-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 20 Nov 2025 10:45:05 +0100
Source: libcupsfilters
Architecture: source
Version: 2.0.0-3+deb13u1
Distribution: trixie
Urgency: medium
Maintainer: Debian Printing Team <debian-printing@lists.debian.org>
Changed-By: Thorsten Alteholz <debian@alteholz.de>
Closes: 1120697 1120703
Changes:
 libcupsfilters (2.0.0-3+deb13u1) trixie; urgency=medium
 .
   * CVE-2025-64503
     fix an out of bounds write vulnerability when processing crafted
     PDF files containing a large 'Mediabox' value.
     (Closes: #1120697)
 .
   * CVE-2025-57812
     fix an out of bounds read/write vulnerability in the processing
     of TIFF image files.
     (Closes: #1120703)
Checksums-Sha1:
 8e91cb4b14ad28eb8d90967611e194b5ebe1e1ed 2931 libcupsfilters_2.0.0-3+deb13u1.dsc
 e81e2623ba23e536e94906962661cad18adcb0fa 1279856 libcupsfilters_2.0.0.orig.tar.xz
 06e73f35a3cd3735c41e95e56fd9460bfa0383a8 64792 libcupsfilters_2.0.0-3+deb13u1.debian.tar.xz
 8e1e5cae6bcd8406749349788220f7720b2f47d4 13699 libcupsfilters_2.0.0-3+deb13u1_amd64.buildinfo
Checksums-Sha256:
 46a840a51f360fb75e2bf5d5561be213eecb0dd5182f4b68df60eb774096c248 2931 libcupsfilters_2.0.0-3+deb13u1.dsc
 542f2bfbc58136a4743c11dc8c86cee03c9aca705612654e36ac34aa0d9aa601 1279856 libcupsfilters_2.0.0.orig.tar.xz
 d19c777c84b47580966c3f1009bd0afd4760a2a0c4ee889a75dfe8ff5ce90a5d 64792 libcupsfilters_2.0.0-3+deb13u1.debian.tar.xz
 c9f5e4b2f5ad2a7c31cb80d92e47800869e3dc3693eb69226e17ca9727655ba9 13699 libcupsfilters_2.0.0-3+deb13u1_amd64.buildinfo
Files:
 0fbd6d4cb2624c0c2f759815feff5478 2931 net optional libcupsfilters_2.0.0-3+deb13u1.dsc
 267e569145bd20615fa18ae65ea6f870 1279856 net optional libcupsfilters_2.0.0.orig.tar.xz
 198bd108c3e16b4cc3763151be7c2297 64792 net optional libcupsfilters_2.0.0-3+deb13u1.debian.tar.xz
 42080fd5b8b37b9caea15e81085524a8 13699 net optional libcupsfilters_2.0.0-3+deb13u1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQKnBAEBCgCRFiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAmk8V6RfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy
MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcTHGRlYmlhbkBh
bHRlaG9sei5kZQAKCRCW/KwNOHtYR0zfD/4i3xcnllUu2Ut3IloQW2Isfuj3UX3f
DwAX0unPNSZgaesD+xoBwEyf2zdCSixaSypOXy1Yb8mBCohLY/aK4zyNalYBc6eM
7WE+s86ijo2Xf/ak+suGecQKiyi5Q/U5YQXGA44jw3e6RSCHKYRBQTWLBytUEY4l
jAndSP5V3LzgB4FGVgqXbrR2uXDtLjtyuYavjqhzaXZsAPjaDcpA9G8Wr828gBW3
4LDur5rdm5ULsKRvk8vbsgXB9fSpeC3nrky0rNtwvrSJ31CPSKzzm0kRSuGeAPHV
uJ2/8gzLfShunDfyK/HDBIb4KIaIBnONJ4vs6oKhyGUdZCK7HbJp+0fDQlmA5rGA
a3BP/bb4pXiENUFHBDDg+hd7CWQ6T+15q059EG13duNnlBeaqWZX3gb6GGTX48c0
6eHB3yOe28iRvRVKzdTXWWDdEPqiNHLFUU6IQENzF4ADIbtvqvii7/UdESCs4Vm3
OM2lx+9OhlWNAV+8lgQUR49JHoeH29qEBltZ+dPwshQ2rkY95C8x8EbsvZg278oK
WNsgJ6qlkUxNTvvR1F2tOmMcA2ceh4/d2y2qju9WFWubZbbYEBIM6Ozfdb/XeWqZ
gfsdnp6Phs8CNXYCz5cBH7oR0gb8BlWl9EwE9cZscn181OOLpOZUBLuamij2E54K
bXgH+QyKvyXDhw==
=FJYN
-----END PGP SIGNATURE-----