chromium-browser (57.0.2987.133-1) unstable; urgency=medium . * New upstream security update. - CVE-2017-5055: Use after free in printing. Credit to Wadih Matar - CVE-2017-5054: Heap buffer overflow in V8. Credit to Nicolas Trippar - CVE-2017-5052: Bad cast in Blink. Credit to JeongHoon Shin - CVE-2017-5056: Use after free in Blink. Credit to anonymous - CVE-2017-5053: Out of bounds memory access in V8. Credit to Team Sniper distro-info-data (0.35) unstable; urgency=medium . * Correct Ubuntu Zesty release date. distro-info-data (0.34) unstable; urgency=medium . * Add Ubuntu 17.10, Artful Aardvark. dune-istl (2.5.0-2) unstable; urgency=medium . * Use correct type for second template argument of `std::array`. (Closes: #860666) + patch: 0001-Merge-branch-bugfix-build-failure-on-i386-into-maste.patch dune-localfunctions (2.5.0-2) unstable; urgency=medium . * Increase ε used for comparisons. (Closes: #860641) + patch: 0001-Merge-branch-bugfix-increase-epsilon-for-i386-into-m.patch exim4 (4.89-2) unstable; urgency=medium . * Revert addition of header "# pidfile: /var/run/exim4/exim.pid" to initscript (#844178). It breaks when the initscript does not start a daemon but only runs update-exim4.conf. (inetd or QUEUERUNNER='nodaemon'). Closes: #860317 * When reporting bugs also attach /etc/default/exim4 by default. g2clib (1.6.0-7) unstable; urgency=medium . * Fix invalid dir in grib2c.pc. Closes: #860277. Thanks to Chris Lamb * Change Libs.private: link against libopenjp2 not libjasper gcc-6 (6.3.0-14) unstable; urgency=medium . * Re-upload as -14 to undo the reproducible builds upload. gcc-6 (6.3.0-13.0~reproducible1) unstable; urgency=medium . * Non-maintainer upload. * Support BUILD_PATH_PREFIX_MAP. * Patch gcc-6_BPPM.patch:1d712db5 applied by debpatch(1). gcc-6 (6.3.0-13) unstable; urgency=medium . * Update to SVN 20170415 (r246940) from the gcc-6-branch. - Fix PR target/45053 (PPC), PR target/80376 (PPC), PR target/80315 (PPC), PR ipa/77333, PR target/78002 (AArch64), PR target/79733 (x86), PR target/80298 (x86), PR c++/80150, PR c++/77563, PR c++/79519, PR c++/79640, PR c++/80043, PR c++/78282, PR c++/79607, PR c++/79566, PR c++/79580, PR c++/79508, PR c++/79050, PR c++/79461. * Fix PR go/77857, gccgo vendoring. Taken from the trunk. Closes: #839598. * libstdc++6: add Breaks: libopencv-core2.4. Closes: #859914. gnome-paint (0.4.0-5) unstable; urgency=medium . * Sponsored upload. * d/control: Add myself into uploaders list. * d/control: Bump Standards Version to 3.9.8. * d/control: Use secure URI for homepage. * d/control: Add Vcs-Git and Vcs-Browser. * control,rules: Use dh-autoreconf instead of autotools-dev. (Closes: #727874) * d/patches: Add patch to enable deprecated gdk functions. (Closes: #860233) llvm-toolchain-3.7 (1:3.7.1-5) unstable; urgency=medium . * Only enable -gsplit-dwarf for armhf. Caused some illegal instructions on arm64 llvm-toolchain-3.7 (1:3.7.1-4) unstable; urgency=medium . * Upload to unstable Seems that the arm64 issue is experimental only llvm-toolchain-3.7 (1:3.7.1-4~exp2) experimental; urgency=medium . * Add -gsplit-dwarf to the CXXFLAGS to be able to link on armhf llvm-toolchain-3.7 (1:3.7.1-4~exp1) experimental; urgency=medium . * Disable clang, lldb, polly and compiler-rt to keep only LLVM for ghc. Please use llvm-toolchain-3.{8,9} for anything else. * Only build on arm* as ghc only uses it on these archs node-grunt-contrib-copy (1.0.0-2) unstable; urgency=medium . * add Testsuite: autopkgtest entry in source stanza * run built-time tests with run_tests script * run autopkgtests with run_tests script (Closes: #860634) pymoc (0.4.2-1) unstable; urgency=low . * Import upstream bugfix release (0.4.2) + Fix large FITS import on 32-bit architectures (Closes: #860629) qemu (1:2.8+dfsg-4) unstable; urgency=high . * usb-ohci-limit-the-number-of-link-eds-CVE-2017-6505.patch Closes: #856969, CVE-2017-6505 * linux-user-fix-apt-get-update-on-linux-user-hppa.patch Closes: #846084 * update to 2.8.1 upstream stable/bugfix release (v2.8.1.diff from upstream, except of seabios blob bits). Closes: #857744, CVE-2016-9603 Patches dropped because they're included in 2.8.1 release: 9pfs-symlink-attack-fixes-CVE-2016-9602.patch char-fix-ctrl-a-b-not-working.patch cirrus-add-blit_is_unsafe-to-cirrus_bitblt_cputovideo-CVE-2017-2620.patch cirrus-fix-oob-access-issue-CVE-2017-2615.patch cirrus-ignore-source-pitch-as-needed-in-blit_is_unsafe.patch linux-user-fix-s390x-safe-syscall-for-z900.patch nbd_client-fix-drop_sync-CVE-2017-2630.patch s390x-use-qemu-cpu-model-in-user-mode.patch sd-sdhci-check-data-length-during-dma_memory_read-CVE-2017-5667.patch virtio-crypto-fix-possible-integer-and-heap-overflow-CVE-2017-5931.patch vmxnet3-fix-memory-corruption-on-vlan-header-stripping-CVE-2017-6058.patch * bump seabios dependency to 1.10.2 due to ahci fix in 2.8.1 * 9pfs-fix-file-descriptor-leak-CVE-2017-7377.patch (Closes: #859854, CVE-2017-7377) * dma-rc4030-limit-interval-timer-reload-value-CVE-2016-8667.patch Closes: #840950, CVE-2016-8667 * make d/control un-writable to stop users from changing a generated file * two patches from upstream to fix user-mode network with IPv6 slirp-make-RA-build-more-flexible.patch slirp-send-RDNSS-in-RA-only-if-host-has-an-IPv6-DNS.patch (Closes: #844566) ruby-net-ldap (0.12.1-2) unstable; urgency=medium . * Team upload. * Apply patch to actually mock TCPSocket in the connection failure test (Closes: #860602) tau (2.17.3.1.dfsg-4.2) unstable; urgency=medium . * Non-maintainer upload. * Remove incorrect /usr/share/doc/tau-examples/examples/python symlink from tau-examples, thanks to Andreas Beckmann for reporting. (Closes: #858475) tomcat8 (8.5.12-1) unstable; urgency=medium . * Team upload. * New upstream release - Refreshed the patches zimlib (1.4-2.1) unstable; urgency=medium . * Non-maintainer upload. * Clean up symbols file, thanks James Clarke. (Closes: #860625)