-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 21 Oct 2025 12:54:14 +0200
Source: tryton-sao
Binary: tryton-sao
Architecture: source all
Version: 6.0.28+ds1-2+deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: Debian Tryton Maintainers <team+tryton-team@tracker.debian.org>
Changed-By: Mathias Behrle <mathiasb@m9s.biz>
Description:
 tryton-sao - Tryton application platform - web client
Changes:
 tryton-sao (6.0.28+ds1-2+deb12u1) bookworm-security; urgency=high
 .
   * Add 01_xss_vulnerability_attachments_preview.patch.
     Patch for security issue:
     https://bugs.tryton.org/14290
     https://discuss.tryton.org/t/security-release-for-issue-14290/8895
     The HTML element used to display the document is based on the mimetype.
     And by default a sandboxed iframe is used to isolate the unsafe content from
     the parent context.
Checksums-Sha1:
 fd177ba511f2705c25ade4b24bb9842f215cdae8 2103 tryton-sao_6.0.28+ds1-2+deb12u1.dsc
 f05aed20a788336d0a47ccbc0a23c3b47ba1c44e 1478128 tryton-sao_6.0.28+ds1.orig.tar.xz
 c8e24158aefd65fe5725e77ad25f095ee935a715 34792 tryton-sao_6.0.28+ds1-2+deb12u1.debian.tar.xz
 9f17da0e6bc3e11c2a5d26d13d895a96fa5b7775 1610712 tryton-sao_6.0.28+ds1-2+deb12u1_all.deb
 df1e65565dab4dd9853023f4b5f33e86aaf56483 9166 tryton-sao_6.0.28+ds1-2+deb12u1_amd64.buildinfo
Checksums-Sha256:
 ed818bad2a61976f83d67810be1db7575eaf72430224075ed6a0d7e28836cde7 2103 tryton-sao_6.0.28+ds1-2+deb12u1.dsc
 9015dbf277aab274095a20599783d9919eca16ecd9b6d79d565bb1543ac55a39 1478128 tryton-sao_6.0.28+ds1.orig.tar.xz
 ffdd9b89bf8831b693bd7903c2231c556a045e9a406d9320408bdf0456ecb463 34792 tryton-sao_6.0.28+ds1-2+deb12u1.debian.tar.xz
 f653df78f3a7d2916acb78b87cc3e1f6ce0fc6ea81fb15b69bc0fc4d8aa23368 1610712 tryton-sao_6.0.28+ds1-2+deb12u1_all.deb
 5afb6eb951e064396d13f339034e0ba084566239135a5fc3df77d5eb2d5e0e4b 9166 tryton-sao_6.0.28+ds1-2+deb12u1_amd64.buildinfo
Files:
 140cda469afc90c336be640c209adc39 2103 web optional tryton-sao_6.0.28+ds1-2+deb12u1.dsc
 c410046e8400409f98f8c1ba37cfbc29 1478128 web optional tryton-sao_6.0.28+ds1.orig.tar.xz
 69890f4d30c6bd55af44acf5d6091983 34792 web optional tryton-sao_6.0.28+ds1-2+deb12u1.debian.tar.xz
 36e1a10cec94810e696bcac9772fb808 1610712 web optional tryton-sao_6.0.28+ds1-2+deb12u1_all.deb
 92f8be570c175324a7d14415737eb89f 9166 web optional tryton-sao_6.0.28+ds1-2+deb12u1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----
Comment: Signed by Mathias Behrle

iQJFBAEBCgAvFiEErCl+XEa50LYccXaB1tCb5IQFu/YFAmj3aEoRHG1hdGhpYXNi
QG05cy5iaXoACgkQ1tCb5IQFu/aisA//U3rEGAH3ttNuYVGBOCJOqT1TUyHPvM1j
8eirht9ZptNADp58sVDMwhBwrLj4CyHm4yU2sthL7AdT7MLZj8l8XK6OVYpX2U4G
nCbUJxxJYOr3/BGXYPcJOgdNu4UzVrNWEHnXlAm9X30QkXyrMuYs3aeO0ZAdcq9a
caPjSroobEBu9k3Nmo9DCSZjrU5XGaKW3vuE6DRnyRcHBs1bVrNiwO1YDmdAlbnz
GTmmT4bIZ8FDiQWTIb1utTYcwnGG5SwdfCUCPE2bfs+uiUb0nOp3IEEY9hM3rXbO
EWYDi0sNABIcG9xMfJgySK4x2AMZ3+IQa0IIWpax153cApAw1yXCxXVQXUmE9U4P
hAiHChoHDY0MO/+/Zmqn1R0CcizEMPrvrwUwp+6QAosVuxqOoDWSAfJckLV8jEOc
bpO+bbiWjjtiwRYkMAzlC1lgRhg/FhYQ/aqujHZEdZKKMByPakCFnju0z5EcXz7K
IeNsvVXZqV/gAZiLgwYTp4rAloUThg30oeWU1iq2QKFuecjVa12usqVsLWqIgUWU
kAVv7PR9PQGVy6VvwsU0fZQobACSGUP0yTAMdQ3NiSF9gUjbkpoUR081ZSK2nLoD
WuKednVK3LLGp76KcKrO62cA7WWgb5rQnT4mjAXmpd4vxJTlXKDUHzXLu8nL2CXM
3T62dW3utXI=
=7NFO
-----END PGP SIGNATURE-----