-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 01 May 2026 23:28:54 +0000
Source: lxd
Architecture: source
Version: 5.0.2-5+deb12u6
Distribution: bookworm-security
Urgency: high
Maintainer: Debian Go Packaging Team <team+pkg-go@tracker.debian.org>
Changed-By: Mathias Gibbens <gibmat@debian.org>
Changes:
 lxd (5.0.2-5+deb12u6) bookworm-security; urgency=high
 .
   * Cherry-pick fixes for the following security issues (from Incus):
     - CVE-2026-40197 / GHSA-r7w7-mmxr-47r9
     - CVE-2026-40251 / GHSA-4m88-wxj4-9qj6
     - CVE-2026-41648 / GHSA-67wx-r9xr-x75x
     - CVE-2026-41684 / GHSA-x5r6-jr56-89pv
     - CVE-2026-41685 / GHSA-98vh-x9cx-9cfp
Checksums-Sha1:
 737f49a4beaccc2893ef87e473471c1225c884a8 4006 lxd_5.0.2-5+deb12u6.dsc
 79dc1d52d6e2975914114c6927807b6556161cba 3280313 lxd_5.0.2.orig.tar.gz
 89434bb4502876a327839165e4fc2f169f1140b1 35668 lxd_5.0.2-5+deb12u6.debian.tar.xz
 aa8ba56abfd3a43cf233873f64a8f54ba37e9fde 22759 lxd_5.0.2-5+deb12u6_amd64.buildinfo
Checksums-Sha256:
 8628327d1e40de5e4c8f1f0e7ab55f19b586523a4a56df786b2c23b2d8cd381b 4006 lxd_5.0.2-5+deb12u6.dsc
 7e59ba843b43b6863b7b88076b1c15b699e7583f8ee575fe35f26ea1b7ce83a9 3280313 lxd_5.0.2.orig.tar.gz
 09f66e1881d619d46271cf5c3c64401e3cbbbc4a1b652ec3b73bc406a5c01caf 35668 lxd_5.0.2-5+deb12u6.debian.tar.xz
 65570a04e999f48fb99d69a92d2fdffba668454d6cf26fd86c144880045e5fb3 22759 lxd_5.0.2-5+deb12u6_amd64.buildinfo
Files:
 18f7ea4dc5ebb90502f90476cfcf0425 4006 admin optional lxd_5.0.2-5+deb12u6.dsc
 35087b78cebc2f758da4c84d036231d6 3280313 admin optional lxd_5.0.2.orig.tar.gz
 4f1be615ed9653319546cb7e012fede5 35668 admin optional lxd_5.0.2-5+deb12u6.debian.tar.xz
 29780dd590c47c36116da9ac5a824795 22759 admin optional lxd_5.0.2-5+deb12u6_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJGBAEBCgAwFiEE1Bp60H32xfynSJ8cKe7i1uz0QvkFAmn3c4wSHGdpYm1hdEBk
ZWJpYW4ub3JnAAoJECnu4tbs9EL5mwIP/RNMOevflLs5AFkpVPB96aueqpi3QMkW
Olp0DY2oo/ncX/M517igO0ohXD8xSBdH1d+U0tjKOmUok2oHF61X+dv3uwe6+I7O
lUUIISU0H1AqzuIH/LDK5dWphkfcKXFAH6Za63/1yypGnQOzHJGo0Q6rQePELOW9
aryOyqjPr7Q+xm3v4kKHzzlhsyqpKrks25G6XMTLFPKJnTlP1CV5c9TLRVRV5heH
xU0sYzpyYMwRzBlr3rtyEFQzXfmFThR2JT44uoz65ue5OCKHBzOAvwtW3O55uF1O
ILT1F0GfpRr+Wzi6oxWazSMEP8b6Y3751+UYHV/ENZK0wf1R3dSH0vXlN2OM50Iu
Y4w0nN/BK8xDjB/e3Ld5yzTNoor6aLuY8TwF07E/Ro+i7/85FJnA3N3+K9dIdVh2
Zwl2PdUgGfTTthbNi2JV5Qzk8TxjEr7Lz/Vr7IsWg2dKbX8+Ck8P58VdN5Ot3dDF
ifRuFS512spYoojHJaiS7oGIKSsrYbVcCtYwg5GgnBeDsK15qwF5glF55Opt5887
pdFleCZimpwzzRSXOmfBZisXlQEDOn/ubJLotsD8S5xxrYO7zyGKFnnYTk/pxrLb
r334fi8ktA9NJBWMftO7NJU8MF+8x6On2BF0fA9go2BZDkO7Ykhskf9Ur9smct21
MnNKiQ5sf1Tn
=Ybc1
-----END PGP SIGNATURE-----