-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 13 Apr 2026 21:38:05 +0200
Source: systemd-boot-efi-arm64-signed
Architecture: source
Version: 257.13+1~deb13u1
Distribution: trixie-proposed-updates
Urgency: high
Maintainer: Debian systemd Maintainers <pkg-systemd-maintainers@lists.alioth.debian.org>
Changed-By: Tobias Deiminger <tobias.deiminger@linutronix.de>
Changes:
 systemd-boot-efi-arm64-signed (257.13+1~deb13u1) trixie; urgency=high
 .
   * Sign EFI binaries from systemd-boot-efi 257.13-1~deb13u1
 .
   [ Luca Boccassi ]
   * preinst: ensure /tmp workaround does not override local unit/fstab
     (Closes: #1116344)
   * preinst: ensure /tmp/ workaround is only attempted on first trixie upgrade
   * Explicitly disable bpf-framework for stage1 builds
 .
   [ Tobias Deiminger ]
   * CVE-2026-40226 (In nspawn in systemd 233 through 259 before 260, an
     escape-to-host act ...)
   * CVE-2026-40225 (In udev in systemd before 260, local root execution can
     occur via mali ...)
   * CVE-2026-29111 (systemd, a system and service manager, (as PID 1) hits an
     assert and f ...)
   * CVE-2026-4105 (A flaw was found in systemd. The systemd-machined service
     contains an  ...)
   * Update upstream source from tag 'upstream/257.13'
     Update to upstream version '257.13'
     with Debian dir 608373bc40f1a965a842a0c61f9d1fb40c3dfc82
Checksums-Sha1:
 a3faf1cafb8817dd9cd2d877b87761d5acdfe03d 1223 systemd-boot-efi-arm64-signed_257.13+1~deb13u1.dsc
 c57d80f3878be5277284953cd671af18ba2fcd22 3896 systemd-boot-efi-arm64-signed_257.13+1~deb13u1.tar.xz
Checksums-Sha256:
 b7c493d6788108e032bfd90ede2006e8bbe83c758281d9e17f8c49075ce515b1 1223 systemd-boot-efi-arm64-signed_257.13+1~deb13u1.dsc
 34be2e6d53768cef351f6938ce6f667bb857fc1b7e9d87ef2466bdd2a7ff7f08 3896 systemd-boot-efi-arm64-signed_257.13+1~deb13u1.tar.xz
Files:
 ca850beb7d66620e209607cdcb311263 1223 admin optional systemd-boot-efi-arm64-signed_257.13+1~deb13u1.dsc
 c63524dc6c37edb3a7e55e923e7eeb02 3896 admin optional systemd-boot-efi-arm64-signed_257.13+1~deb13u1.tar.xz

-----BEGIN PGP SIGNATURE-----

iHUEARYKAB0WIQSInBJdRTWyTRy0ztFCTVFtUgONCgUCafefawAKCRBCTVFtUgON
CqdRAP9g13CMgKViYQavstj2oD5sC5MlWJOhywGWasid43WorgD/cNMzwih2QtUW
nWxfOT0xNL8TkUNycK0LrzeQUSHSVAQ=
=B/IN
-----END PGP SIGNATURE-----