-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 23 May 2025 20:18:19 -0300
Source: yelp-xsl
Architecture: source
Version: 42.1-2+deb12u1
Distribution: bookworm-security
Urgency: medium
Maintainer: Debian GNOME Maintainers <pkg-gnome-maintainers@lists.alioth.debian.org>
Changed-By: Lucas Kanashiro <kanashiro@debian.org>
Changes:
 yelp-xsl (42.1-2+deb12u1) bookworm-security; urgency=medium
 .
   * Non-maintainer upload by the Security Team.
   * Fix CVE-2025-3155.
     The Gnome user help application allows the help document to execute
     arbitrary scripts. This vulnerability allows malicious users to input
     help documents, which may exfiltrate user files to an external
     environment.
     - d/p/CVE-2025-3155.patch
Checksums-Sha1:
 0b879c19d15035e497d3d4e153de18598ef8bc3d 2182 yelp-xsl_42.1-2+deb12u1.dsc
 32eb87340e42b1b6455ba7af92faecd5bebff129 655796 yelp-xsl_42.1.orig.tar.xz
 ca474c843fa3da5b1bdaf8a18219ba3f08e1d43e 6328 yelp-xsl_42.1-2+deb12u1.debian.tar.xz
 7d32c25af685765f0c2e4fa7bd1f3278408e8049 5663 yelp-xsl_42.1-2+deb12u1_source.buildinfo
Checksums-Sha256:
 d109601ee8cff15d391aee1084d756b7becfb5a0c7b8e0f35bbf28c773c1e0cf 2182 yelp-xsl_42.1-2+deb12u1.dsc
 f9c0bff8b6086db8e6f758319ae8fa67b80ee5eb7cd721cf22ae39fad2c4b00b 655796 yelp-xsl_42.1.orig.tar.xz
 d5f2cf6d7de5fb49a1afe298f523f2320887aa877daa98489ff0e5955d64f937 6328 yelp-xsl_42.1-2+deb12u1.debian.tar.xz
 a4b0bbe1f196c377a6b69549c186f78c29c61b5e747e6990e6d7561de30a299f 5663 yelp-xsl_42.1-2+deb12u1_source.buildinfo
Files:
 ccdf89767196823244f8e828c92c107e 2182 gnome optional yelp-xsl_42.1-2+deb12u1.dsc
 77506564363710ca987429a6d187f75f 655796 gnome optional yelp-xsl_42.1.orig.tar.xz
 96fd67670aea56360d40a8803e298af2 6328 gnome optional yelp-xsl_42.1-2+deb12u1.debian.tar.xz
 1c6e4390f2b56a9ac6a72c62e56fe14d 5663 gnome optional yelp-xsl_42.1-2+deb12u1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJJBAEBCgAzFiEEjtbD+LrJ23/BMKhw+COicpiDyXwFAmg0t90VHGthbmFzaGly
b0BkZWJpYW4ub3JnAAoJEPgjonKYg8l8kCkP/3wNgjGNnKXVaQA8WCyreRAjz0wt
qyA48i5XWdcuXHv7DMDfKiQaYBDDZ26gZDpz3KaSst/+LLLWmtntwYFqZL29pP9/
z2OONn1UGbnrs0SgXYZZ41AUUIFXaYIuSGT6LR7GMHmWFymALsW7VJS3NGvAPTm9
x9mL5h8N5nhY5oZ0NxZkp0IBKymRTjISesfPXO+hQiJVgd5tlIhMnlHNeQBHhJ92
1zcNp5pWfg+PQo28CeaY4rN737g7mO9y+n79fL0tS7TaRqsQi5vZrYgeIoVbYSxu
A8LdRQgbgvCC2Bzkl+PGNNWaxO3GIsoh199CEkMIhv7WcJ/Hijq7s69qYKl6DJ7C
bvqyScYq+GqgvWohRVnYDhE0rk1bxamh6oFO0wiwrlkIoeTSc9GKeNFx1CJMARDI
KD2tUBKLbH+UzktLbYycRITJurd3/xE/NsQc0j+LXipyKMC46/+eikNU+/BF/0LQ
tZrouwm2WHPkJLlf2GSMJs+c2txTSxszMxVx85MwDtebRE7cdIXb3GYfn3qdF2Lv
ymrE1BJ4Hxv5DEPXvtvFEWE+y+9c9Ttsa4oQc+kIqZNCtIDpw2hJIS8qF6ZGfks9
Db3+UvIVrwH94hnbLcTfYwbUtMfqIc9yaXUCDj2yjROloI3du8LaP/2c7tpuTwTT
HTfsndH7ByZIjOlf
=kSjH
-----END PGP SIGNATURE-----