Version in base suite: 0.4.42-2 Base version: gegl_0.4.42-2 Target version: gegl_0.4.42-2+deb12u1 Base file: /srv/ftp-master.debian.org/ftp/pool/main/g/gegl/gegl_0.4.42-2.dsc Target file: /srv/ftp-master.debian.org/policy/pool/main/g/gegl/gegl_0.4.42-2+deb12u1.dsc changelog | 6 ++++++ patches/CVE-2025-10921.patch | 30 ++++++++++++++++++++++++++++++ patches/series | 1 + 3 files changed, 37 insertions(+) gpgv: Signature made Sun Sep 28 15:02:20 2025 UTC gpgv: using RSA key B6E62F3D12AC38495C0DA90510C293B6C37C4E36 gpgv: Note: signatures using the SHA1 algorithm are rejected gpgv: Can't check signature: Bad public key dpkg-source: warning: cannot verify inline signature for /srv/release.debian.org/tmp/tmp3qze9yws/gegl_0.4.42-2+deb12u1.dsc: no acceptable signature found diff -Nru gegl-0.4.42/debian/changelog gegl-0.4.42/debian/changelog --- gegl-0.4.42/debian/changelog 2023-02-24 12:52:59.000000000 +0000 +++ gegl-0.4.42/debian/changelog 2025-09-28 14:50:01.000000000 +0000 @@ -1,3 +1,9 @@ +gegl (1:0.4.42-2+deb12u1) bookworm-security; urgency=medium + + * CVE-2025-10921 (Closes: #1116470) + + -- Moritz Mühlenhoff Sun, 28 Sep 2025 16:50:01 +0200 + gegl (1:0.4.42-2) unstable; urgency=medium * Release to unstable diff -Nru gegl-0.4.42/debian/patches/CVE-2025-10921.patch gegl-0.4.42/debian/patches/CVE-2025-10921.patch --- gegl-0.4.42/debian/patches/CVE-2025-10921.patch 1970-01-01 00:00:00.000000000 +0000 +++ gegl-0.4.42/debian/patches/CVE-2025-10921.patch 2025-09-28 14:50:01.000000000 +0000 @@ -0,0 +1,30 @@ +From 0e68b7471dabf2800d780819c19bd5e6462f565f Mon Sep 17 00:00:00 2001 +From: Jacob Boerema +Date: Thu, 4 Sep 2025 13:36:56 -0400 +Subject: [PATCH] rgbe: fix #430 zdi-can-27803 + +--- gegl-0.4.42.orig/libs/rgbe/rgbe.c ++++ gegl-0.4.42/libs/rgbe/rgbe.c +@@ -624,6 +624,7 @@ rgbe_read_new_rle (const rgbe_file *file + { + const guint8 *data; + guint16 linesize; ++ guint32 max_size; + guint i; + guint component; + gfloat *pixoffset[RGBE_NUM_RGBE] = +@@ -646,6 +647,14 @@ rgbe_read_new_rle (const rgbe_file *file + data = (guint8 *)g_mapped_file_get_contents (file->file) + *cursor; + g_return_val_if_fail (data[OFFSET_R] == 2 && data[OFFSET_G] == 2, FALSE); + linesize = (data[OFFSET_B] << 8) | data[OFFSET_E]; ++ max_size = file->header.x_axis.size * file->header.y_axis.size * RGBE_NUM_RGBE; ++ ++ if (RGBE_NUM_RGBE * linesize > max_size) ++ { ++ g_warning ("Invalid linesize %u is larger than maximum %u\n", ++ RGBE_NUM_RGBE * linesize, max_size); ++ return FALSE; ++ } + + data += RGBE_NUM_RGBE; + diff -Nru gegl-0.4.42/debian/patches/series gegl-0.4.42/debian/patches/series --- gegl-0.4.42/debian/patches/series 2023-02-24 12:52:59.000000000 +0000 +++ gegl-0.4.42/debian/patches/series 2025-09-28 14:50:01.000000000 +0000 @@ -0,0 +1 @@ +CVE-2025-10921.patch