-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 01 May 2026 01:13:25 +0000
Source: incus
Architecture: source
Version: 6.0.4-2+deb13u7
Distribution: trixie-security
Urgency: high
Maintainer: Debian Go Packaging Team <team+pkg-go@tracker.debian.org>
Changed-By: Mathias Gibbens <gibmat@debian.org>
Changes:
 incus (6.0.4-2+deb13u7) trixie-security; urgency=high
 .
   * Cherry-pick fixes for the following security issues:
     - CVE-2026-40195 / GHSA-gc7j-g665-rxr9
     - CVE-2026-40197 / GHSA-r7w7-mmxr-47r9
     - CVE-2026-40243 / GHSA-c839-4qxr-j4x3
     - CVE-2026-40251 / GHSA-4m88-wxj4-9qj6
     - CVE-2026-41647 / GHSA-fwj8-62r8-8p8m
     - CVE-2026-41648 / GHSA-67wx-r9xr-x75x
     - CVE-2026-41684 / GHSA-x5r6-jr56-89pv
     - CVE-2026-41685 / GHSA-98vh-x9cx-9cfp
Checksums-Sha1:
 8863fd80e50b2dbd1cf96a62d88e12873788d22e 4618 incus_6.0.4-2+deb13u7.dsc
 798b1f2deb22200c5459705c41512e1fe0a8ee31 4425200 incus_6.0.4.orig.tar.gz
 06d7e8913f752dcde43a3e2593fb001690eebeab 42604 incus_6.0.4-2+deb13u7.debian.tar.xz
 cd309d4eda4a2e3825819d0b90ac39c60bad81e9 20598 incus_6.0.4-2+deb13u7_amd64.buildinfo
Checksums-Sha256:
 484eb692a0ef14fbfc12f4faf555cb4b2894ca358af97586155c1e047a594128 4618 incus_6.0.4-2+deb13u7.dsc
 3cf6d2602763f6744bf53aad3eb28e6f339b9e08b6a3076d8dd12ed1e780450f 4425200 incus_6.0.4.orig.tar.gz
 80dbbb0c2767e9c13b784f93325275f865ba4032210f2d9c949d94a940499abe 42604 incus_6.0.4-2+deb13u7.debian.tar.xz
 ceba29159b9e69e531dcd01d2a8a8af3f80836e5c8eff3a05f8771b0391588be 20598 incus_6.0.4-2+deb13u7_amd64.buildinfo
Files:
 98efd77f1e64b52f38ff7353c61c1d12 4618 admin optional incus_6.0.4-2+deb13u7.dsc
 cb86c64ce0be2b56050a77c7350fa8f9 4425200 admin optional incus_6.0.4.orig.tar.gz
 b8e55bc29a1d2152802f46c017212dcb 42604 admin optional incus_6.0.4-2+deb13u7.debian.tar.xz
 69510662c0d152d27654bd6bb0cfa55a 20598 admin optional incus_6.0.4-2+deb13u7_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJGBAEBCgAwFiEE1Bp60H32xfynSJ8cKe7i1uz0QvkFAmn0zBYSHGdpYm1hdEBk
ZWJpYW4ub3JnAAoJECnu4tbs9EL5d14QAJWGcQnCpT4TB5j+/Tk572mvtoA3ebGM
9i/oiUQL0MyCUPTFVLBqv0FSQY5UAthxk8mwLVNrvrQ2Sg/Dj7D+1kOyB1lWcYS5
6KLXmlrSphEvb08+l38Vki/cfAb5xNs7wm3kw3U2zRp5u1MudMrVg759e5CjZbAI
RZ0nkrqSZ/ClP2+NaMgzSWOHbKqpAKQuqJfkOjP0KawL6YfH+/3mTssVKFru6KNp
cEvzEm4Mi93Xg60+4NW5+PPrS+DbFv8ih0tkiEqxZbgBkIwenzGSKLKtCIJIQGT5
jo2h+UaO0n2zJZwL6Prq4dE/+IMnMSOaCV4la6Asl+vPNG7lrRHsrR2w4y6jFZBC
PPx/n17c23HndnLmcz+dWhO7dI/cboXNEVb3oYAWRBjwliEbgxJCJj0oOO2I7BnU
/utOkuHdjyHF3KvyqIHywsxvgSgfCCxms6XBeHw/Q66l+rRafBWeYy/x67pEM3FO
hS0ASePMJPBG/nuB6fp9Do0Soz6+dyqi0oWH4ydkoFRcGuZOEs0CezHVbQyBAG/i
Fi6Zr/UkyYCAbIp/ciwFzJ/v5xTovTXknJTYQFnHmMLx5C3CLgcPtcCismmhlV+i
TXiLFbPvo5z+0J0IE79rOuLBSR3/E2vAaEfSrgViGiK+oSsr2fqrGRlFCKEu9dFd
6m7kAcaG8cXC
=Uz0m
-----END PGP SIGNATURE-----