-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 23 Mar 2026 10:42:06 +0200
Source: jpeg-xl
Architecture: source
Version: 0.11.2-0.1~deb13u1
Distribution: trixie
Urgency: medium
Maintainer: Debian PhotoTools Maintainers <pkg-phototools-devel@lists.alioth.debian.org>
Changed-By: Adrian Bunk <bunk@debian.org>
Closes: 1092659 1110508 1110520 1114914 1123400 1128067 1128068
Changes:
 jpeg-xl (0.11.2-0.1~deb13u1) trixie; urgency=medium
 .
   * Non-maintainer upload.
   * Rebuild for trixie.
     - Revert the test timeout increase.
 .
 jpeg-xl (0.11.2-0.1) unstable; urgency=medium
 .
   * Non-maintainer upload.
   * New upstream release.
     - CVE-2025-12474: Decoder read from uninitialized (but allocated)
       memory (Closes: #1128068)
     - CVE-2026-1837: Decoder write to uninitialized unallocated memory
       (Closes: #1128067)
   * Disable a failing test. (Closes: #1123400)
   * Increase the test timeout. (Closes: #1114914)
   * Backport a loong64 FTBFS fix.
 .
 jpeg-xl (0.11.1-6) unstable; urgency=medium
 .
   [ Helmut Grohne ]
   * Fix FTCBFS: Depend on a native JDK (Closes: #1110508)
   * Fix the nojava build profile
 .
 jpeg-xl (0.11.1-5) unstable; urgency=medium
 .
   * Cherry-pick patch to fix big-endian build
   * Remove obsolete bigendian patch
   * Stop using gcc-13 for big endian architectures (Closes: #1092659, #1110520)
Checksums-Sha1:
 d5e5d2b043b5b04131ec6117407fef2ec69e766b 3212 jpeg-xl_0.11.2-0.1~deb13u1.dsc
 2acaf75909eea67cc7d861a9a918733d5f630db8 1882762 jpeg-xl_0.11.2.orig.tar.gz
 683ab0f911937570ebc9110df00ee59f73b115b1 22584 jpeg-xl_0.11.2-0.1~deb13u1.debian.tar.xz
Checksums-Sha256:
 8354702e38db8af9b4968bf888c5b3d851f2d2477171f7d27d3bafc5edcc7f74 3212 jpeg-xl_0.11.2-0.1~deb13u1.dsc
 ab38928f7f6248e2a98cc184956021acb927b16a0dee71b4d260dc040a4320ea 1882762 jpeg-xl_0.11.2.orig.tar.gz
 3b5d307f876cfa62719294f1df6dbe44ad5c4602870f3cff30ed7f20ee2084a6 22584 jpeg-xl_0.11.2-0.1~deb13u1.debian.tar.xz
Files:
 a00f78559a077e193714afa5027f1a05 3212 graphics optional jpeg-xl_0.11.2-0.1~deb13u1.dsc
 eda39db6e7a58b73be9124381862b9d1 1882762 graphics optional jpeg-xl_0.11.2.orig.tar.gz
 4dbcf1d42b1cdcec3bc4282648e8f96f 22584 graphics optional jpeg-xl_0.11.2-0.1~deb13u1.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAmnxt+sACgkQiNJCh6LY
mLFt1Q//ZxX1dSbqNvFcYtSBNn36NhG+st5ciGjSWm3WcBjmR12Ep2Gl9NCXBlQL
wBB7HwDV9xd4JMLE5r1ZjVu0QnVpVfm5W8ABu+qUSN2QXGxNjBtZvBqfoeauh6G0
VMJ+lX9c2HxZ7IyicRfZodIqSnH7WtX+yk5rMjEphC7FWcfNuVgljYkB9goQPx3U
PqCwyHufR1GEu2ca+b72Plt5aXc/vhJpy7u0LfllTgA6EWC6MHd/CUmDpCRgrqrx
DvrQaYET9ZJZpA92k0XtRf2Jfwf7UPpDZnYm/XeshZ4fHmL6wSGUD0g+kIo76EpK
V0EEq0r0qMfLTQVZyG3rLqVTc0HGKRpm6WmZ7v3FNEwtnng0tZEkx9jbpWp4KA3G
efF4NK0kdOZJ45RhI7eWPNQKFqIHtvncyRDAXqXDrT5KX349cZBLF/nGWyCJ5MXL
E1AfC2dj5SmDqoyGH1BboqyHGHyi+50MHiDiDjAX/YF3sd4OndQW6l2XO7Lvty69
Kos3kVLHu/KmD5L9Zy7ST8sNqEXf1RWNO7odh502eU+HnjaVoyRDZzBo9LSQkVZu
HgOROD52F7/yrqpt2a2Ybv6aUPYA9+J2MvOjLHW0qhKlZb16pQt2qVXkZSj7eP2j
rwr28zofEw7zfZdNeS9Fa4vTGuNIM7xY92TzsL/wtLqcT/UCmjs=
=EZRf
-----END PGP SIGNATURE-----