castle-game-engine (6.4+dfsg1-6) unstable; urgency=medium . [ Debian Janitor ] * Apply multi-arch hints. + castle-game-engine-doc, castle-game-engine-src: Add Multi-Arch: foreign. . [ Paul Gevers ] * d/watch: update for pre-releases * Use imagemagick instead of xcf2png for icon conversion (Closes: #982500) debian-parl (1.9.27) unstable; urgency=medium . * rebuild using newer boxer-data + stop include hunspell-se; closes: bug#982031, thanks to Paul Gevers game-data-packager (67) unstable; urgency=medium . * New games: - Blade Runner (GOG version) [skitt] * Internal changes: - quake3: Add pre-exported PNG versions of XCF icons to source code. xcftools is unmaintained and has security issues, so it is not suitable for stable Debian releases. (Closes: #982502) [smcv] glib2.0 (2.66.7-1) unstable; urgency=high . * New upstream release - Fix another regression caused by the GHSL-2021-045 fixes in 2.66.6 - Warn and fail on integer overflow in g_byte_array_new_take() for arrays larger than G_MAXUINT (similar to GHSL-2021-045) - Disallow using currently-undefined D-Bus connection or server flags, to prevent forward-compatibility problems with new security-sensitive flags that are likely to be introduced in GLib 2.68 * Drop previous patches for GHSL-2021-045 regressions, applied upstream golang-blackfriday (1.6.0-1) unstable; urgency=low . * Team upload. . [ Debian Janitor ] * Set upstream metadata fields: Bug-Database, Bug-Submit. . [ Aloïs Micard ] * New upstream version. * Mark russross-blackfriday-dev Multi-Arch: foreign. (Closes: #960545) * Bump Standards-Version. * Bump debhelper-compat. netty (1:4.1.48-2) unstable; urgency=high . * Team upload. * Fix CVE-2021-21290: In Netty there is a vulnerability on Unix-like systems involving an insecure temp file. When netty's multipart decoders are used local information disclosure can occur via the local system temporary directory if temporary storing uploads on the disk is enabled. On unix-like systems, the temporary directory is shared between all user. As such, writing to this directory using APIs that do not explicitly set the file/directory permissions can lead to information disclosure. Thanks to Salvatore Bonaccorso for the report. (Closes: #982580) * Switch to debhelper-compat = 13. * Declare compliance with Debian Policy 4.5.1. pekwm-themes (1.0.5-7) unstable; urgency=low . * QA upload. . [ Debian Janitor ] * Use correct machine-readable copyright file URI. ruby-net-ntp (2.1.3-3) unstable; urgency=low . * Team upload. . [ Emerson dos Santos Queiroz ] * debian/control: Bump Standards-Version to 4.5.1. * debian/control: Bump debhelper-compat to 13. . [ Cédric Boutillier ] * Team upload. . [ Debian Janitor ] * Trim trailing whitespace. * Use secure URI in Homepage field. * Set field Upstream-Contact in debian/copyright. * Set upstream metadata fields: Repository. * Remove obsolete fields Contact, Name from debian/upstream/metadata (already present in machine-readable debian/copyright). * Update standards version to 4.5.0, no changes needed. webkit2gtk (2.30.5-1) unstable; urgency=high . * New upstream release (Closes: #978042). * Remove some obsolete build dependencies (Closes: #979170): + gawk is not needed since WebKitGTK switched from autotools to CMake. + libgeoclue-2-dev and geoclue-2.0 are not required since WebKitGTK 2.25.1 (upstream bug 195994). + libupower-glib-dev is not required since WebKitGTK 2.19.92 (upstream bug 181825). + libfile-copy-recursive-perl is not required since WebKitGTK 2.19.3 (upstream bug 180479). + mesa-common-dev used to provide GL/gl.h but this header is now in libgl-dev. + libgles2-mesa-dev used to provide GLES3/gl3.h but this header is now in libgles-dev. + libgl1-mesa-dev and libgles2-mesa-dev are now dummy packages. + libpango1.0-dev is not checked for any specific version at build time so there's no need to list it. * Update the minimum required versions of some packages: + cmake from 3.3 to 3.10 + libglib2.0-dev from 2.36.0 to 2.44.0 + libgtk-3-dev from 3.10.0 to 3.22.0 + libcairo2-dev from 1.10.2 to 1.14.0 + libsoup2.4-dev from 2.42.0 to 2.54.0. * debian/patches/fix-mips-page-size.patch: + Increase the page size from 4KB to 16KB on MIPS, this fixes a crash with Loongson CPUs that don't support 4KB pages (Closes: #977779). * debian/copyright: + Update copyright years. * debian/watch: + Set version to 4 (fixes older-debian-watch-file-standard). * debian/control: + Update Standards-Version to 4.5.1 (no changes). wpewebkit (2.30.5-1) unstable; urgency=medium . * New upstream release. * debian/patches/fix-mips-page-size.patch: + Increase the page size from 4KB to 16KB on MIPS, this fixes a crash with Loongson CPUs that don't support 4KB pages (See #977779). * debian/watch: + Set version to 4 (fixes older-debian-watch-file-standard). * debian/control: + Update Standards-Version to 4.5.1 (no changes). * Update the minimum required versions of some packages: + cmake from 3.3 to 3.10 + libsoup2.4-dev from 2.42.0 to 2.54.0. * debian/copyright: + Update copyright years. REMOVED: hunspell-se 1.0~beta6.20081222-1.3