-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Fri, 03 Jul 2026 14:07:04 +0300 Source: rlottie Architecture: source Version: 0.1+dfsg-4+deb12u2 Distribution: bookworm Urgency: medium Maintainer: Nicholas Guriev Changed-By: Nicholas Guriev Closes: 1138919 1138920 1139179 Changes: rlottie (0.1+dfsg-4+deb12u2) bookworm; urgency=medium . * Fix off-by-one error in Fortify-FreeType-raster.patch. * Add Fixed-vpath-potential-issue.patch to fix CVE-2026-47319. (Closes: #1138919) * Add Limit-recursion-in-LOTLayerItem.patch to fix CVE-2026-47320. (Closes: #1138920) * New Fixed-signed-shift-issue.patch probably fixes CVE-2026-10305. (Closes: #1139179) * New Fix-heap-buffer-overflow-from-short-truncation.patch. Checksums-Sha1: 8ea12e3376b81807f38846d7b1b09e580cfee78e 1474 rlottie_0.1+dfsg-4+deb12u2.dsc f9683db1c5c1e644579cd6063bac8982701d8410 24364 rlottie_0.1+dfsg-4+deb12u2.debian.tar.xz Checksums-Sha256: 088111e5b3ba156ab35761264b80eb5496a72244fd6b0b32a4cf1c6bfef07bd7 1474 rlottie_0.1+dfsg-4+deb12u2.dsc 38effe1a5946651e986c02a0304661125f181660a083acd8413460622b2b60e7 24364 rlottie_0.1+dfsg-4+deb12u2.debian.tar.xz Files: 0b075ef557c045fda090781a614fd3ab 1474 libs optional rlottie_0.1+dfsg-4+deb12u2.dsc ac9a7ab3cd22a4fe0c0d5d604488b5a7 24364 libs optional rlottie_0.1+dfsg-4+deb12u2.debian.tar.xz -----BEGIN PGP SIGNATURE----- iIYEARYIAC4WIQQRm7llN8yxifaG60cF2qh9JI3wlQUCakeYUxAcZ3VyaWV2LW5z QHlhLnJ1AAoJEAXaqH0kjfCVWZoBAIdvWCV6jCIBqY/Zek8KN4ttloqXbsUNxeGf OHJc/EZnAP9BtXfzb6y16caXdu0mz9hvxt3oqJmyd+HSv+ZIlAiCCg== =49fp -----END PGP SIGNATURE-----