-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sat, 27 Jun 2026 17:07:59 +0000 Source: lxd Binary: golang-github-canonical-lxd-dev Architecture: all Version: 5.0.2+git20231211.1364ae4-9+deb13u7 Distribution: trixie-security Urgency: high Maintainer: all Build Daemon (x86-grnet-02) Changed-By: Mathias Gibbens Description: golang-github-canonical-lxd-dev - Powerful system container and virtual machine manager - library Changes: lxd (5.0.2+git20231211.1364ae4-9+deb13u7) trixie-security; urgency=high . * Cherry-pick fixes for the following security issues: - CVE-2026-9639 / GHSA-j93m-3j9p-m5m8 - CVE-2026-9640 / GHSA-ppq7-4492-5552 - CVE-2026-48749 / GHSA-vghh-5rfx-xhq8 - CVE-2026-48750 / GHSA-9j25-mm2h-2f76 - CVE-2026-48751 / GHSA-47w9-6r3f-938g - CVE-2026-48752 / GHSA-jpf8-86f3-wp38 - CVE-2026-48755 / GHSA-fmc8-p6q7-75cc - CVE-2026-48769 / GHSA-pjff-c2wc-f6jm - CVE-2026-55621 / GHSA-7mr3-28h5-m5vx - CVE-2026-55622 / GHSA-qx75-2p3r-pwm5 Checksums-Sha1: 657e1add2238178bdd9cc2d756311cb9d0004cf8 1393620 golang-github-canonical-lxd-dev_5.0.2+git20231211.1364ae4-9+deb13u7_all.deb 7cd2ee6a20f3a32dd69e9eb8e1c4b933d7ee0d0c 21035 lxd_5.0.2+git20231211.1364ae4-9+deb13u7_all-buildd.buildinfo Checksums-Sha256: b2f56232257f6ee390a1782e3860d70db2a5c64d6cd98b80052763b32b4f701f 1393620 golang-github-canonical-lxd-dev_5.0.2+git20231211.1364ae4-9+deb13u7_all.deb ddc632788e23d90a0c70e340d99e00d45f312616cfe52065fa6c191e3eb2cff1 21035 lxd_5.0.2+git20231211.1364ae4-9+deb13u7_all-buildd.buildinfo Files: ebb760cbb9519747c7adaa5f300dc12e 1393620 golang optional golang-github-canonical-lxd-dev_5.0.2+git20231211.1364ae4-9+deb13u7_all.deb 43ccea6e6a14fc08ffd444d41d213a4a 21035 admin optional lxd_5.0.2+git20231211.1364ae4-9+deb13u7_all-buildd.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE81O8NL+3kjBAqEvLmgPNRvTf/zcFAmpAdUEACgkQmgPNRvTf /zd30BAAm/b6qeyeHbVY72mocFwIOrdSGIyR0Q5jo65I6pncUhaLkKFtRsIvMr9m PtNg5ZqGNTX28mBKEcLyC2tCW3tbCbq7GLE0cac+I//qvTZfzDwmBD6ENL/H01Pn k1Tr7qBuS0xZyvwwIiU7NWGQTc9YhL8AYrpHnmf2B/hvQCzpl3Xww+m0HjIrsdYt a0txwarxHTN2DprcViPmp5ZK+4HKaxep2CZ5v0xjEd4UGcwd1OMx3NhZnxFJVs1W ec/ciSQuwzbisous5OaIYK4Nh+UM+sX7bLoocy4xkn6919412HYgHZJGWRqz6P84 Hl8Iz1THcUqJue7IanEN63cgi+/vSRdHaBIXwGw2dEUjHowr1d0JROqlDY3AHfEe MlqTcbYZXLEo6WDvASTewpFNoQlisgvS+mW8fpXprQGT9jUnVo9URcK4TxZB8u2R l3WvpbH28hrkWBH9OPQJDmgXCfdIzWfA76T03wqz3K38G70hGCXGJf2eNzLKmysc TKoRkQ4RoP08yDAEk1Lrf+TKOZrbQkAvX5m9ZKGrebt4wjVurhyE1mwqQb3vkjbi AOWGlmHSQgVuQW2D1XqYBZgzukg16QWX6rVe5BQA0JxrTy4gNe94Rj/r7DKNoPh0 07NjRY9M+PnVp29dDgeum+OoA3WMoTZHWYZpE/KL4ZSeZf+ZayQ= =zSzf -----END PGP SIGNATURE-----