chromium (148.0.7778.178-1) unstable; urgency=high . [ Andres Salomon ] * New upstream security release. chromium (148.0.7778.167-1) unstable; urgency=high . [ Andres Salomon ] * New upstream security release. - CVE-2026-8509: Heap buffer overflow in WebML. Reported by c6eed09fc8b174b0f3eebedcceb1e792. - CVE-2026-8510: Integer overflow in Skia. Reported by q@calif.io. - CVE-2026-8511: Use after free in UI. Reported by Google. - CVE-2026-8512: Use after free in FileSystem. Reported by Google. - CVE-2026-8513: Use after free in Input. Reported by Google. - CVE-2026-8514: Use after free in Aura. Reported by Google. - CVE-2026-8515: Use after free in HID. Reported by Google. - CVE-2026-8516: Insufficient validation of untrusted input in DataTransfer. Reported by Google. - CVE-2026-8517: Object lifecycle issue in WebShare. Reported by Google. - CVE-2026-8518: Use after free in Blink. Reported by Google. - CVE-2026-8519: Integer overflow in ANGLE. Reported by Google. - CVE-2026-8520: Race in Payments. Reported by Google. - CVE-2026-8521: Use after free in Tab Groups. Reported by Google. - CVE-2026-8522: Use after free in Downloads. Reported by Google. - CVE-2026-8523: Use after free in Mojo. Reported by Paul Seekamp / nullenc0de. - CVE-2026-8558: Out of bounds write in Fonts. Reported by Matej Smycka. - CVE-2026-8524: Out of bounds write in WebAudio. Reported by Brendan Dolan-Gavitt, XBOW. - CVE-2026-8525: Heap buffer overflow in ANGLE. Reported by Nathaniel Oh (@calysteon). - CVE-2026-8526: Out of bounds write in WebRTC. Reported by c6eed09fc8b174b0f3eebedcceb1e792. - CVE-2026-8527: Insufficient validation of untrusted input in Downloads. Reported by rachmat.abdul.ro. - CVE-2026-8528: Insufficient validation of untrusted input in SiteIsolation. Reported by Google. - CVE-2026-8529: Heap buffer overflow in Codecs. Reported by Google. - CVE-2026-8530: Use after free in Network. Reported by Google. - CVE-2026-8531: Heap buffer overflow in WebML. Reported by Syn4pse. - CVE-2026-8532: Integer overflow in XML. Reported by Google. - CVE-2026-8533: Use after free in Accessibility. Reported by Google. - CVE-2026-8534: Integer overflow in GPU. Reported by Google. - CVE-2026-8535: Out of bounds read in Media. Reported by Google. - CVE-2026-8536: Insufficient validation of untrusted input in ReadingMode. Reported by Google. - CVE-2026-8537: Insufficient policy enforcement in ViewTransitions. Reported by Google. - CVE-2026-8538: Insufficient validation of untrusted input in GPU. Reported by Google. - CVE-2026-8539: Script injection in SanitizerAPI. Reported by Jungwoo Lee (@physicube) and Wongi Lee (@_qwerty_po). - CVE-2026-8540: Type Confusion in V8. Reported by Google. - CVE-2026-8541: Out of bounds read in UI. Reported by Google. - CVE-2026-8542: Use after free in Core. Reported by Google. - CVE-2026-8543: Out of bounds read in FileSystem. Reported by Google. - CVE-2026-8544: Use after free in Media. Reported by Google. - CVE-2026-8545: Object corruption in Compositing. Reported by Google. - CVE-2026-8546: Out of bounds read in GPU. Reported by Google. - CVE-2026-8547: Insufficient policy enforcement in Passwords. Reported by Google. - CVE-2026-8548: Out of bounds write in Media. Reported by Google. - CVE-2026-8549: Use after free in Media. Reported by Google. - CVE-2026-8550: Use after free in Google Lens. Reported by Google. - CVE-2026-8551: Use after free in Downloads. Reported by Google. - CVE-2026-8552: Heap buffer overflow in GPU. Reported by Google. - CVE-2026-8553: Use after free in GPU. Reported by Google. - CVE-2026-8554: Type Confusion in ANGLE. Reported by Google. - CVE-2026-8555: Use after free in GTK. Reported by Google. - CVE-2026-8556: Inappropriate implementation in ANGLE. Reported by Google - CVE-2026-8557: Use after free in Accessibility. Reported by Google. - CVE-2026-8559: Integer overflow in Internationalization. Reported by Google. - CVE-2026-8560: Heap buffer overflow in SwiftShader. Reported by Cassidy Kim(@cassidy6564). - CVE-2026-8561: Incorrect security UI in Fullscreen. Reported by Wolfgang Ettlinger (aff. Certitude Consulting GmbH) Alexander Hurbean (aff. Certitude Consulting GmbH). - CVE-2026-8562: Side-channel information leakage in Navigation. Reported by Google. - CVE-2026-8563: Insufficient policy enforcement in IFrame Sandbox. Reported by Luan Herrera (@lbherrera_). - CVE-2026-8564: Incorrect security UI in Downloads. Reported by Alesandro Ortiz https://AlesandroOrtiz.com. - CVE-2026-8565: Inappropriate implementation in Downloads. Reported by Farras Givari. - CVE-2026-8566: Insufficient policy enforcement in Payments. Reported by Jorian Woltjer. - CVE-2026-8567: Integer overflow in ANGLE. Reported by cinzinga. - CVE-2026-8568: Insufficient policy enforcement in AI. Reported by Tianyi Hu. - CVE-2026-8569: Out of bounds write in Codecs. Reported by Google. - CVE-2026-8570: Type Confusion in V8. Reported by Google. - CVE-2026-8571: Insufficient policy enforcement in GPU. Reported by Mark Blaszczyk. - CVE-2026-8572: Insufficient policy enforcement in Network. Reported by Google. - CVE-2026-8573: Integer overflow in Codecs. Reported by Google. - CVE-2026-8574: Use after free in Core. Reported by Google. - CVE-2026-8575: Use after free in UI. Reported by Google. - CVE-2026-8576: Inappropriate implementation in CORS. Reported by Google - CVE-2026-8577: Integer overflow in Fonts. Reported by Google. - CVE-2026-8578: Out of bounds read in GPU. Reported by Google. - CVE-2026-8579: Insufficient validation of untrusted input in Skia. Reported by Google. - CVE-2026-8580: Use after free in Mojo. Reported by Google. - CVE-2026-8581: Use after free in GPU. Reported by Google. - CVE-2026-8582: Object lifecycle issue in Dawn. Reported by Google. - CVE-2026-8583: Insufficient policy enforcement in WebXR. Reported by Google. - CVE-2026-8584: Inappropriate implementation in Views. Reported by Google - CVE-2026-8585: Inappropriate implementation in Media. Reported by Google - CVE-2026-8586: Inappropriate implementation in Chromoting. Reported by Google. - CVE-2026-8587: Use after free in Extensions. Reported by zh1x1an1221 of Ant Group Tianqiong Security Lab. * rust-1.85/file_as_c_str.patch: fix build on non-x86 archs, as char* signed-ness is apparently different there versus arm & ppc64 [trixie, bookworm]. chromium (148.0.7778.96-3) unstable; urgency=high . [ Andres Salomon ] * d/control: switch to hardcoding esbuild-wasm build-dep, since buildds aren't smart enough to handle OR build-deps. chromium (148.0.7778.96-2) unstable; urgency=high . [ Andres Salomon ] * d/rules: update for new script path in debian's esbuild package (maintaining backwards compatibility with older esbuild packages). * d/control: add build-dep on esbuild-wasm for sid but not older distributions. chromium (148.0.7778.96-1) unstable; urgency=high . [ Andres Salomon ] * New upstream stable release. - CVE-2026-7896: Integer overflow in Blink. Reported by c6eed09fc8b174b0f3eebedcceb1e792. - CVE-2026-7897: Use after free in Mobile. Reported by Google. - CVE-2026-7898: Use after free in Chromoting. Reported by Google. - CVE-2026-7899: Out of bounds read and write in V8. Reported by Project WhatForLunch (@pjwhatforlunch). - CVE-2026-7900: Heap buffer overflow in ANGLE. Reported by Anonymous. - CVE-2026-7901: Use after free in ANGLE. Reported by Syn4pse (@ret2happy) - CVE-2026-7902: Out of bounds memory access in V8. Reported by JunYoung Park(@candymate) of KAIST Hacking Lab. - CVE-2026-7903: Integer overflow in ANGLE. Reported by heesun. - CVE-2026-7904: Out of bounds read in Fonts. Reported by c6eed09fc8b174b0f3eebedcceb1e792. - CVE-2026-7905: Insufficient validation of untrusted input in Media. Reported by Google. - CVE-2026-7906: Use after free in SVG. Reported by Google. - CVE-2026-7907: Use after free in DOM. Reported by Google. - CVE-2026-7908: Use after free in Fullscreen. Reported by Google. - CVE-2026-7909: Inappropriate implementation in ServiceWorker. Reported by Google. - CVE-2026-7910: Use after free in Views. Reported by Google. - CVE-2026-7911: Use after free in Aura. Reported by Google. - CVE-2026-7912: Integer overflow in GPU. Reported by Google. - CVE-2026-7913: Insufficient policy enforcement in DevTools. Reported by Google. - CVE-2026-7914: Type Confusion in Accessibility. Reported by Google. - CVE-2026-7915: Insufficient data validation in DevTools. Reported by Google. - CVE-2026-7916: Insufficient data validation in InterestGroups. Reported by Google. - CVE-2026-7917: Use after free in Fullscreen. Reported by Google. - CVE-2026-7918: Use after free in GPU. Reported by Google. - CVE-2026-7919: Use after free in Aura. Reported by Google. - CVE-2026-7920: Use after free in Skia. Reported by Google. - CVE-2026-7921: Use after free in Passwords. Reported by Google. - CVE-2026-7922: Use after free in ServiceWorker. Reported by Google. - CVE-2026-7923: Out of bounds write in Skia. Reported by Google. - CVE-2026-7924: Uninitialized Use in Dawn. Reported by Google. - CVE-2026-7925: Use after free in Chromoting. Reported by Google. - CVE-2026-7926: Use after free in PresentationAPI. Reported by anonymous - CVE-2026-7927: Type Confusion in Runtime. Reported by Google. - CVE-2026-7928: Use after free in WebRTC. Reported by Google. - CVE-2026-7929: Use after free in MediaRecording. Reported by Google. - CVE-2026-7930: Insufficient validation of untrusted input in Cookies. Reported by Satoki. - CVE-2026-7931: Insufficient validation of untrusted input in iOS. Reported by Qadhafy Muhammad Tera. - CVE-2026-7932: Insufficient policy enforcement in Downloads. Reported by Povcfe of Tencent Security Xuanwu Lab. - CVE-2026-7933: Out of bounds read in WebCodecs. Reported by heapracer (@heapracer). - CVE-2026-7934: Insufficient validation of untrusted input in Popup Blocker. Reported by Google. - CVE-2026-7935: Inappropriate implementation in Speech. Reported by Qadhafy Muhammad Tera. - CVE-2026-7936: Object lifecycle issue in V8. Reported by Christian Holler. - CVE-2026-7937: Insufficient policy enforcement in DevTools. Reported by lebr0nli of National Yang Ming Chiao Tung University, Dept. of CS, Security and Systems Lab. - CVE-2026-7938: Use after free in CSS. Reported by c6eed09fc8b174b0f3eebedcceb1e792. - CVE-2026-7939: Inappropriate implementation in SanitizerAPI. Reported by s3zer0. - CVE-2026-7940: Use after free in V8. Reported by sakana. - CVE-2026-7941: Insufficient validation of untrusted input in Mobile. Reported by Adithya Kotian. - CVE-2026-7942: Integer overflow in ANGLE. Reported by Google. - CVE-2026-7943: Insufficient validation of untrusted input in ANGLE. Reported by 86ac1f1587b71893ed2ad792cd7dde32. - CVE-2026-7944: Insufficient validation of untrusted input in Persistent Cache. Reported by Google. - CVE-2026-7945: Insufficient validation of untrusted input in COOP. Reported by Google. - CVE-2026-7946: Insufficient policy enforcement in WebUI. Reported by Google. - CVE-2026-7947: Insufficient validation of untrusted input in Network. Reported by Google. - CVE-2026-7948: Race in Chromoting. Reported by Google. - CVE-2026-7949: Out of bounds read in Skia. Reported by Google. - CVE-2026-7950: Out of bounds read and write in GFX. Reported by Google. - CVE-2026-7951: Out of bounds write in WebRTC. Reported by soft.connect.fr. - CVE-2026-7952: Insufficient policy enforcement in Extensions. Reported by Google. - CVE-2026-7953: Insufficient validation of untrusted input in Omnibox. Reported by Google. - CVE-2026-7954: Race in Shared Storage. Reported by Google. - CVE-2026-7955: Uninitialized Use in GPU. Reported by Google. - CVE-2026-7956: Use after free in Navigation. Reported by Google. - CVE-2026-7957: Out of bounds write in Media. Reported by Google. - CVE-2026-7958: Inappropriate implementation in ServiceWorker. Reported by Google. - CVE-2026-7959: Inappropriate implementation in Navigation. Reported by Google. - CVE-2026-7960: Race in Speech. Reported by Google. - CVE-2026-7961: Insufficient validation of untrusted input in Permissions Reported by Google. - CVE-2026-7962: Insufficient policy enforcement in DirectSockets. Reported by Google. - CVE-2026-7963: Inappropriate implementation in ServiceWorker. Reported by Google. - CVE-2026-7964: Insufficient validation of untrusted input in FileSystem. Reported by Google. - CVE-2026-7965: Insufficient validation of untrusted input in DevTools. Reported by Google. - CVE-2026-7966: Insufficient validation of untrusted input in SiteIsolation. Reported by Google. - CVE-2026-7967: Insufficient validation of untrusted input in Navigation. Reported by Google. - CVE-2026-7968: Insufficient validation of untrusted input in CORS. Reported by Google. - CVE-2026-7969: Integer overflow in Network. Reported by Google. - CVE-2026-7970: Use after free in TopChrome. Reported by Google. - CVE-2026-7971: Inappropriate implementation in ORB. Reported by Google. - CVE-2026-7972: Uninitialized Use in GPU. Reported by Google. - CVE-2026-7973: Integer overflow in Dawn. Reported by Google. - CVE-2026-7974: Use after free in Blink. Reported by Google. - CVE-2026-7975: Use after free in DevTools. Reported by Google. - CVE-2026-7976: Use after free in Views. Reported by Google. - CVE-2026-7977: Inappropriate implementation in Canvas. Reported by Google. - CVE-2026-7978: Inappropriate implementation in Companion. Reported by Google. - CVE-2026-7979: Inappropriate implementation in Media. Reported by Google - CVE-2026-7980: Use after free in WebAudio. Reported by Google. - CVE-2026-7981: Out of bounds read in Codecs. Reported by Google. - CVE-2026-7982: Uninitialized Use in WebCodecs. Reported by Google. - CVE-2026-7983: Out of bounds read in Dawn. Reported by Google. - CVE-2026-7984: Use after free in ReadingMode. Reported by Google. - CVE-2026-7985: Use after free in GPU. Reported by Google. - CVE-2026-7986: Insufficient policy enforcement in Autofill. Reported by Google. - CVE-2026-7987: Use after free in WebRTC. Reported by Google. - CVE-2026-7988: Type Confusion in WebRTC. Reported by Google. - CVE-2026-7989: Insufficient data validation in DataTransfer. Reported by Google. - CVE-2026-7990: Insufficient validation of untrusted input in Updater. Reported by Google. - CVE-2026-7991: Use after free in UI. Reported by Google. - CVE-2026-7992: Insufficient validation of untrusted input in UI. Reported by Google. - CVE-2026-7993: Insufficient validation of untrusted input in Payments. Reported by Google. - CVE-2026-7994: Inappropriate implementation in Chromoting. Reported by Google. - CVE-2026-7995: Out of bounds read in AdFilter. Reported by Google. - CVE-2026-7996: Insufficient validation of untrusted input in SSL. Reported by heesun. - CVE-2026-7997: Insufficient validation of untrusted input in Updater. Reported by ochkofficial. - CVE-2026-7998: Insufficient validation of untrusted input in Dialog. Reported by Tianyi Hu. - CVE-2026-7999: Inappropriate implementation in V8. Reported by Taisic Yun (@taisic) of Theori. - CVE-2026-8000: Insufficient validation of untrusted input in ChromeDriver. Reported by Ryan Jupp - HAAO. - CVE-2026-8001: Use after free in Printing. Reported by c6eed09fc8b174b0f3eebedcceb1e792. - CVE-2026-8002: Use after free in Audio. Reported by Google. - CVE-2026-8003: Insufficient validation of untrusted input in TabGroups. Reported by Google. - CVE-2026-8004: Insufficient policy enforcement in DevTools. Reported by Google. - CVE-2026-8005: Insufficient validation of untrusted input in Cast. Reported by Google. - CVE-2026-8006: Insufficient policy enforcement in DevTools. Reported by Google. - CVE-2026-8007: Insufficient validation of untrusted input in Cast. Reported by Google. - CVE-2026-8008: Inappropriate implementation in DevTools. Reported by Google. - CVE-2026-8009: Inappropriate implementation in Cast. Reported by Google. - CVE-2026-8010: Insufficient validation of untrusted input in SiteIsolation. Reported by Google. - CVE-2026-8011: Insufficient policy enforcement in Search. Reported by Google. - CVE-2026-8012: Inappropriate implementation in MHTML. Reported by Google - CVE-2026-8013: Insufficient validation of untrusted input in FedCM. Reported by Google. - CVE-2026-8014: Inappropriate implementation in Preload. Reported by Google. - CVE-2026-8015: Inappropriate implementation in Media. Reported by Google - CVE-2026-8016: Use after free in WebRTC. Reported by Google. - CVE-2026-8017: Side-channel information leakage in Media. Reported by Google. - CVE-2026-8018: Insufficient policy enforcement in DevTools. Reported by Google. - CVE-2026-8019: Insufficient policy enforcement in WebApp. Reported by Google. - CVE-2026-8020: Uninitialized Use in GPU. Reported by Google. - CVE-2026-8021: Script injection in UI. Reported by Google. - CVE-2026-8022: Inappropriate implementation in MHTML. Reported by Google * d/copyright: - drop gperf binary that upstream now includes. - update for dropping of "khronos" from opengl paths. * d/rules: - copy gperf binary from /usr/bin into build tree. - set webnn_use_litert=false. * d/clean: - update for harfbuzz-ng to harfbuzz rename. * d/patches: - upstream/Fix-GL-native-pixmap-import-support-reset-in-GpuInit.patch: drop, merged upstream. - disable/lint.patch: refresh. - trixie/nodejs-set-intersection.patch: refresh for file rename. - ungoogled/disable-ai.patch: sync from u-c. - trixie/gn-inputs.patch, trixie/gn-inputs2.patch: add patches to revert gn "inputs" usage, which isn't supported by our older generate-ninja package. - llvm-22/ignore-for-ubsan.patch: add another bit to remove the same unsupported compiler flag. - llvm-19/iota.patch: add build fix for missing std::ranges::iota(). - upstream/turboshaft.patch: add build fix pulled from (v8) upstream for value_or() type ambiguity. - trixie/revert-v8-sanitize.patch: add patch to revert v8 gn-related changes that cause the build to fail w/ older gn. - llvm-19/raw-ref-map-find.patch: add patch to work around older clang-19 std::map::find() limitation. - rust-1.85/jxl-features.patch: refresh for new version [trixie, bookworm]. - rust-1.85/jxl-simd-avx512.patch: refresh for new version, and also drop large portions of this patch that add unsafe{} to macro calls (since I already added an unsafe block in the macro definition). And mark more functions as unsafe [trixie, bookworm]. - trixie/adler1.patch: refresh [trixie, bookworm]. - trixie/rust-is-multiple-of.patch: refresh & move to rust-1.85/ directory [trixie, bookworm]. - rust-1.85/file_as_c_str.patch: add patch to work around lack of std::panic::file_as_c_str() [trixie, bookworm]. - rust-1.85/mojo-features.patch: add patch to enable some newer rust features in mojom parser [trixie, bookworm]. - rust-1.85/zip8.patch: add patch to enable some newer rust features in zip [trixie, bookworm]. - bookworm/constexpr.patch: refresh for moved file [bookworm]. - bookworm/dav1d-drop-hdr.patch: refresh [bookworm]. - bookworm/eslint.patch: drop, no longer needed [bookworm]. - ungoogled/remove-navigation-source-param.patch: add patch from u-c to drop the "&source=chrome.ob" that shows up when you search for something via omnibox. . [ Timothy Pearson ] * d/patches/ppc64le: - third_party/0002-regenerate-xnn-buildgn.patch refresh for upstream changes - third_party/skia-vsx-instructions.patch: refresh for upstream changes - fixes/fix-different-data-layouts.patch: refresh for upstream changes . [ Jianfeng Liu ] * d/patches/loongarch64: - 0004-loong64-sandbox-sandbox-linux-Update-syscall-helpers.patch: Refresh for upstream changes - 0024-disable-BROTLI_MODEL-macro-for-some-targets.patch: Drop, merged upstream . [ Daniel Richard G. ] * d/patches/llvm-19/clang19.patch: Also drop -Wlifetime-safety-permissive flag from v8 build, as clang-19 (and 20) doesn't recognize it. cryptodatahub (1.2.0-1) unstable; urgency=medium . * New package, dependency of cryptolyzer (see #1136411) dasel (3.11.0-1) unstable; urgency=medium . * New upstream version 3.11.0. gimp-data-extras (1:2.0.4-0.2) unstable; urgency=medium . * Non-maintainer upload * Add Recommends & Enchances: gimp * Release to unstable . gimp-data-extras (1:2.0.4-0.1) experimental; urgency=medium . * Non-maintainer upload * New upstream release * Cherry-pick several commits since last release * Build for gimp 3 (Closes: #1089608) * Add Build-Depends: intltool * Don't install the new py-slice plugin to keep this package arch-indepenent for now * Add debian/gbp.conf, debian/upstream/metadata, and debian/watch * Import packaging to Salsa under the Debian Team * Bump debhelper compat to 13 * Bump Standards Version to 4.7.0 gimp-data-extras (1:2.0.4-0.1) experimental; urgency=medium . * Non-maintainer upload * New upstream release * Cherry-pick several commits since last release * Build for gimp 3 (Closes: #1089608) * Add Build-Depends: intltool * Don't install the new py-slice plugin to keep this package arch-indepenent for now * Add debian/gbp.conf, debian/upstream/metadata, and debian/watch * Import packaging to Salsa under the Debian Team * Bump debhelper compat to 13 * Bump Standards Version to 4.7.0 gimp-data-extras (1:2.0.2-1.1) unstable; urgency=medium . * Non maintainer upload by the Reproducible Builds team. * No source change upload to rebuild on buildd with .buildinfo files. gimp-data-extras (1:2.0.2-1) unstable; urgency=low . * New release removes "found art" brushes due to dubious licensing. * Improved package description. (Closes: #452101) * Improved copyright file. gimp-data-extras (1:2.0.1-3) unstable; urgency=low * Whoops, forgot to change the maintainer. gimp-data-extras (1:2.0.1-2) unstable; urgency=low * Don't call dh_python (Closes: #280361) * versioned build-dep on debhelper gimp-data-extras (1:2.0.1-1) unstable; urgency=low * Adopted package, with Ben's permission * New upstream release * Update standards-version to 3.6.1 * echo 4 > debian/compat * Create new debian/rules from debhelper template golang-github-go-viper-mapstructure (2.5.0-2) unstable; urgency=medium . * Bump Standards-Version to 4.7.4. * Switch to debian/watch format version 5. * Remove --buildsystem=golang implicit since dh 13.4. gtk4 (4.22.4+ds-1) unstable; urgency=medium . * New upstream release * d/patches: Refresh patch series, dropping patches that were applied upstream * d/p/demos-Make-build-reproducible.patch: Add a patch from 4.23.0 to make the demos build more reproducibly * d/gbp.conf: Use upstream/4.22.x git branch * d/watch: Convert to v5 format hkl (5.1.9-1) unstable; urgency=medium . * New upstream version 5.1.9 hyprland (0.55.2+ds-1) unstable; urgency=medium . * New upstream version 0.55.2+ds hyprland (0.55.1+ds-1) unstable; urgency=medium . * New upstream version 0.55.1+ds * Refresh patches * Update hyprland-dev dependencies * Patch hyprland.pc requires to include lua hyprland-plugins (0.55.0-1) unstable; urgency=medium . * New upstream version 0.55.0 * Drop upstreamed patches * Drop plugin packages that are no longer shipped hyprexpo, hyprscrolling, hyprtrails, hyprwinwrap, and xtra-dispatchers are no longer part of hyprland-plugins. * Bump hyprland-dev build-dep to 0.55 hyprwire (0.3.1-3) unstable; urgency=medium . * d/patches: ensure pending data is read * d/control: - append Uploaders - bump S-V to 4.7.4, remove Priority: optional hyprwire (0.3.1-2) unstable; urgency=medium . * Update autopkgtests and fix error on ppc64el libequihash (1.0.10-3) unstable; urgency=low . * d/control: drop "Rules-Requires-Root: no": default as of dpkg-dev 1.22.13. * d/control: drop "Pre-Depends: ${misc:Pre-Depends}, build-essential, libsodium23 (>= 1.0.18)" from libequihash0, thanks Adrian Bunk. Closes: #1136706 * d/patches/{makefile.patch,series}: added: honor CPPFLAGS and LDFLAGS, fixing Debian blhc error 'missing -D_FORTIFY_SOURCE=2'. mozjs140 (140.11.0-1) unstable; urgency=high . * New upstream release - CVE-2026-7322: Memory safety bugs fixed in Firefox ESR 140.10.1 - CVE-2026-7323: Memory safety bugs fixed in Firefox ESR 140.10.1 - CVE-2026-8391: Other issue in the JavaScript Engine component - CVE-2026-8388: Incorrect boundary conditions in the JavaScript Engine: JIT component - CVE-2026-8974: Memory safety bugs fixed in Firefox ESR 140.11 node-tapable (2.3.3-1) unstable; urgency=medium . * Team upload * Declare compliance with policy 4.7.4 * Drop "Rules-Requires-Root: no" * Drop "Priority: optional" * debian/watch version 5 * New upstream version 2.3.3 * Refresh patches open-font-design-toolkit (1.10) unstable; urgency=medium . * Team upload. * Drop gwaterfall from Depends. (Closes: #1125018) open-font-design-toolkit (1.9) unstable; urgency=high . * Team upload. * Drop gozer from Depends since it is unmaintained. open-font-design-toolkit (1.8) unstable; urgency=high . * Team upload. * debian/control: + Bump Standards-Version to 4.4.1. + Bump debhelper compat to v12. - Drop dependency on fontypython. (Closes: #946769) - Replace dependency on python-fontforge with recommendation of python3-fontforge. (Closes: #945386) * debian/compat: Removed. * debian/README.Debian: Use secure URIs. * debian/copyright: Use Debian Wiki homepage for source field. open-font-design-toolkit (1.7) unstable; urgency=medium . * Team upload. * Move VCS to salsa.debian.org * Drop gnome-specimen from Depends since it is being removed from Debian. * Only recommend installing one VCS (git or svn or bzr). Drop other recommends. * Bump Standards-Version to 4.1.3 * Bump debhelper compat to 11 * Use 1.0 format for debian/copyright open-font-design-toolkit (1.6+nmu1) unstable; urgency=medium . * Non-maintainer upload. * Merge changes from 1.5.1 upload, which got dropped accidentally in the 1.6 upload (Closes: #857396) open-font-design-toolkit (1.6) unstable; urgency=medium . * Team upload. * debian/control - drop fontforge-doc from Depends since now fontforge itself contains documents. open-font-design-toolkit (1.5.1) unstable; urgency=medium . * The aim is to make this package suitable for jessie * debian/control - Remove dependency on currently unmaintained package cl-zpb-ttf - Move RC buggy fontmatrix to Recommends - set "Standards-Version: 3.9.6" (no change) open-font-design-toolkit (1.5) unstable; urgency=medium . * Team upload. * debian/control - set "Standards-Version: 3.9.5" - move Vcs-* from subversion to git - fix "hardcoded depends on shared libraries" (Closes: #731922) + drop unnecessary dependency, libsipro0, libfreetype6, libjpeg8, libgif4, libuninameslist0 and libtiff5 + switch dependency from libotf0 to libotf-bin + once drop liblais0 - update debhelper version to 9 * debian/compat - set 9 open-font-design-toolkit (1.4) unstable; urgency=low . * Team upload * Drop Recommends on bzr-dbus. Closes: #726605 open-font-design-toolkit (1.3) unstable; urgency=low . * Team upload * No longer include bzr-gtk in the design toolkit. Closes: #722532 * Update Standards to 3.9.4 (checked) open-font-design-toolkit (1.2) unstable; urgency=low * typo in README.debian, Closes: #532931 * debian/control: Don't use giflib transitional packages anymore, Closes: #540531 * debian/control: Update Standards to 3.9.3 change section to metapackages so that individual apps can be uninstalled without uninstalling ofdt * debian/control: depend on grcompiler open-font-design-toolkit (1.1) unstable; urgency=low * Team upload [ Nicolas Spalinger ] * Switch to debhelper v7 * Use a minimal debian/rules file * Switch to 3.0 (quilt) source format * Add ${misc:Depends} to dependencies to properly cope with debhelper-triggerred dependencies * Update Standards to 3.9.2 (checked) [ Christian Perrier ] * Depend on libjepg8 instread of libjpeg62. Closes: #648501 * Make this package a native package. There is no upstream. * Improve package description openttd-opengfx (7.1-3) unstable; urgency=medium . * [ebd9053] Do not fail if common-licenses/GPL-2 differs (Closes: #1106433) openttd-opengfx (7.1-2) unstable; urgency=medium . * [8ab065c] Fix building source package after binary build. (Closes: #1047525) * [63b97c8] Backport patch to fix build with GIMP3. Thanks to James Addison for the investigation and fix (Closes: #1090256) * [07c82e9] Update required NML version to 0.5.0 * [d986198] Bump standards version to 4.7.2 (no changes required) openttd-opengfx (7.1-1) unstable; urgency=medium . * [a27034b] Update watch file * [d2bc84d] Bump standards version to 4.6.0 (no changes required) * [4b07af7] Add upstream metadata * [3a4714f] New upstream release 7.1 * [32090a7] Revert "Add patch to fix documentation filenames" * [a5618ad] Remove broken-symlink lintian override openttd-opengfx (0.6.0-1) unstable; urgency=medium . * [66ea205] New upstream release 0.6.0 * [29e237a] Bump debhelper version to v13 * [54ea987] Bump standards version to 4.5.0 (no changes required) * [c02bfbb] Set Rules-Requires-Root: no for building * [02382db] Update watch file * [839f330] Add patch to fix documentation filenames * [0e5588b] No longer check resulting grfids during build openttd-opengfx (0.5.5-1) unstable; urgency=medium . * [8cd58df] New upstream release 0.5.5 * [4222702] Support DEB_BUILD_OPTIONS=terse * [e03f695] Bump standards version to 4.3.0 * [fecd86e] Update upstream urls to Github * [cf2adc6] Prevent GIMP from trying to write thumbnails openttd-opengfx (0.5.4-2) unstable; urgency=medium . * [1f3c254] Bump debhelper version to v11 * [6fbd713] Bump standards version to 4.1.4 * [43960c7] Convert Priority: extra to optional * [71adcda] Mark as Multi-arch: foreign * [45487e7] Respect nocheck in DEB_BUILD_OPTIONS * [688989a] Use python3 instead of python during the build (Closes: #897544) * [0908f53] Add build dependency on python3 openttd-opengfx (0.5.4-1) unstable; urgency=medium . * [c6d97c8] New upstream release 0.5.4. openttd-opengfx (0.5.3-1) unstable; urgency=medium . * [7ee9c82] New upstream release 0.5.3. openttd-opengfx (0.5.1-2) unstable; urgency=medium . * [8960e28] Bump Standards-Version to 3.9.6, no changes required. * [0b69091] Install into /usr/share/games/openttd/baseset. * [db7b301] Reverse direction of readme and changelog symlinks. openttd-opengfx (0.5.1-1) unstable; urgency=medium . * [8c443ad] New upstream release 0.5.1. * [cd7ec8b] Depend on grfcodec * [9978dc6] Bump Standards-Version to 3.9.5, no changes required. * [e4da992] Use canonical Vcs urls (on anonscm.debian.org). * [cd20286] Remove fix-distclean.patch * [7da3d3b] Update debian/rules to upstream Makefile changes * [08f1151] Bump nml build-depend to >= 0.3.0. * [5f716d2] Add lintian override for license symlink. openttd-opengfx (0.4.7-1) unstable; urgency=low . * [5c33920] New upstream release 0.4.7. (Closes: #713782) * [ebd67e7] Make the build verbose openttd-opengfx (0.4.6.1-1) unstable; urgency=low . * [876b659] New upstream release 0.4.6.1. * [c896279] Update watch file, upstream changed download urls. * [8ad321b] Bump Standards-Version to 3.9.4, no changes required. openttd-opengfx (0.4.4-1) unstable; urgency=low * [e652da2] New upstream release 0.4.4. * [a621db2] Upstream switched from nforenum/grfcodec to nml for building. * [cc8b1e1] Force rebuilding all png files for which gimp "source" files are available. * [3481ff6] Enable parallel building (not supported yet by upstream, though). * [48bd760] Bump Standards-Version to 3.9.3, no changes required. * [c22e8bf] Update copyright file to use the new copyright-format-1.0. openttd-opengfx (0.3.7-1) unstable; urgency=low * [b03894c] New upstream release 0.3.7. * [7604f59] Build-depend on grfcodec >= 5.1.2. openttd-opengfx (0.3.6-1) unstable; urgency=low * [10e3bbf] New upstream release 0.3.6. (Closes: #644434) Note that 0.3.7 is already released at this time, but it requires an (as of yet) unreleased version of nforenum, so 0.3.7 will not be packaged yet. openttd-opengfx (0.3.5-1) unstable; urgency=low * [a1f3136] New upstream release 0.3.5. * [ccf0015] Reword description to comply with the policy. openttd-opengfx (0.3.4-1) unstable; urgency=low * [2aed91a] New upstream release 0.3.4. * [c77a003] Drop build-dependency on nforenum, it is included in grfcodec now. * [98234fd] Bump Standards-Version to 3.9.2, no changes required. * [08b3bd9] Update watch file to new download location. openttd-opengfx (0.2.4-1) unstable; urgency=low * [a68e6b1] New upstream release 0.2.4. openttd-opengfx (0.2.3-1) unstable; urgency=low * [0c1f44c] New upstream release 0.2.3. * [4c16724] Remove all patches, all issues have been fixed upstream. * [3c17006] Enable md5 sum checking after build. openttd-opengfx (0.2.1-1) unstable; urgency=low * Initial release (Closes: #567626) pyodbc (5.3.0-2) unstable; urgency=medium . * Team upload. . [ Pavel Shramov ] * Run SQLite tests. . [ Colin Watson ] * X-Style: black. * Switch to autopkgtest-pkg-pybuild. * debian/copyright: Remove old FSF postal address. * Drop "Priority: optional", default as of dpkg-dev 1.22.13. * Standards-Version: 4.7.4. python-mrcfile (1.5.4-4) unstable; urgency=medium . * Bug fix: "autopkgtest regression with NumPy 2.4", thanks to roehling@debian.org (Closes: #1131075). python-parsl (2026.05.18+ds-1) unstable; urgency=medium . * New upstream version 2026.05.18+ds python-parsl (2026.05.04+ds-1) unstable; urgency=medium . * New upstream version 2026.05.04+ds python-parsl (2026.04.27+ds-1) unstable; urgency=medium . * New upstream version 2026.04.27+ds python-tavalidate (0.0.6-1) unstable; urgency=medium . * Initial release. (Closes: #1136814) rust-select (0.6.0+dfsg-2) unstable; urgency=medium . * Team upload. * Package select 0.6.0 from crates.io using debcargo 2.8.2 * Relax dependencies on html5ever and markup5ever_rcdom. rust-select (0.6.0+dfsg-1) unstable; urgency=medium . * Team upload. * Package select 0.6.0 from crates.io using debcargo 2.8.2 * Relax deps for html5ever transition rust-toml-parser (1.1.2-2) unstable; urgency=medium . * Team upload. * Package toml_parser 1.1.2+spec-1.1.0 from crates.io using debcargo 2.8.2 * Upload to unstable. rust-toml-parser (1.1.2-1) experimental; urgency=medium . * Team upload. * Package toml_parser 1.1.2+spec-1.1.0 from crates.io using debcargo 2.8.2 * Relax dependencies on anstream, winnow and snapbox. rust-toml-writer (1.1.1-2) unstable; urgency=medium . * Team upload. * Package toml_writer 1.1.1+spec-1.1.0 from crates.io using debcargo 2.8.2 * Upload to unstable. rust-toml-writer (1.1.1-1) experimental; urgency=medium . * Team upload. * Package toml_writer 1.1.1+spec-1.1.0 from crates.io using debcargo 2.8.2 * Stop patching proptest dependency. * Relax snapbox dependency. seirsplus (1.1.0-1) unstable; urgency=medium . * Team upload. * Point watch file to Github to fetch latest upstream version * New upstream version * Build-Depends: s/dh-python/dh-sequence-python3/ (routine-update) * Fix Python3.12 string syntax Closes: #1087079 * Fix test suite with NumPy 2.4 Closes: #1131083 * cme fix dpkg-control * d/watch: version=5 * Permit failure of blhc in Salsa CI slidge (0.3.11-2) unstable; urgency=medium . * Team upload. * Use dh-cruft to register & purge volatile files in /var slidge (0.3.11-1) unstable; urgency=medium . * New upstream version * Drop obsolete use-old-jid-check.patch * Add patch to expect some failing tests sox-ng (14.7.1.2+ds1-1) unstable; urgency=medium . * New upstream version 14.7.1.2+ds1 * debian/rules: Disable sndio (Closes: #1135613) * debian/control: Bump Standards-Version sphinx-theme-builder (0.3.2-1) unstable; urgency=medium . * Team upload. * Tweak click-8.2.patch: avoid undefined "Tuple" * Patch-out not yet packaged python3-diagnostic * Drop "Rules-Requires-Root: no": this is the default now * Bump Standards-Version to 4.7.4, drop Priority: tag . [ Bo YU ] * Use debian-watch v5 * New upstream version 0.3.2 (Closes: #1123351) sphinx-theme-builder (0.2.0b2-5) unstable; urgency=medium . * Team upload. * Add the click-8.2 patch to fix the test suite. Closes: #1098629 sphinx-theme-builder (0.2.0b2-4) unstable; urgency=medium . * Team upload. * Do not generate a runtime dependency on python3-pkg-resources. sphinx-theme-builder (0.2.0b2-3) unstable; urgency=medium . * Remove python3-packaging on B-D. (Closes: #1083780) * Bump std-ver to 4.7.0 sphinx-theme-builder (0.2.0b2-2) unstable; urgency=medium . * Source-only upload. sphinx-theme-builder (0.2.0b2-1) unstable; urgency=low . * Initial release. (Closes: #1015231) starlette (1.0.0-1) unstable; urgency=medium . [ Matheus Polkorny ] * New upstream version 1.0.0 * d/control: Drop redundant Priority field * d/copyright: Add myself in debian/* . [ Piotr Ożarowski ] * Add Matheus Polkorny to Uploaders, move team to Maintainer REMOVED: ruby-mdl 0.15.0-2 REMOVED: ruby-chef-config 16.12.3-4 REMOVED: ruby-chef-utils 16.12.3-3 REMOVED: ohai 18.1.3-2.1 REMOVED: r-cran-modelmetrics 1.2.2.2-1 REMOVED: puppet-strings 4.1.3-2 REMOVED: ruby-mixlib-shellout 3.2.5-2 REMOVED: fonts-f500 1.0-12 REMOVED: ruby-train 3.16.2-1 REMOVED: geeqie 1:2.7-2 REMOVED: coturn 4.6.1-2