-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 22 Mar 2026 23:52:49 +0100
Source: pymupdf
Binary: python3-pymupdf python3-pymupdf-dbgsym
Architecture: arm64
Version: 1.25.4+ds1-3+deb13u1
Distribution: trixie
Urgency: medium
Maintainer: arm Build Daemon (arm-conova-04) <buildd_arm64-arm-conova-04@buildd.debian.org>
Changed-By: Bastian Germann <bage@debian.org>
Description:
 python3-pymupdf - Python binding for MuPDF
Changes:
 pymupdf (1.25.4+ds1-3+deb13u1) trixie; urgency=medium
 .
   * Backport upstream fix for CVE-2026-3029:
     Improved safety of `pymupdf embed-extract`. This now refuses to write to
     an existing file or outside current directory, unless `-output` or new flag
     `-unsafe` is specified.
Checksums-Sha1:
 a2664468a7b6e2af71f0d175b1f4e8cfdf11d314 7735 pymupdf_1.25.4+ds1-3+deb13u1_arm64-buildd.buildinfo
 e6cf1493e7bbd8529bf1bb800bb88caa259d0a5c 372160 python3-pymupdf-dbgsym_1.25.4+ds1-3+deb13u1_arm64.deb
 738631fb8b061a52216d24609d395b05cc6f26a8 327904 python3-pymupdf_1.25.4+ds1-3+deb13u1_arm64.deb
Checksums-Sha256:
 d1526990106e411701fb61794516039a3f94cb21afa23ea0d4849a394149fb1f 7735 pymupdf_1.25.4+ds1-3+deb13u1_arm64-buildd.buildinfo
 d2e1e8d6a770bdc856d663ebf9819b2891416cb59d3d1bfdc1109510ef44e688 372160 python3-pymupdf-dbgsym_1.25.4+ds1-3+deb13u1_arm64.deb
 6290da224966a442cc4076e78cfd0e35ef298745861332f22033e9a12dfaf4d1 327904 python3-pymupdf_1.25.4+ds1-3+deb13u1_arm64.deb
Files:
 858315f00b28c6c2ae06edd729616b5d 7735 python optional pymupdf_1.25.4+ds1-3+deb13u1_arm64-buildd.buildinfo
 ade6d50b520ff7ba16bb90378ebd3b64 372160 debug optional python3-pymupdf-dbgsym_1.25.4+ds1-3+deb13u1_arm64.deb
 2e4f2936eb97af28979520fed1b762ab 327904 python optional python3-pymupdf_1.25.4+ds1-3+deb13u1_arm64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEYxmcRLDHP0tCCM0oScpU3dYulLgFAmnQHPIACgkQScpU3dYu
lLjkQw/+P0cot0jYQAtsVNunlLM/1Q/5gDexe4ylEnYVeA3/Ob20xTR3eNHgMeH5
6OsntrfMlGPcRcUoujlfXt12HS5Hk81DQ8vprm5mvocfWhwEjSTm3ouA6ht0+K8K
Wv9A7ZgurTvSZuPRYeYwfvA7gtM89Tb6EnRTuBCs3X+AYDOZlAjUEE8dAG5cPA6Y
+1B+Jf7H/4djrCyfP7DVssc8Rm001sUSNzmSLtop9AWjHAurm0NGT5+lxqeI6b5R
d1wdW7iyr9NX9amV4UhbZGV2ZzSZbaQJWw1YRoOxCPLMVpVXxGYbNNb7nNjIgxSn
jM+SEgdnhpxtbFvj71GdI8fhJDZpF6Q9NB6GOSxQz/vWFL5tfwZwLnl6I692kNjt
tl62ZFLUlRqIE9bnnW+MmdyyYg8Jan8nQXAY+cERwQBPSLCuSfm0PvcH+YB9TDM/
UtW/XEQgmy+HGbKeeOJp1jE2kR/aZjDR1LcdyM9fD4+4t7QhSWXi7Vys2R1uziP7
B+5wPwbFkQBa05KTmOzgKIdK0gEmmmt4AFBCbZBNS2NCt9+t9Yw39hZUNBZkd6Ce
puYLV9cdH0/rKS3IMgBPSLXvyf9C4Yz4cIRne3j2yqGgyVxQtGYzgAsOc0e29HSR
ZnMvVNTnB55z24bsqdpgkxUuGhTk0HZ+WAW8577NcRNf6RCzmFE=
=Jvt7
-----END PGP SIGNATURE-----