-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 17 Jun 2026 12:51:14 +0200
Source: libvncserver
Architecture: source
Version: 0.9.14+dfsg-1+deb12u2
Distribution: bookworm
Urgency: medium
Maintainer: Debian Remote Maintainers <debian-remote@lists.debian.org>
Changed-By: Sven Geuer <sge@debian.org>
Closes: 1138174 1138253
Changes:
 libvncserver (0.9.14+dfsg-1+deb12u2) bookworm; urgency=medium
 .
   * Team upload.
   * debian/patches:
     + CVE-2026-44988: Add 0003_CVE-2026-44988.patch fixing Tight gradient
       decoding overflow (Closes: #1138174).
     + CVE-2026-50538: Add 0004_CVE-2026-50538.patch fixing attacker-controlled
       heap out-of-bounds write (Closes: #1138253).
Checksums-Sha1:
 af3707ca73e65bf8200af68fdd9f009a31b854a7 2348 libvncserver_0.9.14+dfsg-1+deb12u2.dsc
 6b0bd3dad38e456303b9ff8051515c9dc820968a 17700 libvncserver_0.9.14+dfsg-1+deb12u2.debian.tar.xz
 4b2d9d927185e12d90078857f6bca6402231714a 8886 libvncserver_0.9.14+dfsg-1+deb12u2_amd64.buildinfo
Checksums-Sha256:
 23fd1d7707943657e7a8b9da616ba93d24c96967c357e6b2d5570806f5b15008 2348 libvncserver_0.9.14+dfsg-1+deb12u2.dsc
 ca60b388eb440585581985edc3e6b8487404345c292d41099b32fb277a3eea1e 17700 libvncserver_0.9.14+dfsg-1+deb12u2.debian.tar.xz
 4bf871f07bcc1b368043dd799d073e2aca758d88c4db5dc35b3565d6b92cddcb 8886 libvncserver_0.9.14+dfsg-1+deb12u2_amd64.buildinfo
Files:
 ff977c7baaed336a743423cc184aa61f 2348 libs optional libvncserver_0.9.14+dfsg-1+deb12u2.dsc
 c5e58458d51ad1f72a92a394d9f70173 17700 libs optional libvncserver_0.9.14+dfsg-1+deb12u2.debian.tar.xz
 66696574981bf82555dc84c6fae017c0 8886 libs optional libvncserver_0.9.14+dfsg-1+deb12u2_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJDBAEBCgAtFiEEPfXoqkP8n9/QhvGVrfUO2vit1YUFAmpGGgoPHHNnZUBkZWJp
YW4ub3JnAAoJEK31Dtr4rdWFbr0P/2XQCFnH3OcN274wIfbpheHrbtH3GI+f+8PS
wRGh4OLRptWnnnxYZTvMRmO9YO2LOoBVqaJZ/NLonLFojTKVg9liG6sHfIDbJx7c
MX+uFbvZ8V9vL8d0vyWYo3IbcuamVaHZk2P0mELiXJzVos7Elyh7x14JAkELrJOh
p+MHifqVs72dYf8RZ0IpNzOIS8rIJL6wOrGqkeVLo+3lHun1WUB63ihhp+ZDe0Wq
qX6NdVohOQq7l+fBSN1NFlWh0NcO0AinEK8HVeLELSeJR9qureneBWxNWBHF5JC9
xzu2VLiUHmK4XF8CmttXeGWfjcw56NwiD0em80Ox6vu7eQ04qWmx9zWoNgT3wCP4
nJqPjhAS7OhCKQpMLCiVovoXqq46pv2NhYR172K1buWvabYmrWReNeYmncz0cwtk
/mZJeJ661rtvSGgLuGBfWDcMc0dOzTCcjpblvcGuwZgcrUFyRYIWBhzgqf+2TBne
mfBKKhsMW/LlzkSq7Tn9npB2LikUQdL3XS2VRwoW4Q3w3kPrcqgFLHZnM1Rqk9Dy
YnKYFljTtgkTtzXQvbaoj3s9wHIDR1HuKVoxT8gyjGLx/OxnM6b/LdGk3PtTEM5f
XhnBW9p7kEN08/mt3uikazMKhFPKkqKHOJaG8LTtL1tAkhiB8KJm6cq8BMYHelh0
aJkzs+AN
=uxjs
-----END PGP SIGNATURE-----
