-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 03 Jul 2026 14:07:04 +0300 Source: rlottie Binary: librlottie-dev librlottie0-1 librlottie0-1-dbgsym Architecture: i386 Version: 0.1+dfsg-4+deb12u2 Distribution: bookworm Urgency: medium Maintainer: amd64 / i386 Build Daemon (x86-ubc-02) Changed-By: Nicholas Guriev Description: librlottie-dev - library for rendering vector based animations and art (developmen librlottie0-1 - library for rendering vector based animations and art Closes: 1138919 1138920 1139179 Changes: rlottie (0.1+dfsg-4+deb12u2) bookworm; urgency=medium . * Fix off-by-one error in Fortify-FreeType-raster.patch. * Add Fixed-vpath-potential-issue.patch to fix CVE-2026-47319. (Closes: #1138919) * Add Limit-recursion-in-LOTLayerItem.patch to fix CVE-2026-47320. (Closes: #1138920) * New Fixed-signed-shift-issue.patch probably fixes CVE-2026-10305. (Closes: #1139179) * New Fix-heap-buffer-overflow-from-short-truncation.patch. Checksums-Sha1: c3720320a4e6d9b52fe4640dbd8ff080ac09f8e0 21020 librlottie-dev_0.1+dfsg-4+deb12u2_i386.deb 879b6cb06af0fda5fb9cb236488c2729bc08ce2d 2455940 librlottie0-1-dbgsym_0.1+dfsg-4+deb12u2_i386.deb 864894b917ba7b250f1d50098728346ef2f7ccdc 165432 librlottie0-1_0.1+dfsg-4+deb12u2_i386.deb 7c3d734bb53afd5ecd527f420ee5eea666f06bae 7504 rlottie_0.1+dfsg-4+deb12u2_i386-buildd.buildinfo Checksums-Sha256: 4686c3656df5cecf3ffea70a067b9456a867b0275e5d4d90eacb55870ac52704 21020 librlottie-dev_0.1+dfsg-4+deb12u2_i386.deb de8d6b673d1842a6d770bb55d8c44664bcf89b0cbc9909d095f96cf618127b2d 2455940 librlottie0-1-dbgsym_0.1+dfsg-4+deb12u2_i386.deb 423c148b0e2fc6d2cca628d828fbcfb75572a75e3e7720c493b939691640d729 165432 librlottie0-1_0.1+dfsg-4+deb12u2_i386.deb cb0ea939a2717104997ad5cb75d7bd29d9ae8e8c1ab9ee08f7501cee94223117 7504 rlottie_0.1+dfsg-4+deb12u2_i386-buildd.buildinfo Files: 155211b3956f6cdd18396437daf78793 21020 libdevel optional librlottie-dev_0.1+dfsg-4+deb12u2_i386.deb 2f502ee611f56c40bf5bc0d528d93f28 2455940 debug optional librlottie0-1-dbgsym_0.1+dfsg-4+deb12u2_i386.deb 7381bfb8a669a5e86abbf1408f304d2d 165432 libs optional librlottie0-1_0.1+dfsg-4+deb12u2_i386.deb b3a101013d4f42da1e7fff23c693309f 7504 libs optional rlottie_0.1+dfsg-4+deb12u2_i386-buildd.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEb5EwsJvHBEjqIJYIbheoBegwXLIFAmpI5W0ACgkQbheoBegw XLK1xg//YE//YFVv0E2gsER2ckZDoP4PizKdTx4x2JNdOAURFm8in5swS8D8wsiQ P74toN2b1nAVwsssWEHSNBr6+Iem7mNcdqrHKtmark4O/mPzGOghsdoFBwbSTVHO C+dCrT3We8n8IYZi9nIepBsY7DsxniCAf29JYyY2WU263MdJpcByjLDZ+KXW5pun ooM1j0bC2kLBOwgGEkk0AR6z1y5VT+1xrpQr0b/Wtv9C54Y+/mNL/JwlcgTb5n/q lDSjhuAaUQZw5p8UC0RPKgeQD30pmhgyS47XAaJQMOiYv+SV1kUnJ0JG4N6JPylp 80w72CUM7CyTg8sjn2VrkDbmwesYKQ588x3Wg3Dj4n1l49IbqD42hy9hooePgqeu D/18dBflWBSpyTd9aUXhDSlC3BgVWfxhLSfOvLMvgYO1jsvhjy3aLc/O8jI7DT13 MsU5dPHY5uFXJG1nOxZca8fk3cE6G/vx34MwxlD4p1SjFdkuMd6gWTOJ9gOCN+c2 FXVvKE+F8x5kOZDrtyPhesyf2+rkRM8uipRfsf6dw6nqQx25hPmJvEC/pTrM7AA+ jqpqzaK3iSA8/0yFUXyatQlnW4HGd45pjednveyTAu8b+zwtjIPwy5zI3Mj55f4v pvUU2tEZylm9upkMXsBCUte6w7dROObYodIZ9rTiywzF7yvS+eg= =apOA -----END PGP SIGNATURE-----