augeas (1.8.0-1) unstable; urgency=medium . * New upstream version 1.8.0 * Drop patch integrated upstream * Update symbols boinc (7.6.33+dfsg-11) unstable; urgency=medium . * Upload to unstable * Disable pie removal (Closes: #859352) boinc (7.6.33+dfsg-10exp1) experimental; urgency=medium . * Upload to experimental again, with the boinc-server-* packages. boinc (7.6.33+dfsg-10) unstable; urgency=medium . * New upload changing the working dir during execve boinc (7.6.33+dfsg-9exp1) experimental; urgency=medium . * Upload to experimental again, with the boinc-server-* packages. boinc (7.6.33+dfsg-9) unstable; urgency=medium . * Really fix the spawn of new shell (LP: #1115607) * Fix broken symlink for app-dev package (Closes: #857218) thanks Andreas Beckmann once again boinc (7.6.33+dfsg-8exp1) experimental; urgency=medium . * Upload to experimental again, with the boinc-server-* packages. boinc (7.6.33+dfsg-8) unstable; urgency=medium . * Upload to unstable * Disable/Revert previous upload (reopens LP: #1115607) this works, but has some unintended side effects. boinc (7.6.33+dfsg-7exp1) experimental; urgency=medium . * Upload to experimental again, with the boinc-server-* packages. boinc (7.6.33+dfsg-7) unstable; urgency=medium . * Upload to unstable. * Fix spawn of new window (d/p/fix-new-process-spawn.patch). LP: #1115607 boinc (7.6.33+dfsg-6exp1) experimental; urgency=medium . * Upload to experimental again, with the boinc-server-* packages. cytadela (1.1.0-4) unstable; urgency=medium . * Fix binary-indep build (Closes: #860113) * Fix symlink_to_dir migration cytadela (1.1.0-3) unstable; urgency=medium . * Drop --link-doc from dh_installdocs as it breaks binNMU (Closes: #859349) * Install docs into cytadela package instead of cytadela-data * Depends on vlc-plugin-base instead of transitional vlc-nox (Closes: #845583) * Fix typo in description * Bump Standards-Version to 3.9.8 (no changes) dsh (0.25.10-1.3) unstable; urgency=medium . * Non-maintainer upload. * Don't ship symlink for /etc/dsh/group/all. (Closes: #788585) freedink (108.4+dfsg-3) unstable; urgency=medium . * Properly implement /usr/share/doc/freedink symlink_to_dir - thanks anbe (Closes: #860114) freedink (108.4+dfsg-2) unstable; urgency=medium . * Don't symlink /usr/share/doc/freedink to support binNMU * Fix segfault when loading game and exiting editor. h5py (2.7.0-1) unstable; urgency=medium . * Run DEP-8 tests for all supported Python versions * Add missing i-deps on python{,3}-numpy-dbg (Closes: #858727) * Source future releases from PyPI * New upstream release * Rebase patch queue - Drop 0002-Fix-arch-name-for-ppc64le.patch, applied upstream - Drop 0003-Fix-version_tuple-to-make-it-PEP440-compliant.patch, applied upstream initramfs-tools (0.128) unstable; urgency=medium . * [cd352e8] debian/control: Add Breaks against older versions of busybox (Closes: #855094) * [e5c68ce] Include the unmkinitramfs(8) manual page in initramfs-tools-core * [dc22177] scripts/local: local_device_setup should not assume devices hold file systems * [033c948] scripts/local: Apply a single time limit to all device discovery * [f3a61b3] scripts/local: Add option for local_device_setup to return failure * [2be97ee] scripts/local-premount/resume: Check for kernel resume interface earlier * [25837a1] scripts/local-premount/resume: Use local_device_setup for resume device (Closes: #854791) libjna-java (4.2.2-3) unstable; urgency=medium . * Team upload. * Ignore the jna.boot.library.path and jna.boot.library.name properties and always load the system jnidispatch library (Closes: #858876) node-test (0.6.0-4) unstable; urgency=medium . * Set compat to 9 for stretch node-test (0.6.0-3) unstable; urgency=medium . * Team upload * Really install all .js files including test dir. Needed by retape. (Closes: #859865) * Run testsuite. * Bump compat plasma-framework (5.28.0-2) unstable; urgency=medium . * Change plasma-framework-dev to arch: any. Thanks to Helmut Grohne for reporting (Closes: 854063) * Pick "Fix logic for arrow handling in RTL locales" (db15022) Add the upstream patch as: Fix-logic-for-arrow-handling-in-RTL-locales.patch This fixes KDE#373749 * Pick "Emit toolTipMainTextChanged if it changes in response to a title change" (17f5a30) The fallback for toolTipMainText is showing the applet title. When the applet title changes, it may result in a change of toolTipMainText. Add the upstream patch as: Emit-toolTipMainTextChanged-if-it-changes-in-response-to-.patch * Pick "consider an empty panel always "applets loaded"" (6ae3a07) This fixes panels sometimes not showing up when reconnecting screens. Add upstream patch as: consider-an-empty-panel-always-applets-loaded.patch Related to KDE#373836 * Pick "Fix #374127 misplacement of popups from dock wins" (6aedda9) Fix for "If a Dock window uses a mask then the popups occured from it are placed far from the item that triggered them." Add upstream patch as: Fix-374127-misplacement-of-popups-from-dock-wins.patch This fixes KDE#374127 * Pick "portait prop is not relevant when there is no text" (12a4709) This fixes a binding loop on this property when there is no label. Add upstream patch as: portait-prop-is-not-relevant-when-there-is-no-text.patch This fixes KDE#374815 * Pick "correctly forward status from applets to containment" (47ec9b8) Add upstream patch as: correctly-forward-status-from-applets-to-containment.patch This fixes KDE#372062 * Pick "it must also be possible for the status to be decreased again" (46c87d5) This fixes the autohide panel being broken the first time an applet like kickoff opens. when it closes again, the status has to be decreased again. Add upstream patch as: it-must-also-be-possible-for-the-status-to-be-decreased-a.patch * Pick "set default hints when repr doesn't export Layout.*" (b99a87a) Add upstream patch as: set-default-hints-when-repr-doesn-t-export-Layout.patch This fixes KDE#377153 * Add "Ref/deref DataEngines even if the metadata is invalid" (586ed85) Just because the metadata is invalid doesn't mean the DataEngine actually failed to load, we're still returning a valid object, and as seen with the MPris DataEngine bug. It's important that we still release it properly. Add upstream patch as: Ref-deref-DataEngines-even-if-the-metadata-is-invalid.patch This is related to KDE#374531 plv8 (1:1.4.10.ds-1) unstable; urgency=medium . * Bugfix release: Fix startup proc for multiple arguments. * Remove "remove-defines" patch, went upstream. radare2 (1.1.0+dfsg-4) unstable; urgency=high . * Add upstream patches to fix security bugs - CVE-2017-6194 (Closes: #859448) The relocs function in libr/bin/p/bin_bflt.c allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file. - CVE-2017-6448 (Closes: #859447) The dalvik_disassemble function in libr/asm/p/asm_dalvik.c allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted DEX file. ruby-unf-ext (0.0.7.2-3) unstable; urgency=medium . * Team upload * Apply upstream patch to fix build with GCC 6 on architectures that don't have char signed by default (Closes: #859463) solid (5.28.0-3) unstable; urgency=medium . * Pick "Work round DBus property fetching bug" (6f1c6dc) Workaround for a qt5 dbus property issue. Add upstream patch as: Work-round-DBus-property-fetching-bug.patch This fixes KDE#345871 * Pick "[UDisks 2 Device] Add description for Floppy Disk" (d92588b) Floppy disks now show up as "Floppy Disk" instead of "0 B Removable Media" Add upstream patch as: UDisks-2-Device-Add-description-for-Floppy-Disk.patch squid3 (3.5.23-3) unstable; urgency=medium . [ Amos Jeffries ] * debian/squid.preinst - Fix upgrade sequence from jesse squid3 package (Closes: #858556) . [ Santiago Garcia Mantinan ] * debian/squid.{preinst,postinst,postrm} - Fix problems with empty squid3 dir and squid 2.7 installed (use the right logic with better checks). - Avoid install abortion by stopping squid3 only when it runs. . [ Eric Veiras Galisson ] * debian/squid.rc - Fix returncode is wrong with conf file with errors (Closes: #857137) squid3 (3.5.23-2) unstable; urgency=medium . [ Santiago Garcia Mantinan ] * debian/squid.{preinst,postinst,postrm} - Fix upgrade sequence from 2.7 packages (Closes: #801564) . [ Amos Jeffries ] * debian/control - Relax dependency between squid and squid-common packages (Closes: #399489) - Add squidclient Recommends on ssl-cert . [ Robie Basak ] * debian/control - Add missing pre-depends on adduser - Add Vcs-Browser URL tomcat8 (8.5.11-2) unstable; urgency=medium . * Team upload. * Fix the following security vulnerabilities (Closes: #860068): Thanks to Salvatore Bonaccorso for the report. - CVE-2017-5647: A bug in the handling of the pipelined requests when send file was used resulted in the pipelined request being lost when send file processing of the previous request completed. This could result in responses appearing to be sent for the wrong request. For example, a user agent that sent requests A, B and C could see the correct response for request A, the response for request C for request B and no response for request C. - CVE-2017-5648: It was noticed that some calls to application listeners did not use the appropriate facade object. When running an untrusted application under a SecurityManager, it was therefore possible for that untrusted application to retain a reference to the request or response object and thereby access and/or modify information associated with another web application. - CVE-2017-5650: The handling of an HTTP/2 GOAWAY frame for a connection did not close streams associated with that connection that were currently waiting for a WINDOW_UPDATE before allowing the application to write more data. These waiting streams each consumed a thread. A malicious client could therefore construct a series of HTTP/2 requests that would consume all available processing threads. - CVE-2017-5651: The refactoring of the HTTP connectors for 8.5.x onwards, introduced a regression in the send file processing. If the send file processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could result in the same Processor being used for multiple requests which in turn could lead to unexpected errors and/or response mix-up. * debian/control: tomcat8: Fix Lintian error and depend on lsb-base. zsh (5.3.1-4) unstable; urgency=high . * [5c3b52b8] Reorder zsh.postinst: do alternatives removal before (re)creating /usr/bin/zsh symlink. Thanks to ilf for the bug report and Adrian Bunk for finding the right solution. (Closes: #860033)