-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 13 Apr 2026 21:38:05 +0200
Source: systemd-boot-efi-amd64-signed
Architecture: source
Version: 257.13+1~deb13u1
Distribution: trixie-proposed-updates
Urgency: high
Maintainer: Debian systemd Maintainers <pkg-systemd-maintainers@lists.alioth.debian.org>
Changed-By: Tobias Deiminger <tobias.deiminger@linutronix.de>
Changes:
 systemd-boot-efi-amd64-signed (257.13+1~deb13u1) trixie; urgency=high
 .
   * Sign EFI binaries from systemd-boot-efi 257.13-1~deb13u1
 .
   [ Luca Boccassi ]
   * preinst: ensure /tmp workaround does not override local unit/fstab
     (Closes: #1116344)
   * preinst: ensure /tmp/ workaround is only attempted on first trixie upgrade
   * Explicitly disable bpf-framework for stage1 builds
 .
   [ Tobias Deiminger ]
   * CVE-2026-40226 (In nspawn in systemd 233 through 259 before 260, an
     escape-to-host act ...)
   * CVE-2026-40225 (In udev in systemd before 260, local root execution can
     occur via mali ...)
   * CVE-2026-29111 (systemd, a system and service manager, (as PID 1) hits an
     assert and f ...)
   * CVE-2026-4105 (A flaw was found in systemd. The systemd-machined service
     contains an  ...)
   * Update upstream source from tag 'upstream/257.13'
     Update to upstream version '257.13'
     with Debian dir 608373bc40f1a965a842a0c61f9d1fb40c3dfc82
Checksums-Sha1:
 260ef0580b13000b66f26e767637f3e294108758 1223 systemd-boot-efi-amd64-signed_257.13+1~deb13u1.dsc
 a4976a37dfa049d30577c395fde437462bcd4a0b 3892 systemd-boot-efi-amd64-signed_257.13+1~deb13u1.tar.xz
Checksums-Sha256:
 4de5cee710ed4dd23c90d94f3fc04f7c9f64e4e845d15ec186fb612fb6c50dc3 1223 systemd-boot-efi-amd64-signed_257.13+1~deb13u1.dsc
 88294ed39ec4080874d3586e0dd21deb6e22e76a61b013e0fe6eddc5f36a7a4c 3892 systemd-boot-efi-amd64-signed_257.13+1~deb13u1.tar.xz
Files:
 35bd216f91f6fbf4a7afd038f80a6abd 1223 admin optional systemd-boot-efi-amd64-signed_257.13+1~deb13u1.dsc
 1474b3def6e54d7e98efdf9a932336a7 3892 admin optional systemd-boot-efi-amd64-signed_257.13+1~deb13u1.tar.xz

-----BEGIN PGP SIGNATURE-----

iHUEARYKAB0WIQSInBJdRTWyTRy0ztFCTVFtUgONCgUCafefZgAKCRBCTVFtUgON
Ci1iAQCedG4A20/MivpXZOZhiFXDoPTTtsgPYORmL2TUmSW9CgD/ROqp42/uWYHX
sxuhAluoZXnMt/hsL4C5rEcC008ARAM=
=/wUf
-----END PGP SIGNATURE-----