-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 22 Mar 2026 23:52:49 +0100
Source: pymupdf
Binary: python3-pymupdf python3-pymupdf-dbgsym
Architecture: armhf
Version: 1.25.4+ds1-3+deb13u1
Distribution: trixie
Urgency: medium
Maintainer: arm Build Daemon (arm-ubc-02) <buildd_arm64-arm-ubc-02@buildd.debian.org>
Changed-By: Bastian Germann <bage@debian.org>
Description:
 python3-pymupdf - Python binding for MuPDF
Changes:
 pymupdf (1.25.4+ds1-3+deb13u1) trixie; urgency=medium
 .
   * Backport upstream fix for CVE-2026-3029:
     Improved safety of `pymupdf embed-extract`. This now refuses to write to
     an existing file or outside current directory, unless `-output` or new flag
     `-unsafe` is specified.
Checksums-Sha1:
 36a4361ab7e3ca10f40377afd45bade5e18170d6 7614 pymupdf_1.25.4+ds1-3+deb13u1_armhf-buildd.buildinfo
 3d7b355541a7efce4e0099c770ca0f56f0ef7813 395696 python3-pymupdf-dbgsym_1.25.4+ds1-3+deb13u1_armhf.deb
 7d36b5b7da5a52aab1d47a1be0b1fb51aa9ba01d 324468 python3-pymupdf_1.25.4+ds1-3+deb13u1_armhf.deb
Checksums-Sha256:
 4b555f690a5bb3169438f6ed4c27458b041a8ad1416ebb6acc1dafc316fc3cfb 7614 pymupdf_1.25.4+ds1-3+deb13u1_armhf-buildd.buildinfo
 8cc6161dbffb9fd6d40e05e7642f282f4405b607e2dbe37009d6fd0f1d1baea6 395696 python3-pymupdf-dbgsym_1.25.4+ds1-3+deb13u1_armhf.deb
 91814b84b3334ad0d8bb86929fa350ebc4e878ab03b2db1b1779b79b91763287 324468 python3-pymupdf_1.25.4+ds1-3+deb13u1_armhf.deb
Files:
 c22c31ff3148417a7db2b6bd72d709c7 7614 python optional pymupdf_1.25.4+ds1-3+deb13u1_armhf-buildd.buildinfo
 572ace0f1e87345ade627b3bd4179f4f 395696 debug optional python3-pymupdf-dbgsym_1.25.4+ds1-3+deb13u1_armhf.deb
 2276616b49e33895935d19701faefd8b 324468 python optional python3-pymupdf_1.25.4+ds1-3+deb13u1_armhf.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEJkN0BnKzGWWW6tS+G5VHrWJmwgcFAmnQHqwACgkQG5VHrWJm
wgeyVxAAn2EQUzSsy6dz8PSAwTo+CIx7C0btVF7ub1EyOFJNaw9i/Wnc5OxHd1Sy
bnbysSg6u5V5jmqhpE5NJCbT9hkvmBx5b1D1Z589cMsIZv3xsd1DuELcnZAuGrhE
jL3hQb1SUGdnAo5cSSWCx1mYX7nbMd51Rjxh2S9orYP0kToO84mO1E1mLVK1T4Bt
ZQTV/Tc0WmMNwIL/UNctoi+9M1dqDyUCU9iisSfy6ZuxVTsUNV3eCZB0snvupjHF
ewCnbucHhlaoZdaALB4eiWtA3sDOD4OnXefYvAM9wpTyFlxdGfODLjv4opEX3tgE
JFmfyRBdQJL9hcKMnutzWPUUvUG+vF+NSniBpq1TJZzw0Z4QqGip3CHt/SzCm9Y2
0wr9JLgtQcyghE4hCr0HTsnLzqKqZ2DW5XaloDoAarpwMQ8a1df376HcGG9p5ZRI
8I8o7aN8dh9jTJN4bitzHhkSWkfprrrb11/qRApKR3RDxcalHY3pyR2b2w44McnI
xxBl8NQccdTg8UF50Tz/09ZXrzdxaAk3qa8z3Jaun2xqiQgKZqpzMBPUT1zcI/P+
I4e3I/Otg8QkFlFLbP8U3Lth4pS0tcZCaUYMA+Q9ITCF3e7bLgk5FoPjXpjYOAxh
VzSHHeFcLINJhmf04MRyCME5ykvp75210uKoq3Sqc4iwEjyGSq8=
=bIFK
-----END PGP SIGNATURE-----