breezy (3.3.11-1) unstable; urgency=medium . * New upstream release. + Drops static tuple support. Closes: #1099121 + Fixes timezone handling regression. Closes: #1100836 developers-reference (13.19) unstable; urgency=medium . [ Otto Kekäläinen ] * Add git-buildpackage commands everyone should be aware of. . [ Holger Levsen ] * Update all .po files for changed strings in the English original. * Add debian/salsa-ci.yml to configure+use that pipeline. icu (76.1-4) unstable; urgency=high . * Backport fix for ICU-22973: fix buffer overflow by using CharString; remedy for CVE-2025-5222 (closes: #1106684). lazarus (4.0+dfsg-3) unstable; urgency=medium . * Upload to unstable. lazarus (4.0+dfsg-2) experimental; urgency=medium . * Add Recommends: lazarus{} to lazarus-ide{} Closes: #1104749 * Fix spelling in patch header libcache-fastmmap-perl (1.58-1) unstable; urgency=medium . * Import upstream version 1.58. * Declare compliance with Debian Policy 4.7.2. * Update years of packaging copyright. libmonitoring-livestatus-perl (0.86-1) unstable; urgency=medium . * Team upload. * Move from experimental to unstable. libmonitoring-livestatus-perl (0.86-1~exp1) experimental; urgency=medium . * Team upload. * New upstream release. (closes: #1105067) * Bump Standards-Version to 4.7.2, no changes. lomiri-camera-app (4.0.8+dfsg-4) unstable; urgency=medium . * debian/patches: + Add 0002_fix-image-quality-on-app-startup.patch. Correctly initialize image resolution on app startup. (Closes: #1105112). + Add 0003_fix-spelling-of-background-color-in-AdvancedOptions-qml.patch. AdvancedOptions.qml: Fix typo in theme palette name. (Closes: #1106850). + Add 0004_Save-orientation-when-erasing-metadata.patch. Fix privacy mode (where no EXIF data is stored in images): Save orientation data also in privacy mode. (Closes: #1106849). + Add 0005_add-left-margin-between-icon-and-label-in-options-selector.patch. Minor UI icon fix for options selector. lomiri-camera-app (4.0.8+dfsg-3) unstable; urgency=medium . * debian/patches: + Add 0001_fix-recorded-video-size.patch. Fix initialization of video resolution. (Closes: #1104908) * debian/control: + Drop from D: qml-module-qzxing. The qzxing library does not provide a full QQmlEngineExtensionPlugin, it simply provides QQuickImageProvider. Trying to import the QML module will fail. This goes together with the removal of the qml-module-qzxing bin:pkg from src:pkg qzxing. (Closes: #1092953). + Switch from pkg-config => pkgconf. Thanks, lintian. lomiri-camera-app (4.0.8+dfsg-2) unstable; urgency=medium . * debian/patches: + Update 2002_hide-app-if-not-in-lomiri.patch. Include barcode reader app. lomiri-camera-app (4.0.8+dfsg-1) unstable; urgency=medium . * New upstream release. * debian/patches: + Add 2002_hide-app-if-not-in-lomiri.patch. + Drop 1001_content-hub-for-non-click-builds.patch. Applied upstream. * debian/control: + Bump Standards-Version: to 4.7.2. No changes needed. * debian/copyright: + Fix FSF mailing address. + Update copyright attributions. meta-phosh (46.1) unstable; urgency=medium . * phosh-full: Depend on xwayland. It comes in via phoc anyway but this ensures a full blown installation has it. * Check wrap-and-sort in CI nginx (1.26.3-3) unstable; urgency=medium . [ Jan Mojžíš ] * d/changelog: fix whitespace in 1.26.3-2 record * d/control: add libnginx-mod-http-lua dependency for nginx-extras package for riscv64 platform . [ Thomas Ward ] * d/nginx-common.nginx.service: Add ConditionFileIsExecutable to SystemD service file, prevents starting of service if nginx is not installed (which can happen if nginx-common is installed independently from `nginx` itself (Closes: #1098477) pyqt6 (6.9.0-2) unstable; urgency=medium . * Specify base class for enums in qlocale.sip (closes: #1088101). - Bump python3-sipbuild build-dependency to 6.10.0-2~ to make it work. python-flask-cors (6.0.0-1) unstable; urgency=medium . * Team upload. * New upstream version 6.0.0 Fixed CVE issues in upstream version 6.0.0: CVE-2024-6839: Flask-CORS improper regex path matching vulnerability CVE-2024-6844: Flask-CORS allows for inconsistent CORS matching CVE-2024-6866: Flask-CORS vulnerable to Improper Handling of Case Sensitivity (Closes: #1100988) qzxing (3.3.0+dfsg-7) unstable; urgency=medium . * debian/patches: + Update 1001_build-as-shared-lib.patch. Drop files related to to-be-removed qml-module-qzxing bin:pkg. + Rebase 1002_cmake-pkg-config-export.patch. * debian/: + Drop bin:pkg qml-module-qzxing. Not needed, and in fact breaking consumers of the qzxing library when using it as QQuickImageProvider. (See: #1092953) and upload of lomiri-camera-app 4.0.8+dfsg-3. * debian/control: + Assure uninstallation of bin:pkg qml-module-qzxing from previous versions of qzxing. The formerly shipped QML module breaks consumers of qzxing when used as QQuickImageProvider in QML applications. + Bump Standards-Version: to 4.7.2. No changes needed. * debian/copyright: + Update copyright attributions for debian/. rust-libphosh (0.0.6-4) unstable; urgency=medium . * libphosh: add versioned dep on pango-0.18 This is required due to updated generated bindings in this version, which is currently in unstable. rust-libphosh (0.0.6-3) unstable; urgency=medium . * libphosh: add versioned dependency on -sys package `libphosh` and `libphosh-sys` must migrate in lockstep due to updated generated bindings in the latter. Make this explicit by adding a versioned dependency to the former package. (Closes: #1104596) rust-libphosh (0.0.6-2) unstable; urgency=medium . * Package libphosh 0.0.6 from crates.io using debcargo 2.7.8 (Closes: #1101625) rust-libphosh-sys (0.0.6-4) unstable; urgency=medium . * libphosh-sys: break old libphosh Due to changes in the generated bindings, this package cannot be used along with the older versions of libphosh. In order to fix that, add a `Breaks:` relationship so this can only be used with recent versions of libphosh. rust-libphosh-sys (0.0.6-3) unstable; urgency=medium . * libphosh-sys: add versioned dependency on pango-sys-0.18 As the latest `pango-sys-0.18` provides updated bindings, we need to ensure we depend on (at least) this package version in order to allow for testing migration. rust-libphosh-sys (0.0.6-2) unstable; urgency=medium . * Package libphosh-sys 0.0.6 from crates.io using debcargo 2.7.8 rust-pango-0.18 (0.18.3-3) unstable; urgency=medium . * d/control: add versioned dependency on -sys package. This is meant to ensure testing migration can happen by testing it only with the relevant version. rust-pango-0.18 (0.18.3-2) unstable; urgency=medium . * debian: add missing features and fix build. We're now on v1.56 in Debian, let's ensure we have all needed features. Moreover, `GlyphString` now requires the `Uninitialized` trait, so we must declare it. (Closes: #1101607) rust-zram-generator (1.2.1-2) unstable; urgency=medium . * zram-generator: conditionally remove old config file `/etc/systemd/zram-generator.conf` is still a valid config file that can be used by the user to override default settings. It is currently removed on each package upgrade, while this should only be the case when upgrading from a version prior to 1.1.2-5. (Closes: #1089203) secure-delete (3.1-12) unstable; urgency=medium . * new patch to modify Makefile, in order to ensure the build of sdel-lib.o even when make is run with --shuffle=reverse. Closes: #1105616 sip6 (6.10.0-2) unstable; urgency=medium . * Backport upstream patch to support enum base types (refs: #1088101). tango (10.0.2+dfsg1-2) unstable; urgency=low . * Team upload. * Added po-debconf Catalan translation. Thanks to Carles Pina i Estany. webkit2gtk (2.48.3-1) unstable; urgency=high . * New upstream release (Closes: #1106164). * debian/patches/disable-nvidia-dmabuf.patch: - Check that GL_VENDOR is set (Closes: #1106454). webkit2gtk (2.48.2-1) unstable; urgency=high . * New upstream release. * The WebKitGTK security advisory WSA-2025-0004 lists the following security fixes in the latest versions of WebKitGTK: - CVE-2023-42875, CVE-2023-42970 (fixed in 2.42.0). - CVE-2025-24223, CVE-2025-31204, CVE-2025-31205, CVE-2025-31206, CVE-2025-31215, CVE-2025-31257 (fixed in 2.48.2). * Drop fix-typo-denormaldisabler.patch. * debian/rules: - Stop building with HAVE_DENORMAL=0 on armel, WebKit bug #290994 has been fixed in this release. * debian/copyright: - Update copyright information of all files. webpy (1:0.62-6) unstable; urgency=medium . * Team upload. * d/patches/CVE-2025-3818.patch: Add patch from usptream to fix CVE-2025-3818. * d/tests/autopkgtest-pkg-python.conf: Add import_name to avoid break autodep8. wpewebkit (2.48.3-1) unstable; urgency=high . * New upstream release. - This fixes a crash in Skia, see #1106164. wpewebkit (2.48.2-1) unstable; urgency=high . * New upstream release. * The WPE WebKit security advisory WSA-2025-0004 lists the following security fixes in the latest versions of WPE WebKit: - CVE-2023-42875, CVE-2023-42970 (fixed in 2.42.0). - CVE-2025-24223, CVE-2025-31204, CVE-2025-31205, CVE-2025-31206, CVE-2025-31215, CVE-2025-31257 (fixed in 2.48.2). * debian/rules: - Stop building with HAVE_DENORMAL=0 on armel, WebKit bug #290994 has been fixed in this release. REMOVED: hyprland-protocols 0.4.0-1 REMOVED: hyprland 0.41.2+ds-1.3 REMOVED: hyprutils 0.1.5-1 REMOVED: libhyprcursor 0.1.9-1 REMOVED: hyprwayland-scanner 0.4.2-1 REMOVED: xdg-desktop-portal-hyprland 1.3.8-3 REMOVED: hyprlang 0.5.2-1