collectd (5.12.0-7) unstable; urgency=medium . * Team upload. * Fix CGI::param error in collection3 (Closes: 982294) lemonldap-ng (2.0.11+ds-4) unstable; urgency=high . * Import security fixes from 2.0.12 * Session cache corruption can lead to authorization bypass or spoofing (Closes: CVE-2021-35472) * OAuth2 handler does not verify access token validity (Closes: CVE-2021-35473) * Fix XSS on register form * Don't display TOTP secret to connected user, neither in logs liquidsoap (1.4.3-3) unstable; urgency=medium . * Fix pervasive libraries symlink (Closes: 991332) msmtp (1.8.11-2.1) unstable; urgency=medium . * Non-maintainer upload. * Cherry-pick 7d2222cf from upstream for the bullseye release. Brings msmtp into conformance with RFC821, which states that "Commands and replies are not case sensitive." (Closes: #985468) munin (2.0.67-2) unstable; urgency=medium . [ Kentaro Hayashi ] * debian/munin-node.service: ensure /run/munin directory exists. Closes: #990371. samtools-legacy (0.1.19+dfsg-2) unstable; urgency=medium . * Team Upload. * Add Depends on zlib1g-dev * Add autopkgtests webkit2gtk (2.32.3-1) unstable; urgency=high . * New upstream release. * The WebKitGTK security advisory WSA-2021-0004 lists the following security fixes in the latest versions of WebKitGTK: + CVE-2021-30666, CVE-2021-30761 (fixed in 2.26.0). + CVE-2021-30762 (fixed in 2.28.0). + CVE-2021-1817, CVE-2021-1820, CVE-2021-1825, CVE-2021-1826, CVE-2021-30661 (fixed in 2.30.0). + CVE-2021-21806 (fixed in 2.30.6). + CVE-2021-30682 (fixed in 2.32.0). + CVE-2021-30758 (fixed in 2.32.2). + CVE-2021-21775, CVE-2021-21779, CVE-2021-30663, CVE-2021-30665, CVE-2021-30689, CVE-2021-30720, CVE-2021-30734, CVE-2021-30744, CVE-2021-30749, CVE-2021-30795, CVE-2021-30797, CVE-2021-30799 (fixed in 2.32.3). webkit2gtk (2.32.2-1) unstable; urgency=medium . * New upstream release. * debian/patches/fix-ftbfs-m68k.patch: + Update patch.