[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Accepted yelp-xsl 3.38.3-1+deb11u1 (source) into oldstable-security

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 26 May 2025 16:31:01 -0300
Source: yelp-xsl
Architecture: source
Version: 3.38.3-1+deb11u1
Distribution: bullseye-security
Urgency: medium
Maintainer: Debian GNOME Maintainers <pkg-gnome-maintainers@lists.alioth.debian.org>
Changed-By: Lucas Kanashiro <kanashiro@debian.org>
Changes:
 yelp-xsl (3.38.3-1+deb11u1) bullseye-security; urgency=medium
 .
   * Non-maintainer upload by the LTS team.
   * Fix CVE-2025-3155.
     The Gnome user help application allows the help document to execute
     arbitrary scripts. This vulnerability allows malicious users to input
     help documents, which may exfiltrate user files to an external
     environment.
     - d/p/CVE-2025-3155.patch
Checksums-Sha1:
 995bd787c81128cf960315a06352c73a707f5bde 2135 yelp-xsl_3.38.3-1+deb11u1.dsc
 d4665895c97676ef4b1718f93147ec3cdca0fd3c 642928 yelp-xsl_3.38.3.orig.tar.xz
 99b4dc8c4abe5637d90cf860969dee333e9fb671 5976 yelp-xsl_3.38.3-1+deb11u1.debian.tar.xz
Checksums-Sha256:
 cccf929a22ee14099abe446f98edcc95c8f91133e72b8c2183ff2b723d4bf944 2135 yelp-xsl_3.38.3-1+deb11u1.dsc
 193b6abd4697b7b421e98c36d4d3135da0b0fdb51aa53e602ed368dd84d1fd03 642928 yelp-xsl_3.38.3.orig.tar.xz
 a114a0794e3d048a0ba3510541ec9c1050236e9ac06733aa387868ef9c1bec3a 5976 yelp-xsl_3.38.3-1+deb11u1.debian.tar.xz
Files:
 2457c88ab18435db8bb12531f4539e63 2135 gnome optional yelp-xsl_3.38.3-1+deb11u1.dsc
 f55f9d738ac4ae75bedac02745236a5a 642928 gnome optional yelp-xsl_3.38.3.orig.tar.xz
 08bd6e1d92640291de59cd54356028af 5976 gnome optional yelp-xsl_3.38.3-1+deb11u1.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQJJBAEBCgAzFiEEjtbD+LrJ23/BMKhw+COicpiDyXwFAmg3TV8VHGthbmFzaGly
b0BkZWJpYW4ub3JnAAoJEPgjonKYg8l8nHUP/2B0l3NbbyLWWlCsLEkD5/sz2uxN
YrF/z/dbNKMQgmpcD1q3rJ/xfHiacRqqNZyl8nshU6ptL2a11ek7v8RCo7S+0IqI
YoylkpaLBavRcbRibuM+d79qb7giABVqXBeaklxI0XBdAYtRFeG4aEDIF1Ebwhwe
G38DncgljrQpPUADk42t7VOGUpiw1P8sxF3JU4LAblOAuDfJJRdBd25TcSj4NCLq
1uUHk0FlqbONy+9zvBTSAgUHHlQ8ttaBbxwhlIuWp7RMNGU5Hi1+7sKeQEiOUjnU
XBDkgBvaxPorblh3BfQDppLiEOMP5iDm9++Sd0rHwEDvsd8H9mkwIbSzwP6Wq+wW
uh9PBo/n0B03UVKLRJ34ndNBekiiRpaP2FoeyhkGgtk7a0WgalnpOp+mhXmD/EFk
xsTwn5hjgmRE8Tah+q6L1oytO9Ku0QlfuVyAQxK92oO6LubER2gdAV0OsxKGqYAv
jbOcJm/B4AiCLSStryEar8kGTvyHFAFvPHgQynNe5xqyQSIusJEiJdTQjNPORAQa
sO/KjCtWbzFp+aTRX5dqinroxvD4CYCnlOZMCxEVlnzCJzGn52A2UGo9c7Wl761U
KmrzZJznIZZKM24cLSNzgE6SN4yTyj93+OH70bclc6gfkKKSX7loXw7s/kZc1ocM
+9EXwOzCpHrQecTK
=NGPt
-----END PGP SIGNATURE-----

Attachment: pgpHOBySRr5U2.pgp
Description: PGP signature

Reply to: