-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 25 Jun 2026 00:53:11 +0000
Source: incus
Binary: golang-github-lxc-incus-dev
Architecture: all
Version: 6.0.4-2+deb13u8
Distribution: trixie-security
Urgency: high
Maintainer: all Build Daemon (x86-grnet-02) <buildd_all-x86-grnet-02@buildd.debian.org>
Changed-By: Mathias Gibbens <gibmat@debian.org>
Description:
 golang-github-lxc-incus-dev - Powerful system container and virtual machine manager - library
Changes:
 incus (6.0.4-2+deb13u8) trixie-security; urgency=high
 .
   * Cherry-pick fixes for the following security issues:
     - CVE-2026-48749 / GHSA-2q3f-q5pq-g8wv
     - CVE-2026-48750 / GHSA-73hr-m85f-64v9
     - CVE-2026-48751 / GHSA-48q5-w887-33wv
     - CVE-2026-48752 / GHSA-vxp5-584q-c479
     - CVE-2026-48755 / GHSA-v6mj-8pf4-hhw4
     - CVE-2026-48756 / GHSA-xhqx-mgh3-3h7q
     - CVE-2026-48769 / GHSA-f6m5-xw2g-xc4x
     - CVE-2026-55621 / GHSA-64f3-v33m-w89f
     - CVE-2026-55622 / GHSA-c9f5-j9c3-mhrg
Checksums-Sha1:
 790f295043b9bc9c9b39eaba2566eb8a7eac9fb1 1592200 golang-github-lxc-incus-dev_6.0.4-2+deb13u8_all.deb
 d73ac919f83a6024a1e9866036ea95a7dace8efd 17735 incus_6.0.4-2+deb13u8_all-buildd.buildinfo
Checksums-Sha256:
 bd956844608bc148285922883413e8a35f437418b1e12b99fac42bfa3b21b4b9 1592200 golang-github-lxc-incus-dev_6.0.4-2+deb13u8_all.deb
 b3026e16784a30b7b132e8fffc32ae5030a371a1af531b5b556a58cbba884590 17735 incus_6.0.4-2+deb13u8_all-buildd.buildinfo
Files:
 148200a8c1dde12e3f11f3069f87b7c1 1592200 golang optional golang-github-lxc-incus-dev_6.0.4-2+deb13u8_all.deb
 8dd1fda0675c175332e3474addc142bc 17735 admin optional incus_6.0.4-2+deb13u8_all-buildd.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE81O8NL+3kjBAqEvLmgPNRvTf/zcFAmo+cVoACgkQmgPNRvTf
/zdw9Q//RKQWQZmyKmE03Soh2EUVY+ao+vrmtLy6ni0Hm2leic23l4bTHsOrnlWH
JGiYs55xvTeUYsmalkgW/QrGK8AK99ZHcktD/4YwB5tDG+JLIM2eTBByXbFK9eG5
CpXkKQ38CspMtLyEhejIMxOk2Midp4q7GN6ZWgP2HCHjzfniB+OAiKZujoRCQDzp
LT4Jd3sIl6+D6uBg0EJT9WTqyd3WfJ7rs+GS3HH27yNNd0qLr/h4TwtwMRcoQNv9
YaA/R3vsTZEsdyEnnSX095+qiyStf4k6C53qpellp053Ic53GXxcY32uiSE5fr/9
NuQCzoHv4ZqkL86NHoZK763QN3YMSS12RS7idMVXQ6narqIn08wSBq8oe+FB1MlV
1e9xkPaSbt/Md5nCcK2FzjdDypDIqtiFLE8wLK1LJYLxB+ItWej6bQgtu+ptk7Jm
EWq37Vv6epxVYwDT5ey3oJncv/YYLnWHxr9oncOZJmjSpytKF4lNFOdeF/4KJLOz
T3xmjkZ9nS2ylDQFLiPGIVpA9JHtHknwBY7JUTh+WsiGvUBAmhkqVYh0+akrMJab
qDx0ASLu8q3qyA54yK81pHwB8kZqEk8uMuceGChpHzOAer7G4xASmu2wttozR//d
my9IfBq3yxGEtJu8aqNK5ddm5VLEj6ZYzopL7D6Cgx74GLk9Ulk=
=QO2/
-----END PGP SIGNATURE-----
