12u1_armhf.deb
 438363f8eef081c744a12e611f9292ee 20174844 debug optional libjxl0.7-dbgsym_0.7.0-10+deb12u1_armhf.deb
 b9fdba0c3658efc686ff0ac340d2e7d5 796524 libs optional libjxl0.7_0.7.0-10+deb12u1_armhf.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEegRwmIwj8f99iF4m4CwlMGxHD8UFAmhmW7wACgkQ4CwlMGxH
D8V8Xw//abEJdNLLFJi/Ml9hrJasTISZ+wa31VfxzfF+cKeLBWAU3WIxzi/2NCeO
EURxTwNLrhS8j2rDGdLGzxAGgKRN4G16g8PNGW4kv6vCX1W9NkA/vtOWUMZlhJe3
5tL3gBweSyETuMhEPujGo78xnEYct8qjOi36+/mAPGurAffIpJs4ykmpD3vXiQkm
o3vHaw4QbqQYIRLcQChoTf1mhuRycFHQj5vxJqAucnFztIwDCBgD6cCp7VoPanor
QJzzffvMN6jE+Ao2/u9a+SA4Ci/ktkO11RVv+WFDp2Hi0Z12Z+VQyRp6ghj5bqrw
rUVw5KVe8tgQ2EmHIq6AmnoqLIKgcl/YyCD1Jp0r2lxlhwrr+4Pi1IuzKgFC+jz/
0XW5sJ20vAPX5a9bI9x3tfG61OR1pKHu1wou2/8ECy4F8037fnAC6SlIERyhtk3C
2sZ3X8xtByj/wb7URI2D4e8gCAORF6bf+CpZZcp7QQ4ZXqCfN35plhhaFApVoJHH
Kit3Fpf/QaSA6O/rVg2rh1ffKOYIjsuWaHBesqpF+W3HtEmFxa4Ubir80Jfa4Gwt
O9RMsmvsw4MH7gDmYaYuAyi1Qjg9H2ThMrqaR215qmeFRx+GrRnevwu6XqAA9rBl
9QSett9R5Xtkif1+YbMIJY2qIpYmkrlKQ5Rb2okKj9Lc8J1UsBo=
=CvF2
-----END PGP SIGNATURE-----