armci-mpi (0.4-9) unstable; urgency=medium . * Team upload. . [ Luca Boccassi ] * autopkgtests: export MPICC too in test-armci. Fixes a build issue triggered by debhelper 13.32 which happens during autopkgtests. Closes: #1139889. . [ Santiago Vila ] * test-armci: restrict hwloc to linux,stop to avoid GPU probe crashes. * test-armci: use OpenMPI 5.x PRTE_MCA variable for oversubscribe. * Drop "Priority: optional" (default). * Update standards-version. * Add debian/salsa-ci.yml. bcron (0.11-25) unstable; urgency=medium . * removed d/bcron.dirs, which Closes: #1139904 * bumped Standards-Version: 4.7.4 bird2 (2.19.1-1) unstable; urgency=medium . * New upstream release. blt (2.5.3+dfsg-9) unstable; urgency=medium . * Add a patch by Helmut Grohne which fixes FTBFS when exporting CC (closes: #1136377). * Mute the old-style-definition warning to make build logs more clear. * Bump the standards version to 4.7.4. bthome-ble (3.23.4-1) unstable; urgency=medium . * New upstream release. closql-el (2.4.1-1) unstable; urgency=medium . * Team upload * New upstream release * debian/gbp.conf: update with the current practice * debian/salsa-ci.yml: add the default template dbus-fast (5.0.22-1) unstable; urgency=medium . * New upstream release. debputy (0.1.89) unstable; urgency=medium . * debputy: Fix `SyntaxWarning` about invalid escape sequence. Thanks to Sven Joachim for filing the bug and providing a patch. Also thanks to Jochen Sprickerhof for also be quick to report the problem. (Closes: #1139930) * CI: Tweak the CI setup and dependencies debputy (0.1.88) unstable; urgency=medium . * LSP/Lint: - Bump latest S-V to 4.7.4 - Fix 2 "off-by-one" errors when checking `d/changelog` line length so it now triggers exactly when `lintian` would rather than 2 characters too late. . * Manifest: - Support `install-target-variables` for the `make` build system (Closes: debputy#128, debputy#146) . * migrate-from-dh: - Migration with `tmpfiles` now assume compat 14. This is due to the change below about generating `--remove` and `--purge` snippets for `tmpfiles`. . * Plugin API: - Support `Foo | None` types better in source/parsed formats. Previously, the had to be written as `Optional[Foo]` . * debputy: add dependency for `tmpfiles` like `debhelper` now does * debputy: Generate `--remove` and `--purge` snippets for `tmpfiles` digikam (4:9.1.0-1) unstable; urgency=medium . * New upstream version * Standards-Version: 4.7.4 (routine-update) * Remove Priority field (cme) * [d6752d0] remove obsolete overrides. django-fsm-log (5.0.2-1) unstable; urgency=medium . * Initial release. (Closes: #1130888) eccodes (2.47.1-2) unstable; urgency=medium . * Build against ecbuild to remove timestamps in config.h. etc elfeed (4.0.1-1) unstable; urgency=medium . * New upstream release elfeed-web (4.0.0-1) unstable; urgency=medium . * Initial release (Closes: #1139611) elpa-subed (1.5.1-1) unstable; urgency=medium . * New upstream release * Drop patches; already applied upstream emacs-pg-el (0.67-1) unstable; urgency=medium . * New upstream release esmi (5.2.1+ds-2) unstable; urgency=medium . * Generate better man outside build, to fix unreproducible (Closes: 1139653) esmi (5.2.1+ds-1) unstable; urgency=medium . * New upstream version 5.2.1 (Closes: #1137415) falkon (26.04.2-1) unstable; urgency=medium . * New upstream version 26.04.2 field3d (1.7.3-9) unstable; urgency=medium . * QA upload. * Change maintainer to QA. Closes: #1138098 * Move repository to debian group. * Drop redundant Rules-Requires-Root: no. fwupd (2.1.5-1) unstable; urgency=medium . * New upstream version (2.1.5) * Drop upstream patch fwupd (2.1.4-2) unstable; urgency=medium . * Backport a patch from upstream to fix reproducible builds fwupd (2.1.4-1) unstable; urgency=medium . * New upstream version * Drop flashrom support ghub-el (5.2.1-1) unstable; urgency=medium . * Team upload * New upstream release * Set upstream metadata fields: Repository. * debian/{control,docs}: run `wrap-and-sort -ast' * debian/control: add explicit elpa-compat dependency - To workaround dh-elpa limitation on handling built-in addons. * debian/rules: stop building html docs - Contains external links (e.g. css) which are considered privacy breach. * debian/docs: drop html docs; no longer built * debian/doc-base: drop html docs; no longer built * debian/gbp.conf: turn off pristine-tar; not used * debian/gbp.conf: drop compression settings; not used * debian/salsa-ci.yml: add default template gnomint (1.6.4-1) unstable; urgency=medium . * New upstream release. (Closes: #1139695) * d/control: Port to GTK 4. * d/rules: No longer need to rename metainfo file. * d/tests: Support GUI tests & python scripts. * d/copyright: Fix the name of metainfo file. * Remove empty d/patches/series. gnomint (1.5.1-1) unstable; urgency=medium . * New upstream release. (Closes: #1137604, #580614, #776977) * New maintainer. (Closes: #655257) * Bump Standards-Version to 4.7.4. * d/control: - Remove Priority & Rules-Requires-Root fields. - Update Homepage field to https://github.com/davefx/gnoMint/. * d/copyright: - Add Upstream-Contact field. - Update Source field to GitHub URL. - Restore copyright information of upstream contributors according to git history, AUTHORS and copyright notices. Bump copyright years. - Restore all Debian contributors according to d/changelog. - Add CC0-1.0 for gui/gnomint.appdata.xml.in. * d/gnomint.docs: Add README. * d/watch: Update to version 5 and use new source URL. * d/rules: Fix variable "appdatadir" and rename metainfo file. * Drop d/patches/*: - Merged upstream (https://github.com/davefx/gnoMint/pull/38): + 02-cflags.patch + fix-autoreconf.patch + gsettings-port.patch + export-private-key-crash.patch + desktop-file.patch + spelling-errors.patch + gtk3-port.patch - No longer needed: + 682432.patch + gcc-10.patch + glib-2.70.patch * Add d/salsa-ci.yml for CI/CD. * Add d/tests/* for autopkgtest. gnu-apl (1.8-1) unstable; urgency=medium . * Package upstream release 1.8 (closes: #949948) * Upstream had debian/* for 1.1. Completely overwriting, but some of that was used as a basis here; changes below. * Debhelper compat 13, Standards-Version 4.7.4, DEP-5 copyright. * Add libapl-dev binary package for the embeddable APL library. - using out-of-tree build - patches to enable out-of-tree build - GCC-15 patch * Build with libfftw3, libxcb, libgtk-3, libpcre2, libsqlite3 support. * Fiddle with debian/rules and patch #includes so broken upstream src/makefile.h does not break the build. golang-github-elithrar-simple-scrypt (1.4.1-1) unstable; urgency=medium . * Update watch file to version 5 * Bump Standards-Version to 4.7.4: remove Priority field * New upstream version 1.4.1 * Update email address golang-github-mattn-go-xmpp (0.3.6-1) unstable; urgency=medium . * New upstream version 0.3.6 golang-github-mattn-go-xmpp (0.3.5-1) unstable; urgency=medium . * New upstream version 0.3.5 golang-github-peterbourgon-unixtransport (0.0.7-1) unstable; urgency=medium . * Update watch file to version 5 * Bump Standards-Version to 4.7.4: remove Priority field * New upstream version 0.0.7 golang-sslmate-src-go-pkcs12 (0.7.2-1) unstable; urgency=medium . * New upstream release - Includes fix for GHSA-mpwr-8vm7-h73f icoextract (0.3.0-2) unstable; urgency=medium . * Remove stray /usr/lib/python3/dist-packages/build/lib directory icoextract (0.3.0-1) unstable; urgency=medium . * New upstream release. - Set minimum Python version to 3.10 * Switch to pyproject.toml based packaging: - icoextract is now a metapackage, and the icoextract / icolist tools are now installed in python3-icoextract - Add Build-Depends: pybuild-plugin-pyproject * d/rules: Use $(MAKE) -j$(DEB_BUILD_OPTION_PARALLEL) for faster test file builds indi-pentax (1.0+20221221102411-6) unstable; urgency=medium . * reupload indi-pentax (1.0+20221221102411-5) unstable; urgency=medium . * rebuild contrib package for libraw25 transition (Closes: #1137087) * debian/control: remove RRR: and Priority: * debian/control: bump standard to 4.7.4 (no changes) indi-pentax (1.0+20221221102411-4) unstable; urgency=medium . * add cmake4.patch (Closes: #1125603) indi-pentax (1.0+20221221102411-3) unstable; urgency=medium . * add gcc15.patch (Closes: #1114151) indi-pentax (1.0+20221221102411-2) unstable; urgency=medium . * debian/control: bump standard to 4.7.0 (no changes) indi-pentax (1.0+20221221102411-1) unstable; urgency=medium . * build version from git * based on indi-3rdparty release 1.9.9 * new upstream version 1.0 indi-pentax (1.0-2) unstable; urgency=medium . * debian/control: move to debian-astro team * debian/control: bump standard to 4.6.1 (no changes) * debian/control: restrict to architectures amd64 and armhf these are the architectures where libricohcamerasdk is available indi-pentax (1.0-1) unstable; urgency=medium . * initial version isocline (1.1.0-1) unstable; urgency=medium . * New upstream version 1.1.0 * d/patches: Mark patch 0001 as forwarded upstream * d/patches: remove patches applied upstream * d/patches: add patch to fix version metadata * d/libisocline1.symbols: add symbols file java3d (1.5.2+dfsg-19) unstable; urgency=medium . * Team upload. * Add patch to address FTBFS with openjdk-25 (Closes: #1139301) Thank you to Aurelien Jarno for the patch. * Bump Standards-Version to 4.7.4 * Update Uploaders (Closes: #1139091) Thank you to Torsten Werner for your work on this package. kiwi (10.3.5-1) unstable; urgency=medium . * New upstream release kylin-ai-data-management-service (1.2.0.0-1) unstable; urgency=medium . * Initial release kylin-ai-document-qa-service (1.2.0.0-1) unstable; urgency=medium . * Initial release kylin-ai-runtime (1.1.0.1-1) unstable; urgency=medium . * Initial release ldns (1.9.2-1) unstable; urgency=medium . * new upstream bugfix release, including - Match question from query in response, and... - Fix to check address and port and TXID Closes: #1139627, CVE-2026-10846 * update the upstream signing key libaudio-scan-perl (1.13-1) unstable; urgency=medium . * Import upstream version 1.13. * Drop patch, fixed upstream libconfig-model-itself-perl (2.031-1) unstable; urgency=medium . * new upstream version * cme meta command: add -factorize option. The goal is to reduce the size of written models and using the element property factorization brought by Config::Model 2.163 * add gist to Element and CargoElement classes * WarpValue model: change warp property to use "when => apply ..." * Itself: add "use utf8;" when writing back models * control: depends on libconfig-model-perl >= 2.163 libconfig-model-perl (2.163-1) unstable; urgency=medium . * control: add Breaks for libconfig-model-itself-perl < 2.031 * refreshed patch * new upstream version: * Warp: Change warp property to use "when => apply {element properties}" * Model: to save typing, element declaration can now be written like: element => [ X => { type => 'leaf', value_type => 'enum', choice => [qw/Av Bv Cv/] }, Y => '*X', # alias to X Z => '*X', ] This kind of factorization was already possible using clunky Perl tricks. Using aliases inspired from YAML should make model more readable for non Perl gurus. To be able to factorize elements, it may be necessary to declare some properties outside of element declaration. So, 'summary', 'description' and 'warp' properties can be declared as class properties like: summary => { 'X' => 'a good summary' 'Y' => '*X', } Likewise, 'level' and 'status' properties can also be declared as class properties with a more suitable structure: level => { important => [qw/X Y/], hidden => 'Z'} status => { deprecated => 'X' } Note that Config::Model::Itself >= 2.031 allows 'cme meta -factorize all' to write models with factorized properties. * add 'cme run translate_legacy' script to help update models. * WarpedNode: better fix of crash during WarpedNode creation libjpeg (0.0~git20250815.25f7128-3) unstable; urgency=medium . * Team upload. * Bump Standards-Version: 4.7.4 * d/rules: add execute_before_dh_auto_build, Closes: #1139539 * d/clean: add clear Makefile_Settings.${DEB_BUILD_GNU_CPU} link file * d/control: remove Priority: optional line * d/watch: converted to version 5 libmojo-jwt-perl (1.02-1) unstable; urgency=medium . * Team upload. * Import upstream version 1.02. * Declare compliance with Debian Policy 4.7.4. * Remove «Rules-Requires-Root: no», which is the current default. * Remove «Priority: optional», which is the current default. * Update years of upstream copyright. libmojolicious-perl (9.46+dfsg-1) unstable; urgency=medium . * Import upstream version 9.46+dfsg. libmojolicious-plugin-openapi-perl (5.12-1) unstable; urgency=medium . * Team upload. * Import upstream version 5.12. * Update versioned dependency on libjson-validator-perl. * Declare compliance with Debian Policy 4.7.4. * Remove «Rules-Requires-Root: no», which is the current default. * Remove «Priority: optional», which is the current default. * Drop unneeded version constraints from (build) dependencies. libnet-cups-perl (0.65-1) unstable; urgency=medium . * Import upstream version 0.65. * Update years of packaging copyright. * Declare compliance with Debian Policy 4.7.4. * Remove «Rules-Requires-Root: no», which is the current default. * Remove «Priority: optional», which is the current default. libtemplate-perl (3.106-1) unstable; urgency=medium . * Team upload. * Import upstream version 3.106. * Drop 0001-fix-escape-single-quotes-in-html_filter-and-HTML.esc.patch which was taken from upstream git. * Install new upstream SECURITY.md document. * Annotate test-only build dependencies with . libuuid-perl (0.38-1) unstable; urgency=medium . * Import upstream version 0.38. * debian/copyright: drop stanza about removed file. * Update years of upstream and packaging copyright. * Update build dependencies. * Declare compliance with Debian Policy 4.7.4. * Remove «Rules-Requires-Root: no», which is the current default. * Remove «Priority: optional», which is the current default. * autopkgtests: set USE_ITHREADS. libwww-mechanize-perl (2.21-1) unstable; urgency=medium . * Import upstream version 2.21. * Update years of packaging copyright. * Declare compliance with Debian Policy 4.7.4. * Drop overrides for removed lintian tags. libwww-robotrules-perl (6.03-1) unstable; urgency=medium . [ Debian Janitor ] * Bump debhelper from old 10 to 12. * Set debhelper-compat version in Build-Depends. * Set upstream metadata fields: Bug-Database, Repository, Repository- Browse. * Remove obsolete fields Contact, Name from debian/upstream/metadata (already present in machine-readable debian/copyright). * Set upstream metadata fields: Bug-Submit. . [ gregor herrmann ] * debian/watch: use uscan version 4. . [ Debian Janitor ] * Remove constraints unnecessary since buster . [ gregor herrmann ] * Import upstream version 6.03. * Update debian/upstream/metadata. * Update years of packaging copyright. * Declare compliance with Debian Policy 4.7.4. * Remove «Priority: optional», which is the current default. * Bump debhelper-compat to 13. * Annotate test-only build dependencies with . * Add patch to fix syntax error in lib/WWW/RobotRules/DB_File.pm. libyaml-libyaml-perl (0.907.0+ds-1) unstable; urgency=medium . * Import upstream version 0.907.0+ds. * New test dependency: libtest-warnings-perl. libzonemaster-perl (8.001.001-1) unstable; urgency=medium . [ gregor herrmann ] * Use Metacpan template in debian/watch. . [ Étienne Mollier ] * Import upstream version 8.001.001. * Declare compliance with Debian Policy 4.7.3. * Remove «Priority: optional», which is the current default. libzonemaster-perl (8.1.0-1) unstable; urgency=medium . * Team upload. * Import upstream version 8.1.0. * Bump versioned test and runtime dependencies on libzonemaster-ldns-perl. libzonemaster-perl (8.0.0-1) unstable; urgency=medium . * Import upstream version 8.0.0. * Remove «Rules-Requires-Root: no», which is the current default. * d/watch: convert to watch file version 5. libzonemaster-perl (7.1.0-1) unstable; urgency=medium . * Import upstream version 7.1.0. * Declare compliance with Debian Policy 4.7.2. libzonemaster-perl (7.0.0-1) unstable; urgency=medium . * Team upload. * Import upstream version 7.0.0. * Update test and runtime dependencies. * Drop 0002-fix-spelling-errors.patch, merged upstream. * Drop 0003-disable-distcheck.patch, the patched file is gone. * Drop 0004-fix-masked-variable.patch, fixed/not needed anymore. * Drop 0005-bareword-in-engine.patch, merged upstream. * Update years of packaging copyright. libzonemaster-perl (6.0.0-1) unstable; urgency=medium . * Import upstream version 6.0.0. * 0002-fix-spelling-errors.patch: unfuzz. * 0004-fix-masked-variable.patch: simplify and refresh. * d/control: test suite depends on libsub-override-perl. * 0005-bareword-in-engine.patch: new: restore missing parenthesis. * d/lintian-overrides: make groff-message overrides more generic. * d/lintian-overrides: flag a possible false positive. libzonemaster-perl (5.0.0-1) unstable; urgency=medium . * Import upstream version 5.0.0. * 0002-fix-spelling-errors.patch: refresh. * d/control: tests depend on libmail-spf-perl. * d/control: libzonemaster-perl dependes on libmail-spf-perl. * d/control: libzonemaster-perl depends on libdata-messagepack-perl. * d/control: libzonemaster-perl depends on libredis-perl. * d/control: declare compliance to standards version 4.7.0. * d/lintian-overrides: refresh groff messages. * 0004-fix-masked-variable.patch: new. Fix a warning caught by autopkgtest. libzonemaster-perl (4.7.3-1) unstable; urgency=medium . * Team upload. * Import upstream version 4.7.3. * Refresh 0002-fix-spelling-errors.patch (offset). libzonemaster-perl (4.7.2-1) unstable; urgency=medium . * Import upstream version 4.7.2. * d/lintian-overrides: hide warning caused by long url. libzonemaster-perl (4.7.1-1) unstable; urgency=medium . * Import upstream version 4.7.1. * d/copyright: update copyright year. * d/control: tests and package depend on liblog-any-perl. * d/control: tests and package depend on libyaml-libyaml-perl. * 0002-fix-spelling-errors.patch: refresh. libzonemaster-perl (4.6.2-1) unstable; urgency=medium . * Team upload. * Import upstream version 4.6.2. * Refresh 0002-fix-spelling-errors.patch (offset). * Update years of packaging copyright. * Drop unneeded version constraints from (build) dependencies. * Annotate test-only build dependencies with . * Refresh debian/upstream/metadata. Thanks to lintian-brush. * Make .mo files writeable for dh_strip_nondeterminism. * Fix typo in a comment in debian/copyright. Thanks to lintian. libzonemaster-perl (4.6.1-1) unstable; urgency=medium . * Import upstream version 4.6.1. libzonemaster-perl (4.6.0-1) unstable; urgency=medium . * Import upstream version 4.6.0. * d/copyright: update to new upstream version. * 0001-Disable-broken-test-on-line-51-in-t-old-bugs.t.patch: removed. * 0002-fix-spelling-errors.patch: adjusted to new source layout. * 0003-disable-distcheck.patch: skip t/manifest.t due to packaging files. * d/control: declare compliance to standards version 4.6.2. * d/control: add missing test dependencies. * d/control: add missing dependencies to libzonemaster-perl. * d/control: add myself to uploaders. * Set Rules-Requires-Root: no. * d/t/p/syntax-skip: don't control several submodules. libzonemaster-perl (1.0.16-3) unstable; urgency=medium . [ gregor herrmann ] * Disable network tests during autopkgtests like during build. . [ Salvatore Bonaccorso ] * Update Vcs-* headers for switch to salsa.debian.org . [ Nick Morrott ] * Update metacpan URL in watch file . [ gregor herrmann ] * debian/copyright: replace tabs with spaces / remove trailing whitespace. * debian/watch: use uscan version 4. . [ Debian Janitor ] * Use secure copyright file specification URI. * Bump debhelper from old 9 to 12. * Set debhelper-compat version in Build-Depends. * Set upstream metadata fields: Bug-Submit, Repository, Repository- Browse. * Remove obsolete fields Contact, Name from debian/upstream/metadata (already present in machine-readable debian/copyright). * Remove constraints unnecessary since buster * Build-Depends-Indep: Drop versioned constraint on perl. libzonemaster-perl (1.0.16-2.1) unstable; urgency=medium . * Non maintainer upload by the Reproducible Builds team. * No source change upload to rebuild on buildd with .buildinfo files. libzonemaster-perl (1.0.16-2) unstable; urgency=medium . * Drop the unneeded dependency on Net::IP::XS libzonemaster-perl (1.0.16-1) unstable; urgency=medium . * Team upload. * Import upstream version 1.0.16 * debian/copyright: Update years. libzonemaster-perl (1.0.15-2) unstable; urgency=medium . * Team upload. * Make package autopkgtest-able. Add debian/tests/pkg-perl/syntax-skip with a syntactically challenged module. (Closes: #845374) libzonemaster-perl (1.0.15-1) unstable; urgency=medium . * Team upload. . [ Ondřej Surý ] * debian/control: Added: Vcs-Git field (source stanza); Vcs-Browser field (source stanza). . [ Angel Abad ] * Import upstream version 1.0.15 * debian/copyright: Update years. * debian/control: - Add libnet-ip-perl to {Build-}Depends. - Update versioned (build) dependencies. * Mark package as autopkgtest-able. * debian/patches/0002-fix-spelling-errors.patch: Fix spelling errors. libzonemaster-perl (1.0.14-2) unstable; urgency=medium . * Export TEST_NO_NETWORK=1 instead of ignoring test results * Disable broken test on line 51 in t/old-bugs.t libzonemaster-perl (1.0.14-1) unstable; urgency=low . * Initial Release. liferea (1.16.10+ds-3) unstable; urgency=medium . [ Santiago Vila ] * Improve clean target (Closes: #1046450) . [ Paul Gevers ] * tests: ignore failure on riscv64 and make them fatal again on ppc64* liferea (1.16.10+ds-2) unstable; urgency=medium . * Work around test failure leading to FTBFS liferea (1.16.10+ds-1) unstable; urgency=medium . * New upstream version 1.16.10+ds * d/control: update maintainer field to Debian Commons * d/watch: force stable versions * d/copyright: update for 2026 lmarbles (1.1.1-1) unstable; urgency=medium . * Team Upload * Game does not support /var/games/lmarbles anymore, cleanup in postinst the new format is not compatible with the old one, so a migration of scores is not possible * New upstream version 1.1.1 * Drop old d/clean * Refresh desktop.patch & drop icon.patch * Drop 8bit-colour-depth.patch from 2005, the hardware has been retired * Drop our low-res lmarbles.png, upstream now provides one * Refresh manpage.patch * Drop fix-configuration-issues.patch: upstream does not use /var/games anymore * Add debian/upstream/metadata minja (0~git20250922.021c2293c187-2) unstable; urgency=medium . * No source changes. minja (0~git20250922.021c2293c187-1) unstable; urgency=medium . * Initial release. node-addon-api (8.8.0-1) unstable; urgency=medium . * New upstream version 8.8.0 * Standards-Version bump node-csstools-postcss-plugins (0.0~git20260613.2af619182-1) unstable; urgency=medium . * Initial release. (Closes: #1139696) node-memoize-one (6.0.0-2) unstable; urgency=medium . * This package was previsouly included with node-react-highlight-words. * Breaks & Replaces: node-react-highlight-words (<< 0.20.0+~cs7.18.6+ds-1~). (Closes: #1139590) node-memoize-one (6.0.0-1) unstable; urgency=medium . * Initial release. (Closes: #1125074) node-postcss-advanced-variables (5.0.0-1) unstable; urgency=medium . * Initial release. (Closes: #1139947) node-react-highlight-words (0.20.0+~cs7.18.6+ds-1) unstable; urgency=medium . * Team upload * Repack upstream source without embedded memoize-one, now provided by node-memoize-one. (Closes: #1139590) ocamlformat (0.29.0-2) unstable; urgency=medium . * Create empty error files before running tests (Closes: #1139515) opencc (1.3.1+ds1-3) unstable; urgency=medium . * d/libopencc1.3.symbols: update use pkgkde-symbolshelper opencc (1.3.1+ds1-2) unstable; urgency=medium . * d/libopencc1.3.symbols: use getbuildlog, pkgkde-symbolshelper update opencc (1.3.1+ds1-1) unstable; urgency=medium . * New upstream version 1.3.1+ds1 * d/libopencc1.3.symbols: add symbols in 1.3.1 openssl (3.6.3-1) unstable; urgency=medium . * Import 3.6.3 (Closes: #1139674) - CVE-2026-7383 ("Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion") - CVE-2026-9076 ("Out-of-Bounds Read in CMS Password-Based Decryption") - CVE-2026-34180 ("Heap Buffer Over-read in ASN.1 Content Parsing") - CVE-2026-34181 ("PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys") - CVE-2026-34182 ("CMS AuthEnvelopedData Processing May Accept Forged Messages") - CVE-2026-34183 ("Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler") - CVE-2026-35188 ("Double-free When Checking OCSP Stapled Response") - CVE-2026-42764 ("NULL pointer dereference in QUIC server initial packet handling") - CVE-2026-42765 ("NULL Dereference in Certificate Verification with OCSP Checking") - CVE-2026-42766 ("Possible NULL Dereference in Password-Based CMS Decryption") - CVE-2026-42767 ("NULL Pointer Dereference in CRMF EncryptedValue Decryption") - CVE-2026-42768 ("Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt()") - CVE-2026-42769 ("Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate") - CVE-2026-42770 ("FFC-DH Peer Validation Uses Attacker-Supplied q") - CVE-2026-45445 ("AES-OCB IV Ignored on EVP_Cipher() Path") - CVE-2026-45446 ("Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes") - CVE-2026-45447 ("Heap Use-After-Free in OpenSSL PKCS7_verify()") openstack-pkg-tools (144) unstable; urgency=medium . * Fix certificate location for APIs to also include /etc/NAME/ssl/certs, and stop using /usr/local/share/ca-certificates/puppet_openstack.crt. This is needed to fix upstream puppet-openstack CI on Debian Trixie. p11-kit (0.26.2-3) unstable; urgency=medium . * Fix autopoint error with gettext 1.0. (Closes: #1137421) pacman-package-manager (7.1.0-3) unstable; urgency=medium . [ Martin Pitt ] * Fix deadlock in fork()ed child with curl 8.20 threaded resolver. Patch proposed, but not yet applied in upstream pacman. Taken from Arch package. (Closes: #1139622) phosh-osk-stevia (0.55.0-1) unstable; urgency=medium . * New upstream release * UI translations: * nicole mikołajczyk (pl) * Ryo Nakano (ja) php-codeigniter-framework (3.1.13+dfsg1-9) unstable; urgency=medium . [ Alexandre Detiste ] * ensure /var/log/php-codeigniter-framework/ is cleared on postrm/purge . [ Fab Stz ] * d/control: move most Build-Depends to Build-Depends-Indep * Set Standards-Version to 4.7.4 php-json-schema (6.9.0-1) unstable; urgency=medium . [ Christian López Espínola ] * fix: allow "#", "?", and "?#" as valid URI references per RFC 3986 (#910) * fix: annotate resolved schemas with dialect-aware id keyword (#912) . [ Danny van der Sluijs ] * fix: treat optional JSON Schema test suite cases as real tests (#913) (#915) . [ github-actions[bot] ] * docs: Prepare release 6.9.0 postgis (3.6.4+dfsg-2) unstable; urgency=medium . * Add patch to fix FTBFS with SFCGAL 2.3.0. pypck (0.9.13-1) unstable; urgency=medium . * New upstream release. * Upstream removed documentation. python-aiohasupervisor (0.5.0-1) unstable; urgency=medium . * New upstream release. * Update Standards-Version. python-aiointercept (0.1.7-1) unstable; urgency=medium . * New upstream release. * Skip tests that need network access or fail with pytest 9. python3.13 (3.13.14-1) unstable; urgency=medium . * Python 3.13.14. - Avoid crash decompressing untrusted bz2 data. CVE-2026-9669. - Don't trust server-provided passive connection addresses in ftplib. CVE-2026-8328. - Don't allow untrusted tarfile extraction to write outside the destination. CVE-2026-7774. - Protects against DoS in expat XML parsing. CVE-2026-7210. - Avoid use-after-free in decompressors under memory pressure. CVE-2026-6100. - Base64-encode cookie values embedded in JS. CVE-2026-6019. - Protect webbrowser %action substitutions. CVE-2026-4786. - Avoid DoS in unicode normalization. CVE-2026-3276. - Reject CR/LF in HTTP tunnel request headers. CVE-2026-1502. - Fixes reference leaks in ssl.Context. Closes: #1138157. * Python 3.13.13 resolved some security issues: - Avoid launching webbrowser with attacker controlled options. CVE-2026-4519. - Avoid C stack overflow in Expat parsing with registered ElementDeclHandler. CVE-2026-4224. - Reject control characters in Morsel cookies. CVE-2026-3644. - Base64 decode no longer ignores data after the first padded quad. CVE-2026-3446. - Ensure io.open_code is used to read .pyc files. CVE-2026-2297. - Skip TarInfo DIRTYPE normalization during GNU long name handling. CVE-2025-13462. . [ Matthias Klose ] * Explicitly build-depend on uuid-dev. LP: #2147343. . [ Colin Watson ] * Drop libnsl-dev build-dependency, which is superfluous since the nis module was removed in Python 3.13. . [ Stefano Rivera ] * Refresh patches. * Drop mention of gdbinit from README.debug. Closes: #1109449. * Tidy up python3.X-config manpage. Closes: #1101810. python3.14 (3.14.6-1) unstable; urgency=medium . * Python 3.14.6 release. - Avoid crash decompressing untrusted bz2 data. CVE-2026-9669. - Don't trust server-provided passive connection addresses in ftplib. CVE-2026-8328. - Don't allow untrusted tarfile extraction to write outside the destination. CVE-2026-7774. - Protects against DoS in expat XML parsing. CVE-2026-7210. - Avoid DoS in unicode normalization. CVE-2026-3276. . [ Colin Watson ] * Drop libnsl-dev build-dependency, which is superfluous since the nis module was removed in Python 3.13. . [ Stefano Rivera ] * Refresh patches. * Drop mention of gdbinit from README.debug. Closes: #1109449. * Tidy up python3.X-config manpage. Closes: #1101810. * Build with -fno-thread-jumps, instead of -O1 on m68k. Closes: #1139593 qpwgraph (1.0.2-1) unstable; urgency=medium . * New upstream version 1.0.2 * d/control: replace libqt6svg6-dev with qt6-svg-dev * d/control: drop useless B-d qt6-tools-dev-tools * d/control: drop Rules-Requires-Root * d/control: bump Standards-Version to 4.7.4 qtorganizer-mkcal (0.1.0~git20260606.6efa089-1) unstable; urgency=medium . [ Lionel Duboeuf ] * Update to new upstream Git snapshot 0.1.0~git20260606.6efa089. . [ Mike Gabriel ] * debian/control: + Drop Priority: field. + Bump Standards-Version to 4.7.4. * debian/rules: + Replace get-orig-source target by code that retrieves what's actually referenced in d/changelog's version. * debian/copyright: + Update copyright attributions. r-cran-sessioninfo (1.2.4-1) unstable; urgency=medium . * Team upload. * New upstream version * Standards-Version: 4.7.4 (routine-update) * Drop 'Rules-Requires-Root: no' from d/control (routine-update) reform-setup-wizard (1.0-14.2) unstable; urgency=medium . * Non-maintainer upload. * Patch for newer deps. (Closes: #1136404, #1137408) restic (0.19.0-1) unstable; urgency=medium . * New upstream version 0.19.0 * Rebase patches * Add patch to replace python by python3 in tests; remove python3 and python-is-python3 from B-D; add python3-all to B-D * Update watch file to version 5 * Bump Standards-Version to 4.7.4: remove Priority field rust-curl-sys (0.4.89+dfsg-1) unstable; urgency=medium . * Team upload. * Package curl-sys 0.4.89+curl-8.20.0 from crates.io using debcargo 2.8.3 * Update patches for new upstream. * Update overridden control file. rust-doxx (0.1.4+dfsg-1) unstable; urgency=medium . * Package doxx 0.1.4 from crates.io using debcargo 2.8.2 * Exclude .github/ and wix/ dir as they have a different author and license and are not needed for the package * Refresh the patches for new upstream release rust-fastbloom (0.17.0-2) unstable; urgency=medium . * Package fastbloom 0.17.0 from crates.io using debcargo 2.8.2 rust-fastbloom (0.17.0-1) unstable; urgency=medium . * Package fastbloom 0.17.0 from crates.io using debcargo 2.8.2 rust-fastbloom (0.15.0-1) unstable; urgency=medium . * Package fastbloom 0.15.0 from crates.io using debcargo 2.8.1 (Closes: #1128765) rust-gix-blame (0.13.0-1) unstable; urgency=medium . * Team upload. * Package gix-blame 0.13.0 from crates.io using debcargo 2.8.2 rust-gix-blame (0.3.0-1) experimental; urgency=medium . * Package gix-blame 0.3.0 from crates.io using debcargo 2.8.0 rust-jql-runner (8.1.2-1) unstable; urgency=medium . * Package jql-runner 8.1.2 from crates.io using debcargo 2.8.2 rust-rust-i18n-support (4.1.0-2) unstable; urgency=medium . * debian/patches/003_force_little_endian.patch: - Fix build failure in s390x and others serpent (1.43-1) unstable; urgency=medium . * New upstream release. * Mark python3-serpent as Multi-Arch: foreign. socnetv (3.6-1) unstable; urgency=medium . * Team upload. * New upstream version * Set upstream metadata fields: Bug-Submit. spice-crypt (3.0.1-1) unstable; urgency=medium . * New upstream version 3.0.1 * d/clean: remove rust build artifacts starlet (0.32-1) unstable; urgency=medium . * Team upload. * Import upstream version 0.32. * Drop 0001-Prevent-HTTP-Smuggling.patch. CVE-2026-40561 is fixed in this release. stimfit (0.16.11-3) unstable; urgency=medium . * Fix FTBFS with HDF5 2.x. Thanks to Gilles Filippini for the patch. (Closes: #1139613) wasi-libc (0.0~git20260129.ec0effd-3) unstable; urgency=medium . * build: drop shared variant wireguard (1.0.20260223-1) unstable; urgency=medium . * New upstream release. * d/control: Drop 'priority' and R³, set by default. * d/watch: Convert to version 5. * Update Standards-Version to 4.7.4. xa (2.4.1-0.2) unstable; urgency=medium . * Non-maintainer upload. . [ Andreas Tille ] * Migrate packaging to Salsa Closes: #966177 * d/watch: version=5 * d/copyrighht: - Secure URI in Source - Add Files: debian/* paragraph * Fix dependencies in Makefile Closes: #1105619 * Standards-Version: 4.7.4 (Removed Priority field) . [ Helmut Grohne ] * Mark xa65 Multi-Arch: foreign. (Closes: #1130320)