-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 27 May 2025 13:43:25 +0200 Source: setuptools Architecture: source Version: 66.1.1-1+deb12u2 Distribution: bookworm Urgency: medium Maintainer: Matthias Klose Changed-By: Lee Garrett Changes: setuptools (66.1.1-1+deb12u2) bookworm; urgency=medium . * Non-maintainer upload by the Debian LTS team. * Fix CVE-2025-47273: - Path traversal in PackageIndex.download leads to Arbitrary File Write Checksums-Sha1: c49362f351275db924db4e66b36bcf1f6d50a656 2915 setuptools_66.1.1-1+deb12u2.dsc b90f10c387408e3f74a3cd77105d1cd4478e4cf7 17020 setuptools_66.1.1-1+deb12u2.debian.tar.xz a0565d8dbddd526998c081a45c6bba485a852410 9696 setuptools_66.1.1-1+deb12u2_amd64.buildinfo Checksums-Sha256: 68a88656f3486fd4af17d56a48c5bc9251557c8915f7a1fc0ec4bcf8f9642247 2915 setuptools_66.1.1-1+deb12u2.dsc 59e7b8bb2f2b956289bffd7831dd694ea2ede3c6aa13d1f3e45c36899bfe7d1a 17020 setuptools_66.1.1-1+deb12u2.debian.tar.xz 2548246d734c57f7209a45432ba629167a123d7ff1d7cedc17ce8de28e4661f1 9696 setuptools_66.1.1-1+deb12u2_amd64.buildinfo Files: dec8fc622470ffde1e511bd731f56ecd 2915 python optional setuptools_66.1.1-1+deb12u2.dsc 03cdd2e5e9405f1a5fb1d24fc110c6ed 17020 python optional setuptools_66.1.1-1+deb12u2.debian.tar.xz 96d4d53449ecf2fcd14c42e9b13d6640 9696 python optional setuptools_66.1.1-1+deb12u2_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQQzBAEBCgAdFiEE2EfGJRCpwv8kLOAs1gShxII+4PgFAmg1twQACgkQ1gShxII+ 4Phyeh//aZxpCNrLsmvMqc4CSU+hP+on+Q7Ekk8AvczTfWwMT/Qtw9nAwUJUnon3 GQKGT3rmpjZ0MsqEEEf3YTzAJwV8Vr5wofmTpcV1lil1cTXjBo4Bfl0JwzwjrpU+ cUmZQVcZ7AyjVQrUC9xTIXgyQHeRUPqsxi+307ssfzDIE93Iyrq/g3QSAAYHRL0k wKtJDvMR3fLk4fomfcuxxfLQLAOK7+7YOrJFB3iOSdXj7knc7Bli6kOIYEBYP58t 4wGy1cdPm69felEu6tyeHadWj4+qfgFGb0dJbDzrFkqQlJ4qH3PziSMSiDQICN5D uf6SPT5HSsIwhXxlnFJmDCQHYfNR4lvEs9yRrkfm6gISbxey/VedVW8fbvzF1QCZ Ka4DDrSu5gS3EVLye2GLNz0bGgU8QfWYP9xKXsH5CQ+aCT4V9XD2eV0yYQJws70K AJ0e3zm3Bcv2RMmnGiEdqikdDz8MTvGVnxSsw/WOLqUN29vN8oNmO82JG7bLVtYg Ge2ECc2whIuG6xuaJj4fKSiWrD8XP4SDrDXg+6BrlumMkt4h7c3BOkZjnKd0QKqa twSReyhCJY8iV8wifFF1tAyP03n+BIG3Peee+EPi8sLsqtBgiJRUKcrwbzkG9oD+ 2gP4FXqD4XsWEFyFRlAPU4SVIABugj7SFBdhKxSsMxC2bK/MjZLGjH3lN10rVZJe APGR7eP+YYS0rUiPu+Q9Ji0Pg/tbTZyo54hrEK7an9wghDVMn4MLvsPg6gz+ZXm3 ROpd9b3r2vVNSZgFmuCCPNglYC5L90D4qDMFVI9cFRGZj9ppUZbCvZeEXcb9p8EB H/D4ueliSg4nLBdwUsKl0tPgQDeTEAvSeOIDjwjUHnMzInkpRQJ2GyuZhTWkshml /zGLezGHXLGcrqkNLRmWrseGksK2/3xvFGVnM6/PGYn4ocWumrSr7iiPX+3R6vy4 TTl/UDggWtqWGedxgMu6LGwohFD4ywm86YqtASGppmxk3KcrLPwsDDiVj+mbJfu9 S2RDEjXJOEGjQzd6OQiJNRARozlNvg8LSafqpHRAvoHMiJv8Q9aWQufOzXNHC+3c 1aj+z/op7CnciEqX7z3NAdqaJFc+1I8S5gXhY9WuvjL67CGA29K6xjdJWItnN463 /lGHCNqZvyHEgWsBXIU7tKY50m7JQMKKfrK/dSL9i9Mc19LYLW1XYkUOxKU5hoCd jIKPMKYXMf5FtFqU5bj62DvwbvHRXggod73Xwe22LTg4JvHJynmBUNWuhoP7a6I8 n7M32t1Dt/IZKBy382ZTaAwrQjNzheJ9RbaffURjRmQJJN/+ojWKNwX7vESWHedj Y2aOiLuwwbovGOx+aoYtO1nkRTr3zA== =ZQJ8 -----END PGP SIGNATURE-----