beignet (1.3.0-2) unstable; urgency=medium . * Statically link to LLVM to allow installation together with mesa-opencl-icd (workaround for #852746). * Disable OpenCL 2.0 on i386, as it is likely to crash. (Closes: #855651) * Add missing build-dependencies on x32 to fix FTBFS. * Fix broken link in documentation. debian-reference (2.65) unstable; urgency=medium . * Update Chinese and other translations. * Add Spanish as an additional translation. * Update build script to RELEASE_STATE := stable. diffoscope (78) unstable; urgency=medium . [ Brett Smith ] * comparators.json: + Catch bad JSON errors on Python pre-3.5. Closes: #855233 . [ Chris Lamb ] * tests: + Move normalize_zeros to more generic `utils.data` module. + Fix tests that call xxd fail on jessie due to output change. Closes: #855239 . [ Ed Maste ] * comparators.directory: + Assume BSD-style stat(1) on FreeBSD. Closes: #855169 forensics-extra (1.7) unstable; urgency=medium . * debian/control: moved wifite, affected by pyrit (see previous changelog), to Recommends field in forensics-extra package. forensics-extra (1.6) unstable; urgency=medium . * debian/control: moved pyrit to Recommends field, in forensics-extra package, because it is not building over i386 arch. See: https://lists.debian.org/debian-mentors/2017/02/msg00180.html gexiv2 (0.10.4-2) unstable; urgency=medium . * Add patch 0004-get_orientation-Fix-abort-on-Minolta-meta-data.patch. Fixes an assertion when processing metadata from a not-rotated image from Minolta cameras. (Closes: #856101) gnome-photos (3.22.4-1) unstable; urgency=medium . * New upstream release. * Drop patches which have been merged upstream. graphite2 (1.3.9-4) unstable; urgency=medium . * add -ffloat-store to COMPILE_FLAGS; enable awami tests again gwave (20090213-6.1) unstable; urgency=medium . * Non-maintainer upload * Added make_stack.diff patch to remove use of scm_the_last_stack_fluid_var that was deprecated from guile in commit ec16eb7847895247be3438c25d2d27ce2e137b83 dated 19 Jun 2010. * Added std_menus.diff patch to replace gtk-menu-append and gtk-menu-bar-append with gtk-menu-shell-append, preventing the use of the append generic that is missing in guile-gnome. - Closes: #779990, LP: #1311839 libapache2-mod-auth-openidc (2.1.6-1) unstable; urgency=high . * New upstream version 2.1.6 "This is a security release: Those using AuthType oauth20 together with applications that interpret headers set by mod_auth_openidc on paths that disclose sensitive information are affected and should upgrade." libdbd-mysql-perl (4.041-2) unstable; urgency=medium . * Add regression-fix-float_type_conversion.patch to fix a regression in the conversion of floats which under some circumstances simply returned 0. Thanks to Brian May for the bug report, and Pali Rohár for backporting his fix to 4.041. (Closes: #856064) libice (2:1.0.9-2) unstable; urgency=medium . [ Julien Cristau ] * CVE-2017-2626: Use libbsd for arc4random. Closes: #856400. * Bump Standards-Version to 3.9.6, update Vcs-* control fields. . [ Emilio Pozuelo Monfort ] * Remove Drew from Uploaders. libnids (1.23-2.1) unstable; urgency=medium . * Non-maintainer upload. * Fix assembly of TCP streams on armhf by adding -fno-strict-aliasing. (Closes: #851060) * Fix use of "inline" with GCC >= 5 which causes undefined references in applications linked against libnids. (Closes: #855602) libprelude (1.0.0-11.9) unstable; urgency=medium . * Non-maintainer upload. * Backport upstream fix for FTBFS with recent SWIG. (Closes: #844897) * - Apply patch from Andreas Beckmann to factor out a libpreludecpp0 package. - Move HTML documentation from libprelude2 to libprelude-dev. (Closes: #797161) * Switch from -dbg to -dbgsym. * Remove generated bindings/lua/PreludeEasy.cxx when cleaning to allow building twice in a row. * Don't disable PIE. mesa (13.0.5-1) unstable; urgency=medium . * New upstream release. * Switch mesa3d.org URLs to https. * Update extend-diff-ignore. ntfs-3g (1:2016.2.22AR.1+dfsg-1) unstable; urgency=medium . * Repack source to have a DFSG free NTFS boot sector (closes: #808463) and update copyright accordingly. * Update watch file to mangle +dfsg from source version. python-mccabe (0.5.3-1) unstable; urgency=medium . * Team upload. * New upstream release qemu (1:2.8+dfsg-3) unstable; urgency=high . * urgency high due to security fixes . [ Michael Tokarev ] * serial-fix-memory-leak-in-serial-exit-CVE-2017-5579.patch Closes: #853002, CVE-2017-5579 * cirrus-ignore-source-pitch-as-needed-in-blit_is_unsafe.patch (needed for the next patch, CVE-2017-2620 fix) * cirrus-add-blit_is_unsafe-to-cirrus_bitblt_cputovideo-CVE-2017-2620.patch Closes: #855791, CVE-2017-2620 * nbd_client-fix-drop_sync-CVE-2017-2630.diff Closes: #855227, CVE-2017-2630 * sd-sdhci-check-transfer-mode-register-in-multi-block-CVE-2017-5987.patch Closes: #855159, CVE-2017-5987 * vmxnet3-fix-memory-corruption-on-vlan-header-stripping-CVE-2017-6058.patch Closes: #855616, CVE-2017-6058 * 3 CVE fixes from upstream for #853996: sd-sdhci-check-data-length-during-dma_memory_read-CVE-2017-5667.patch megasas-fix-guest-triggered-memory-leak-CVE-2017-5856.patch virtio-gpu-fix-resource-leak-in-virgl_cmd_resource-CVE-2017-5857.patch Closes: #853996, CVE-2017-5667, CVE-2017-5856, CVE-2017-5857 * usb-ccid-check-ccid-apdu-length-CVE-2017-5898.patch Closes: #854729, CVE-2017-5898 * virtio-crypto-fix-possible-integer-and-heap-overflow-CVE-2017-5931.patch Closes: #854730, CVE-2017-5931 * xhci-apply-limits-to-loops-CVE-2017-5973.patch Closes: #855611, CVE-2017-5973 * net-imx-limit-buffer-descriptor-count-CVE-2016-7907.patch Closes: #839986, CVE-2016-7907 * cirrus-fix-oob-access-issue-CVE-2017-2615.patch Closes: #854731, CVE-2017-2615 * 9pfs-symlink-attack-fixes-CVE-2016-9602.patch Closes: #853006 * vnc-do-not-disconnect-on-EAGAIN.patch Closes: #854032 * xhci-fix-event-queue-IRQ-handling.patch (win7 xhci issue fix) * xhci-only-free-completed-transfers.patch Closes: #855659 * char-fix-ctrl-a-b-not-working.patch Closes: https://bugs.launchpad.net/bugs/1654137 * char-drop-data-written-to-a-disconnected-pty.patch Closes: https://bugs.launchpad.net/bugs/1667033 * s390x-use-qemu-cpu-model-in-user-mode.patch Closes: #854893 * d/control is autogenerated, add comment * check if debootstrap is available in qemu-debootstrap Closes: #846497 . [ Christian Ehrhardt ] * (ubuntu) no more skip enable libiscsi (now in main) * (ubuntu) Disable glusterfs (Universe dependency) * (ubuntu) have qemu-system-arm suggest: qemu-efi; this should be a stronger relationship, but qemu-efi is still in universe right now. * (ubuntu) change dependencies for fix of wrong acl for newly created device node on ubuntu slixmpp (1.2.2-1.1) unstable; urgency=medium . * Non-maintainer upload. * Fix CVE-2017-5591: An incorrect implementation of XEP-0280: Message Carbons in slixmpp allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. This allows for various kinds of social engineering attacks. (Closes: #854740) vbrfix (0.24+dfsg-1) unstable; urgency=medium . * QA upload. * Set maintainer to Debian QA Group. (see #646384) * Repackage the upstream tarball without the vbrfixc/vbrfixc binary. * Fix FTBFS on armhf. (Closes: #856199) * autoreconf for the FTBFS fix. webcamoid (7.2.1+dfsg1-5) unstable; urgency=medium . * debian/control: - Add to webcamoid 'Depends': - qml-module-qt-labs-folderlistmodel - qml-module-qt-labs-settings (Closes: #856146) Thanks Antonio Terceiro.