libjavascript-minifier-xs-perl_0.16-1_source.changes ACCEPTED into unstable

Debian FTP Masters ftpmaster at ftp-master.debian.org
Mon Jun 29 22:28:14 BST 2026


Thank you for your contribution to Debian.



Accepted:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 29 Jun 2026 22:40:15 +0200
Source: libjavascript-minifier-xs-perl
Architecture: source
Version: 0.16-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Perl Group <pkg-perl-maintainers at lists.alioth.debian.org>
Changed-By: gregor herrmann <gregoa at debian.org>
Changes:
 libjavascript-minifier-xs-perl (0.16-1) unstable; urgency=medium
 .
   [ Debian Janitor ]
   * Update standards version to 4.6.1, no changes needed.
 .
   [ gregor herrmann ]
   * Import upstream version 0.16.
     - Fixes CVE-2026-56017, which caused Perl to SEGFAULT when calling
       minify(). Thanks to CPANSec for raising the issue, and providing a
       prototype fix.
     - Fixes CVE-2026-56018, caused by a memory leak in minify() where each
       tokenized Node's "contents" buffer were not properly freed, resulting in
       a memory leak on every call.
   * Update years of upstream and packaging copyright.
   * Declare compliance with Debian Policy 4.7.4.
   * Remove «Rules-Requires-Root: no», which is the current default.
   * Remove «Priority: optional», which is the current default.
Checksums-Sha1:
 5fff742c96be33c01efdfdbcc3a5855c65ca6424 2544 libjavascript-minifier-xs-perl_0.16-1.dsc
 b1dec74d3c9178577c6d257ed066fc8b585b27b4 27635 libjavascript-minifier-xs-perl_0.16.orig.tar.gz
 d8505b8506029ee6767567fdd0af4b27802bc74d 3100 libjavascript-minifier-xs-perl_0.16-1.debian.tar.xz
Checksums-Sha256:
 f22f146cdae96c1de1e6687b7acb0c7dec76c2e15b780fdc28bf561c827207c7 2544 libjavascript-minifier-xs-perl_0.16-1.dsc
 75034e876939ebc3dd48ce2ebaf06044b06ed57ab3a1863f053f950e984d9954 27635 libjavascript-minifier-xs-perl_0.16.orig.tar.gz
 85c93d65a56c6b8e05ec5e6508c4c54ac1e8045344ce8c6507ac82bbe789614e 3100 libjavascript-minifier-xs-perl_0.16-1.debian.tar.xz
Files:
 0559203b40e2b7c88b95f739d2b9b244 2544 perl optional libjavascript-minifier-xs-perl_0.16-1.dsc
 91fb711dfc5d70cb616b6fc8ca66ff9d 27635 perl optional libjavascript-minifier-xs-perl_0.16.orig.tar.gz
 6d499a8b1514fb22641dfaa6a3135333 3100 perl optional libjavascript-minifier-xs-perl_0.16-1.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEE0eExbpOnYKgQTYX6uzpoAYZJqgYFAmpC2KNfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEQx
RTEzMTZFOTNBNzYwQTgxMDREODVGQUJCM0E2ODAxODY0OUFBMDYACgkQuzpoAYZJ
qgYSAw//dYg2cfI0uQhZa/zoCa7X1r9TwjKAIvTtWvXAUG6dO096FYZVGp+fe8ex
W3xhhGuDNWCb9SmnSjUJ/FGwYs8jux4g3LqWuqyaNksiVkUtCsAwxAQsXPGcCsTb
5t7uY05ZIcCNuI82y5lfGqd/4Tz1lL7/B208YiaCCCfL/diCU+ayR4i9BF1+MHYa
Wq4Mv68iPGqerJ5CFj3hYxYdL2GTExUyLH1hleWfQmnoYxKoJyPKsHlHb6siOrHe
Vv59CkzkBRn1OEeSt4ggXho+wiRggt5e6XQNCbihYdiVP172Icfq6gy0/mIsHwbs
84T7eQQR+0PpOxfRxCStMO0HXPcMequCtzKa6RQ92GqpzjnXeZ2mI9OkecKxVZNB
oxQEcQEe0up/nkAYRUs+P/qRFNPk1vogAO9P4n3aFgYaOZ+4EfxaBirtYxTUH6sX
rgqYk7ukNrYnW+0LJ+8o5GcsYe0uKzhk3sZRVwxhV6womrXeJ5SVlK5YvKiFS/lT
BBbI0G8d/47i48mGTJeGRirTakms4FYIsxyYfHD7Wyymuh6+DtcwPvTt60iL9vBP
n7rYeLGvVDrQUT9Y8MYKezglG3XbMTqxB5OrGCH2Sl1d4fTgbWvv0TeBrSftNpUj
0Xw76c7VkcyHDGemPag4OPD9Ci6YRtJSGFaUxeiDmISFFj8tugo=
=CyL8
-----END PGP SIGNATURE-----

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 228 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-perl-maintainers/attachments/20260629/34527868/attachment.sig>


More information about the pkg-perl-maintainers mailing list