-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 03 Jul 2025 16:06:10 +0800 Source: jpeg-xl Binary: libjpegxl-java libjpegxl-java-dbgsym libjxl-dev libjxl-devtools libjxl-devtools-dbgsym libjxl-tools libjxl-tools-dbgsym libjxl0.7 libjxl0.7-dbgsym Architecture: ppc64el Version: 0.7.0-10+deb12u1 Distribution: bookworm-security Urgency: high Maintainer: ppc64el Build Daemon (ppc64el-conova-02) Changed-By: Aron Xu Description: libjpegxl-java - JPEG XL Image Coding System - "JXL" (java bindings) libjxl-dev - JPEG XL Image Coding System - "JXL" (development files) libjxl-devtools - JPEG XL Image Coding System - "JXL" (dev command line utility) libjxl-tools - JPEG XL Image Coding System - "JXL" (command line utility) libjxl0.7 - JPEG XL Image Coding System - "JXL" (shared libraries) Closes: 1034722 1055306 1088818 Changes: jpeg-xl (0.7.0-10+deb12u1) bookworm-security; urgency=high . * Non-maintainer upload by the Security Team. * CVE-2023-0645: out of bounds read in the exif handler (Closes: #1034722) * CVE-2023-35790: integer underflow in patch decoding can lead to a denial of service issue. (Closes: #1055306) * CVE-2024-11403: out-of-bounds write in the JPEG decoder when doing recompression. (Closes: #1088818) * CVE-2024-11498: stack buffer overflow in modular trees (Closes: #1088818) Checksums-Sha1: 8c4d3bab7617330f6a0ac6f0a7131ef8ac672da8 14448 jpeg-xl_0.7.0-10+deb12u1_ppc64el-buildd.buildinfo ab0c366fc9e31aae0763eed7c7344d01157e2723 7251304 libjpegxl-java-dbgsym_0.7.0-10+deb12u1_ppc64el.deb d9b6290d3bacd3fd7881aa5c61848347f4f0801e 361636 libjpegxl-java_0.7.0-10+deb12u1_ppc64el.deb d3b1a107e6bd03cc51bbc4cebf8671b45eec2b71 49640 libjxl-dev_0.7.0-10+deb12u1_ppc64el.deb 1bf74d4d3abd00035ef4414ee1b15b30a3d75fcd 209045424 libjxl-devtools-dbgsym_0.7.0-10+deb12u1_ppc64el.deb e6acd73a2b81b81d0ccd6af3137f49c1b5ac37f6 2555156 libjxl-devtools_0.7.0-10+deb12u1_ppc64el.deb f63ed3b9299eacb294f2e6c4dc6a80fffb03fac4 20521416 libjxl-tools-dbgsym_0.7.0-10+deb12u1_ppc64el.deb 5ae3d972a12f26464393fc3985a7218639ff18b1 843348 libjxl-tools_0.7.0-10+deb12u1_ppc64el.deb 4866016a5838c7b7c57c177f366a5fcf690034f5 16709824 libjxl0.7-dbgsym_0.7.0-10+deb12u1_ppc64el.deb bc1bd2d15a9d1ef00972b98915b21e16acbf7bfa 763120 libjxl0.7_0.7.0-10+deb12u1_ppc64el.deb Checksums-Sha256: 17b4f0c075a644d33df672a13164c11e8717b2b93dbb37d52b8a4679b936552d 14448 jpeg-xl_0.7.0-10+deb12u1_ppc64el-buildd.buildinfo 01b443e2d510475c462e1b4675423a596e1e7d0d797ced8ec8881a9d6f7195e0 7251304 libjpegxl-java-dbgsym_0.7.0-10+deb12u1_ppc64el.deb cdd7abbde098a85b6a391b25becb51360470eefc451fb250c17f4217f50e1475 361636 libjpegxl-java_0.7.0-10+deb12u1_ppc64el.deb 193b71604136f0fe370b6e609dedc4e9eae1eff6f633a7f8767c2cc3ef0beb04 49640 libjxl-dev_0.7.0-10+deb12u1_ppc64el.deb 1f173fad7de7b4048b178cc0e92aa4606f7d41ef35175fd3e298e41666d36487 209045424 libjxl-devtools-dbgsym_0.7.0-10+deb12u1_ppc64el.deb 9e30e67fbc029413e56db1b0fcdf3cb451e25c09ebe79fafaa414be94e05a280 2555156 libjxl-devtools_0.7.0-10+deb12u1_ppc64el.deb 683643bad28a09a31799855e5607f7521d8a959a255ecbdd84fc7e4912770768 20521416 libjxl-tools-dbgsym_0.7.0-10+deb12u1_ppc64el.deb faa685055ca784e1720bb8dedb499f94aa927d71f3c5dbc3692c8da1c9f74ce1 843348 libjxl-tools_0.7.0-10+deb12u1_ppc64el.deb 994600ab254cdadcd1825f132b486b0856ba3b8faf7dc9ef64d545f52aac4417 16709824 libjxl0.7-dbgsym_0.7.0-10+deb12u1_ppc64el.deb 83c738b438d6e64773c3c5e8708dbc57df721ac2c88b0d8f97e7c4724c1effb2 763120 libjxl0.7_0.7.0-10+deb12u1_ppc64el.deb Files: bf9dd840af6a11c5c3304667e359cc58 14448 graphics optional jpeg-xl_0.7.0-10+deb12u1_ppc64el-buildd.buildinfo 261aafa52bfec72d2e2420bd0290d5ab 7251304 debug optional libjpegxl-java-dbgsym_0.7.0-10+deb12u1_ppc64el.deb 4dc6dbbdaf0921c388088f341cbfbce5 361636 java optional libjpegxl-java_0.7.0-10+deb12u1_ppc64el.deb b892b25841610400c8bb410ed110dc6e 49640 libdevel optional libjxl-dev_0.7.0-10+deb12u1_ppc64el.deb 163009d5782af5b5c7ea98074cec7025 209045424 debug optional libjxl-devtools-dbgsym_0.7.0-10+deb12u1_ppc64el.deb da4aadd9bfabf2e84189aaa272bf199f 2555156 utils optional libjxl-devtools_0.7.0-10+deb12u1_ppc64el.deb f3a37797d8badea0301301086e642965 20521416 debug optional libjxl-tools-dbgsym_0.7.0-10+deb12u1_ppc64el.deb 8bbd43197f0552f0f03c903ada0786ad 843348 utils optional libjxl-tools_0.7.0-10+deb12u1_ppc64el.deb 9a0bf854e5da3842cc28bbd007dbbed9 16709824 debug optional libjxl0.7-dbgsym_0.7.0-10+deb12u1_ppc64el.deb ae5be5644991a7d7dad23d99ec11aaea 763120 libs optional libjxl0.7_0.7.0-10+deb12u1_ppc64el.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEZAv/jpGRqS40qyb11oy1TpxF0ZAFAmhmWucACgkQ1oy1TpxF 0ZAnlA/+Owx4uvkUa23zz0StR9cd62xuv18Ojw0aC/x0FDnc2B77HEAK6iplhf2w giieP6WoO+Zd66LpI3E5PuYYekerGQrsJA70GVGopTwqPLv69VhgRYgkTsyAJy0T nbSOtcEAY4JRhmu5Ixt1wgTAqJHMNc/Ve7MrYA1wvurlWG8ZlVM/5iImULRIA/O6 1pevMe1s90mumJmyvYnJUjU/v/N3q16sur+UwE2YdT5wcGkZLOpQKuUsxgxwh6KZ UxAU/OYFxkW5P0lELsWLNVFBuQ8Zd6phb4KFKsvT5d7qZxAOcKNWq8PwyrvzGJ02 5TOi00UljXtTx4X2ojkSjIVyRkCsWbTAdL1H7rf1G0bjyKpuJ1dN+EhnrW+eK6mF SJrMHNIAmb253OzSH/VyQuvOV1thIBcGPK/DIwS17dx58ylzT0Fo7Vx+kCXK4qrb wMtBWmBmxsaEGajE82GfgDd7jZ+mluW/yxeOWyg70Wu6LtFDJ9ZiJkVD0lF6Xh2G n1iA2kNExXzZ7cKW7A59Y7bkPJ8tsCW8IozqX3kORXu6HnHH5LYDRGYoTZMShuX3 F2GfTAszH3ZNrBhJiEpAg7QGqJkTx6Rfwzw1TwxslrYZk11hCKxCGeFeH/tuC/OT gMCiigKZroeC2OwVkPwio4aBGDHH0cauF6aOhs/2A+TUQiuUTcY= =onZk -----END PGP SIGNATURE-----