-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 14 Apr 2026 18:30:26 +0000 Source: lxd Architecture: source Version: 5.0.2+git20231211.1364ae4-9+deb13u5 Distribution: trixie-security Urgency: high Maintainer: Debian Go Packaging Team Changed-By: Mathias Gibbens Changes: lxd (5.0.2+git20231211.1364ae4-9+deb13u5) trixie-security; urgency=high . * Cherry-pick fixes for the following security issues: - CVE-2026-34177 / GHSA-fm2x-c5qw-4h6f - CVE-2026-34178 / GHSA-q96j-3fmm-7fv4 - CVE-2026-34179 / GHSA-c3h3-89qf-jqm5 Checksums-Sha1: bb5e3107bc8b2e3de749c412ad4b3ca65d138060 4428 lxd_5.0.2+git20231211.1364ae4-9+deb13u5.dsc 5f6cc2c4538a8b3c3df86d8a472840fad452da2e 3523275 lxd_5.0.2+git20231211.1364ae4.orig.tar.gz a17e52ed0cbf7053a76eccf7fddc3176bf537108 46956 lxd_5.0.2+git20231211.1364ae4-9+deb13u5.debian.tar.xz 41ca9f5b0b22eadc99cc3fe11d8bb52771595cea 24721 lxd_5.0.2+git20231211.1364ae4-9+deb13u5_amd64.buildinfo Checksums-Sha256: fa10d119d0d1ae368054f714e42f14958a9bdaa2a1339d0d109dda8880bbedee 4428 lxd_5.0.2+git20231211.1364ae4-9+deb13u5.dsc e03a147d53feed1f7c94217cac9f79a64747e4eb11a04a934c2b1d24b26ffc1e 3523275 lxd_5.0.2+git20231211.1364ae4.orig.tar.gz 9cdfd920144a3fc4ca2c7cd2f5c713bd8d73ef1cdc6277372275b9ce5d9b467b 46956 lxd_5.0.2+git20231211.1364ae4-9+deb13u5.debian.tar.xz 19972e39bbf2581892d468990e5922b3890cbabdb013023cf0958d0731ecdd1c 24721 lxd_5.0.2+git20231211.1364ae4-9+deb13u5_amd64.buildinfo Files: 2909b9c53825139d8566a0ad0bcc20ce 4428 admin optional lxd_5.0.2+git20231211.1364ae4-9+deb13u5.dsc be1a564642b64467690af9739fec9e33 3523275 admin optional lxd_5.0.2+git20231211.1364ae4.orig.tar.gz 74e2b2bc355664f6afde80cfa019afd0 46956 admin optional lxd_5.0.2+git20231211.1364ae4-9+deb13u5.debian.tar.xz 436f6ddca5c6fa3d6a3689d983b8f47c 24721 admin optional lxd_5.0.2+git20231211.1364ae4-9+deb13u5_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQJGBAEBCgAwFiEE1Bp60H32xfynSJ8cKe7i1uz0QvkFAmneytoSHGdpYm1hdEBk ZWJpYW4ub3JnAAoJECnu4tbs9EL5lwcP/ibh0R1e2tsLO67haz7QLzYEBZC8Qc02 XTqyPV4ILbWcIhwg2g3EcCYfO1kqRHqUqkbP1OX96Ia6Pg06PuzVg6sVwcjITlHY vxcavmtcBRQNiQlBHdeGIl9frCJF13lEPLVZsWZOzTiGMBVTYJnTadmjy+p7YRh+ tceKT7qbDgcJK/htxTbuGh530ECXLyOgnpvRXsdlO2IZdJi2jeUw+kcrR+5TJUbL SoIEMLR3c4j2kVPvTLZ/qKtQlgjtumvn+RMqEpWn3PzRZ4Pdubrjgba2h3MNXdRI rryLGx6+3VFYgRvF9BH8m2L7dceGfZJNBSXGtq/iSNj2N7ZDPTRR/tn3YRsaF73r HC0xBrIm/x33baOED6ROmE40wRo1jJPTxHqhRfdo4PMrYg5SC3nSCzlfxjX21+jm EB3Qfakd6jRBq8UU5RqL7bTb+ZeJ6OIXE57DNrh7YcxydroUxI9BU4qfMqbIx2NG eycT4PEp+RKloJ99nU2bgUzioSO9r8CzovwCc7lXDUwzfn6qXpueF83+BJAJgpTF pyNH1bWgatcwUuF7O70wjGdX5+Q7AVuExpxpzJMftch7t+K/lqXhRo2MQk5wotq+ HuD1KHrTcFs8i4+A2qIJiyPDHTX+Ig0Xf/y9lPhRHyO6LrmVBeW1cwEu2d6QaILO oHlAdbLBy92R =64V+ -----END PGP SIGNATURE-----