-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 25 Jun 2026 00:53:11 +0000 Source: incus Architecture: source Version: 6.0.4-2+deb13u8 Distribution: trixie-security Urgency: high Maintainer: Debian Go Packaging Team Changed-By: Mathias Gibbens Changes: incus (6.0.4-2+deb13u8) trixie-security; urgency=high . * Cherry-pick fixes for the following security issues: - CVE-2026-48749 / GHSA-2q3f-q5pq-g8wv - CVE-2026-48750 / GHSA-73hr-m85f-64v9 - CVE-2026-48751 / GHSA-48q5-w887-33wv - CVE-2026-48752 / GHSA-vxp5-584q-c479 - CVE-2026-48755 / GHSA-v6mj-8pf4-hhw4 - CVE-2026-48756 / GHSA-xhqx-mgh3-3h7q - CVE-2026-48769 / GHSA-f6m5-xw2g-xc4x - CVE-2026-55621 / GHSA-64f3-v33m-w89f - CVE-2026-55622 / GHSA-c9f5-j9c3-mhrg Checksums-Sha1: db13a3a9f3034a8e2c21076661bb24bc7207e628 4618 incus_6.0.4-2+deb13u8.dsc 798b1f2deb22200c5459705c41512e1fe0a8ee31 4425200 incus_6.0.4.orig.tar.gz 7d6074cf45d4485b877a5966177673051b506cc4 46248 incus_6.0.4-2+deb13u8.debian.tar.xz 7cf6881885fe651bd0a82f523d0c10401f85a079 20642 incus_6.0.4-2+deb13u8_amd64.buildinfo Checksums-Sha256: 71791449b6cb1eb0784f5cb00f025f2727b7ad1f4bce8488945559e4730df4df 4618 incus_6.0.4-2+deb13u8.dsc 3cf6d2602763f6744bf53aad3eb28e6f339b9e08b6a3076d8dd12ed1e780450f 4425200 incus_6.0.4.orig.tar.gz c2a5405ed35c476e8b4ce1a806e1eaa3ab6231d6f4fa674719e6dbc0e0573cd1 46248 incus_6.0.4-2+deb13u8.debian.tar.xz c065e6dcfe93b0ce3cc31e6708ca9411003b1427bdb87600ee541d91ea33cdeb 20642 incus_6.0.4-2+deb13u8_amd64.buildinfo Files: e4a1f5c347b98e0e4ecfb9c480951056 4618 admin optional incus_6.0.4-2+deb13u8.dsc cb86c64ce0be2b56050a77c7350fa8f9 4425200 admin optional incus_6.0.4.orig.tar.gz c762e1582faec9374934c2900d6b28b9 46248 admin optional incus_6.0.4-2+deb13u8.debian.tar.xz 02dd59ade4ce00b8e5d41166fae5c02a 20642 admin optional incus_6.0.4-2+deb13u8_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQJGBAEBCgAwFiEE1Bp60H32xfynSJ8cKe7i1uz0QvkFAmo+a+oSHGdpYm1hdEBk ZWJpYW4ub3JnAAoJECnu4tbs9EL5WW0QAKa8eRCisOIbczJevcAWFmbGqo5U3So2 WH819fNNpGFtHuSPwmdzoLwyrqUM0dMiKZEKx94I0c+IZ6MxyWQyhJZ248iI6D0n 48dN1gYTVd+EPGDj4906rW7z558VwsGZK4WZTnwF7Y+XVHDvs/Nt0IzpYc+fjNI3 8+osIrPPpNECTxg7NfQcRKQs/C6NPkOQVPOJtw9RktPs8RAn7DGq0fu+5cH2P1oK 0t/5bGNGOtm2jI/r/Q8hQnFqHWiFU+7vA1PFGLrh9nBlJQ+7nrEKiAgrw6K8qPH1 9zQ5ehcn2Gko2gzSR6EfaPfPsWEtuZqc0JonBVBGThQSvQgeOR26pg4P+oFM5jzx V4DkFzVdry/xC/faT/jaiYhDyVCstQp3ngzQ+t4sR5+cBbxBYhxspnZnXaQulb8q 4w+v23WbY3rj5ehuzMq/hUgeE5JoCiHSS/Emk0ZI14vnQYMv30qn3wnKwn+M7oQv jiCG1oRj9zjvniy94HDOWgm0Ncv3E8E3G7D4mFcbsIYfomchZml26phvIKSrx5+S 9LSwQP1g1iTJdVyC9bNlQ/VdtdLrKoi2TVW+lh02cY/cAPaY9RkaRfvYbCC5hMI6 6m4ghhGOqbOU1G/aaOI/2AIFcHFxBPqaHrKYTezA6c26G8S0t1PE8PRbsjOUBg5k ZN5x6tBrGuLd =1X0C -----END PGP SIGNATURE-----