adminer (4.3.1-2) unstable; urgency=medium . * Add simple autopkgtest. * Don't install the Selenium-based tests. apt-listdifferences (1.20170813) unstable; urgency=medium . * Update to debhelper 10. * Update copyright dates. * Update standards version. * Use colordiff's new built in git color schema (closes: #868610). bogofilter (1.2.4+dfsg1-10) unstable; urgency=medium . * Make bogofilter-common binary-any, to avoid broken dependencies after binNMUs. (Closes: #871694) boinc (7.8.1+dfsg-1) unstable; urgency=low . * New upstream major release, patch refresh. * Update copyright file * Tweak server package to use system fonts * Drop patches addressed upstream. * Upload to unstable. * Bump std-version to 4.0.0 boinc (7.6.33+dfsg-12exp1) experimental; urgency=medium . * Upload to experimental again, with the boinc-server-* packages. crac (2.5.0+dfsg-2) unstable; urgency=low . [ Steffen Moeller ] * debian/upstream/metadata: Added reference to registries * debian/copyright: Corrected upstream name to CRAC . [ Sascha Steinbiss ] * Make build reproducible. Thanks to Chris Lamb for the patch. Closes: #859300 dot2tex (2.9.0-2.1) unstable; urgency=medium . * Non-maintainer upload. * Update the Recommends from pgf to texlive-pictures. (Closes: #867070) dropbear (2017.75-2) unstable; urgency=low . * dropbear-initramfs: + init-bottom script: in the init-bottom script, send a SIGTERM to all process groups the leader of which is a child of the dropbear process, to ensure that all children of all SSH sessions are terminated (before dropear itself is killed). + postinst: don't print the reminder to check "ip=" boot parameter if it's already found in /proc/cmdline. + premount script: log to standard error if the 'debug' environment variable is set. + premount script: boot method (local or NFS) is in environment variable 'BOOT' not 'boot'. + On local mounts, don't bring down the network before dropbear was terminated (at init-bottom stage, not at local-bottom stage). Bringing down the network while an SSH session is still active makes clients hang until the connection times out. + init-bottom script: log which network interfaces are being brought down. + init-bottom script: replace xargs(1) with a while loop as it's apparently not included in Ubuntu's busybox. (LP: #1652091) + Compile with '--disable-bundled-libtom' to use system libtomcrypt / libtommath. (Closes: #870035) * debian/control: bump Standards-Version to 4.0.0 (no changes necessary). * debian/{control,dropbear-bin.install,dropbear-bin.manpages}: apply wrap-and-sort(1). fonts-mikachan (9.1-10) unstable; urgency=medium . * debian/control - drop Uploaders: GOTO Masanori (Closes: #839677) Thanks gotom for his work. - once drop Vcs-*, since gbp doesn't support multiple upstream source now. * debian/{compat,control} - use debhelper10 - set "Standards-Verions: 4.0.0" * debian/copyright - convert to copyright format 1.0 * debian/fonts-mikachan.preinst - fix "command-with-path-in-maintainer-script" lintian warning forensic-artifacts (20170808-1) unstable; urgency=medium . * New upstream release. gitlab (8.13.11+dfsg1-11) unstable; urgency=medium . * Tighten dependency on ruby-truncato gitlab (8.13.11+dfsg1-10) unstable; urgency=medium . * Relax dependency on ruby-net-ssh (Closes: #868246) gitlab (8.13.11+dfsg1-9) unstable; urgency=medium . * Relax dependency on ruby-asana and ruby-webmock golang-logrus (1.0.2-2) unstable; urgency=high . * Add maintscript to handle symlink to dir conversions. Closes: 870843. grib-api (1.23.1-1) unstable; urgency=medium . * New upstream release * Standards-Version: 4.0.1 grpc (1.3.2-1) unstable; urgency=medium . [ Pirate Praveen ] * Patch to provide a wrapped memcpy for linking (closes: #867541). hdf5 (1.10.0-patch1+docs-4) unstable; urgency=medium . * debian/rules: fix javahelper invocation (closes: #871506) hunspell-dict-ko (0.6.2-1) unstable; urgency=medium . * New upstream version (Closes: #859294) * debian/gbp.conf: Use master branch for gbp hunspell-dict-ko (0.6.0-2) unstable; urgency=medium . * debian/copyright: Fix typos * debian/control: Append python3-lxml in Build-Depends (Closes: #855675) hunspell-dict-ko (0.6.0-1) unstable; urgency=medium . [ Changwoo Ryu ] * New upstream version * debian/{control,watch,copyright}: Change the upstream URL * debian/control: Standards-Version: 3.9.8 * debian/control: Correct VCS URLs * debian/control: More description * debian/copyright: Correct DEP-5 copyright format juffed (0.10-85-g5ba17f9-13) unstable; urgency=medium . * Fixed 64 bit symbol (Closes: #871992) juffed (0.10-85-g5ba17f9-12) unstable; urgency=medium . * Fixed symbols for amd64 and i368 for gcc 7.10 (Closes: #871181) * Don't build with terminal integration - terminal causes segfaults at closing time * Removed build dependency libqtermwidget * Bumped year in copyright libcbor-xs-perl (1.70-1) unstable; urgency=medium . * New upstream version 1.70 * Declare compliance with Debian Policy 4.0.1 (no changes) * Bump debhelper compatibility level to 10 libjlha-java (0.0.20050504-10) unstable; urgency=medium . [ tony mancill ] * Team upload. * Add AmigaLhA patch. (Closes: #871924) Thank you to Stuart Caie for the patch. * Use debhelper and compat level 10 * Add myself to Uploaders * Bump Standards-Version to 4.0.1 * Update Homepage in debian/control libmspack (0.6-3) unstable; urgency=medium . * Move doc generation in dh's indep rules to fix FTBFS libmspack (0.6-2) unstable; urgency=medium . * Missing dependency on 'doxygen' for doc creation (Closes: #872193) * Fixed lintian useless-autoreconf-build-depends. libmspack (0.6-1) unstable; urgency=medium . * New upstream release: + Fix CVE-2017-6419 (Closes: #871263) + Fix CVE-2017-11423 (Closes: #868956) * Fix building documentation. * Use HTTPS in package metadata. * Transition to automatic debug packages. * Package now conforms to Standards-Version 4.0.0. * Switch to compat level 10. libnids (1.24-2) unstable; urgency=medium . * Fix build failures due to missing symbols thanks Adrian Bunk for the report (Closes: #872073) libnids (1.24-1) unstable; urgency=medium . * New upstream version 1.24 (Closes: #589415) * d/copyright: + Make dep5 compliant + Update copyright holders * d/rules + Revamp using dh sintax. + Add hardening flags. * d/control + Delete duplicate field. + Bump to dh 10 compat level. + Cosmetic changes to description. + Delete explicit version of libnet1-dev. It is present since Wheezy release. + Delete build-dependency on pkg-config + Bump to Standards-Version: 4.0.0 * Add multiarch paths * Adjust files list on d/libnids-dev-docs. * Polish, refresh, rename and fix dep3 issues in patch files. * d/watch + Check gpg signature with uscan. + Add signing-key.asc file for watch file use. * Add d/libnids.1.21.symbols file . [ Lukas Schwaighofer ] * update config.{sub,guess} by enabling the dh autotool-dev sequence * add CFLAGS using DEB_CFLAGS_MAINT_APPEND * improve patches + patch Makefile.in to apply CPPFLAGS and LDFLAGS (needed for hardening) + introduce separate patch to keep soname * add -Wl,--as-needed to LDFLAGS to avoid unnecessary linking * drop modifications of the printall.c sample code * mark binary packages as Multi-Arch: same librsb (1.2.0-rc7-3) unstable; urgency=medium . * d/p/fix-spell-because.patch: New patch * Add unit test for numerical bug fixed in version 1.2.0-rc7. Thanks to Michele Martone for the source file * d/control: Bump Standards-Version to 4.0.1 (no changes needed) libspecio-perl (0.40-1) unstable; urgency=medium . [ Nick Morrott ] * New upstream version 0.40 * Declare compliance with Debian Policy 4.0.1 (no changes) * Bump debhelper compatibility level to 10 * Update (build-)dependencies . [ gregor herrmann ] * Add Ref::Util and Sub::Util to Recommends and Build-Depends-Indep. libspi-java (0.2.4-2) unstable; urgency=medium . * Team upload. * Add myself to Uploaders * Use debhelper and compat level 10 * Bump Standards-Version to 3.9.8 * Add support for SOURCE_DATE_EPOCH for reproducible builds. Build-deps of libspi-java will now use SOURCE_DATE_EPOCH instead of embedding the current build timestamp in META-INF/services/* files. (Closes: #872065) linux (4.12.6-1) unstable; urgency=medium . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.12.3 - brcmfmac: fix possible buffer overflow in brcmf_cfg80211_mgmt_tx() (CVE-2017-7541) - [sparc64] Adding asm-prototypes.h for genksyms to generate crc - [sparc64] sed regex in Makefile.build requires line break between exported symbols https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.12.4 - f2fs: sanity check checkpoint segno and blkoff (CVE-2017-10663) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.12.5 - dentry name snapshots (CVE-2017-7533) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.12.6 - saa7164: fix double fetch PCIe access condition (CVE-2017-8831) - ipv6: avoid overflow of offset in ip6_find_1stfragopt (CVE-2017-7542) . [ Ben Hutchings ] * media: Enable USB_RAINSHADOW_CEC as module (see #868511) * Clean up symbol version fixes for symbols exported from asm (fixes FTBFS on sparc64): - [alpha] Un-revert "alpha: move exports to actual definitions" - [alpha] Restore symbol versions for symbols exported from assembly - [m68k] Un-revert "m68k: move exports to definitions" - [sparc64] Un-revert "sparc: move exports to definitions" * [mips*/octeon] Fix broken EDAC driver (fixes FTBFS) * [armhf] Revert "gpu: host1x: Add IOMMU support" * [armhf] udeb: Replace imx-ipuv3-crtc with imxdrm in fb-modules * [i386] perf tools: Fix unwind build (fixes FTBFS) * debian/control: Fix version in dependencies on arch-independent linux-headers-*-common* (Closes: #869511) * xfrm: policy: check policy direction value (CVE-2017-11600) * rtlwifi: Fix memory leak when firmware request fails * rtlwifi: Fix fallback firmware loading (Closes: #869084) * [arm64] video: Enable FRAMEBUFFER_CONSOLE (Closes: #870071) * integrity: Enable INTEGRITY_SIGNATURE, INTEGRITY_ASYMMETRIC_KEYS (Closes: #869565) * [x86] sound: Enable SND_X86; enable HDMI_LPE_AUDIO as module (Closes: #869372) * blk-mq: Change MQ_IOSCHED_KYBER from built-in to module * blk-mq: Enable IOSCHED_BFQ as module (Closes: #869028); enable BFQ_GROUP_IOSCHED * bfq: Enable auto-loading when built as a module * netfilter: Enable NFT_FIB_IPV4, NFT_FIB_IPV6, NFT_FIB_INET as modules (Closes: #868803) * [amd64,arm64] mm: Revert x86_64 and arm64 ELF_ET_DYN_BASE base (Closes: #869090) . [ Salvatore Bonaccorso ] * packet: fix tp_reserve race in packet_set_ring (CVE-2017-1000111) * udp: consistently apply ufo or fragmentation (CVE-2017-1000112) * Set ABI to 1 . [ Uwe Kleine-König ] * [arm64] enable MMC_SDHCI_XENON and MVNETA for Espressobin and enable respective device in its device tree (Closes: #871049) . [ Roger Shimizu ] * [armel] Change NAND related stuff to modules (fixes FTBFS) linux (4.12.2-1~exp1) experimental; urgency=medium . * New upstream release: https://kernelnewbies.org/Linux_4.12 * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.12.1 https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.12.2 . [ Ben Hutchings ] * Add script to regenerate lockdown patch series from git * [rt] Disable until it is updated for 4.12 or later * scripts/mod: Update modpost wrapper for 4.12 * Set ABI name to trunk linux (4.11.11-1) unstable; urgency=medium . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.11.7 - fs: pass on flags in compat_writev - configfs: Fix race between create_link and configfs_rmdir - can: gs_usb: fix memory leak in gs_cmd_reset() - ila_xlat: add missing hash secret initialization - cpufreq: conservative: Allow down_threshold to take values from 1 to 10 - vb2: Fix an off by one error in 'vb2_plane_vaddr' - cec: race fix: don't return -ENONET in cec_receive() - selinux: fix double free in selinux_parse_opts_str() - mac80211: don't look at the PM bit of BAR frames - mac80211/wpa: use constant time memory comparison for MACs - [x86] drm/amdgpu: Fix overflow of watermark calcs at > 4k resolutions. - [x86] drm/i915: Fix GVT-g PVINFO version compatibility check - [x86] drm/i915: Fix scaling check for 90/270 degree plane rotation - [x86] drm/i915: Do not sync RCU during shrinking - mac80211: fix IBSS presp allocation size - mac80211: strictly check mesh address extension mode - mac80211: fix dropped counter in multiqueue RX - mac80211: don't send SMPS action frame in AP mode when not needed - [arm64, armhf] drm/vc4: Fix OOPSes from trying to cache a partially constructed BO. - serial: 8250_lpss: Unconditionally set PCI master for Quark - [sh4] serial: sh-sci: Fix (AUTO)RTS in sci_init_pins() - [sh4] serial: sh-sci: Fix late enablement of AUTORTS - [x86] mm/32: Set the '__vmalloc_start_set' flag in initmem_init() - [armhf] mfd: axp20x: Add support for dts property "xpowers,master-mode" - [armhf] dt-bindings: mfd: axp20x: Add "xpowers,master-mode" property for AXP806 PMICs - [powerpc] mm: Add physical address to Linux page table dump - staging: rtl8188eu: prevent an underflow in rtw_check_beacon_data() - [armhf] iio: adc: ti_am335x_adc: allocating too much in probe - [x86] ALSA: hda: Add Geminilake id to SKL_PLUS - ALSA: usb-audio: fix Amanero Combo384 quirk on big-endian hosts - USB: hub: fix SS max number of ports - usb: core: fix potential memory leak in error path during hcd creation - [x86] USB: usbip: fix nonconforming hub descriptor - [arm64, armhf] usb: dwc3: gadget: Fix ISO transfer performance - pvrusb2: reduce stack usage pvr2_eeprom_analyze() - USB: gadget: dummy_hcd: fix hub-descriptor removable fields - coda: restore original firmware locations - usb: xhci: Fix USB 3.1 supported protocol parsing - usb: xhci: ASMedia ASM1042A chipset need shorts TX quirk - USB: gadget: fix GPF in gadgetfs - USB: gadgetfs, dummy-hcd, net2280: fix locking for callbacks - mm/memory-failure.c: use compound_head() flags for huge pages - swap: cond_resched in swap_cgroup_prepare() - mm: numa: avoid waiting on freed migrated pages - userfaultfd: shmem: handle coredumping in handle_userfault() - sched/core: Idle_task_exit() shouldn't use switch_mm_irqs_off() - genirq: Release resources in __setup_irq() error path - alarmtimer: Prevent overflow of relative timers - alarmtimer: Rate limit periodic intervals - virtio_balloon: disable VIOMMU support - [mips*] Fix bnezc/jialc return address calculation - [mips*] .its targets depend on vmlinux - [sparc*] crypto: Work around deallocated stack frame reference gcc bug on sparc. - [armhf] dts: am335x-sl50: Fix card detect pin for mmc1 - [armhf] dts: am335x-sl50: Fix cannot claim requested pins for spi0 - mm: larger stack guard gap, between vmas - Allow stack to grow up to address space limit - mm: fix new crash in unmapped_area_topdown() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.11.8 - [armhf] clk: sunxi-ng: a31: Correct lcd1-ch1 clock register offset - [armhf] clk: sunxi-ng: v3s: Fix usb otg device reset bit - [armhf] clk: sunxi-ng: sun5i: Fix ahb_bist_clk definition - xen/blkback: fix disconnect while I/Os in flight - xen-blkback: don't leak stack data via response ring (XSA-216, CVE-2017-10911) - ALSA: firewire-lib: Fix stall of process context at packet error - ALSA: pcm: Don't treat NULL chmap as a fatal error - ALSA: hda - Add Coffelake PCI ID - ALSA: hda - Apply quirks to Broxton-T, too - fs/exec.c: account for argv/envp pointers (CVE-2017-1000365) - [powerpc] perf: Fix oops when kthread execs user process - autofs: sanity check status reported with AUTOFS_DEV_IOCTL_FAIL - fs/dax.c: fix inefficiency in dax_writeback_mapping_range() - lib/cmdline.c: fix get_options() overflow while parsing ranges - [x86] perf/x86/intel: Add 1G DTLB load/store miss support for SKL - perf probe: Fix probe definition for inlined functions - [x86] KVM: fix singlestepping over syscall (CVE-2017-7518) - [s390x] KVM gaccess: fix real-space designation asce handling for gmap shadows - [powerpc*] KVM: Book3S HV: Cope with host using large decrementer mode - [powerpc*] KVM: Book3S HV: Preserve userspace HTM state properly - [powerpc*] KVM: Book3S HV: Ignore timebase offset on POWER9 DD1 - [powerpc*] KVM: Book3S HV: Context-switch EBB registers properly - [powerpc*] KVM: Book3S HV: Restore critical SPRs to host values on guest exit - [powerpc*] KVM: Book3S HV: Save/restore host values of debug registers - CIFS: Improve readdir verbosity - CIFS: Fix some return values in case of error in 'crypt_message' - cxgb4: notify uP to route ctrlq compl to rdma rspq - HID: Add quirk for Dell PIXART OEM mouse - random: silence compiler warnings and fix race - signal: Only reschedule timers on signals timers have sent - [powerpc] kprobes: Pause function_graph tracing during jprobes handling - ]powerpc*] 64s: Handle data breakpoints in Radix mode - Input: i8042 - add Fujitsu Lifebook AH544 to notimeout list - brcmfmac: add parameter to pass error code in firmware callback - brcmfmac: use firmware callback upon failure to load - brcmfmac: unbind all devices upon failure in firmware callback - time: Fix clock->read(clock) race around clocksource changes - time: Fix CLOCK_MONOTONIC_RAW sub-nanosecond accounting - [arm64] vdso: Fix nsec handling for CLOCK_MONOTONIC_RAW - target: Fix kref->refcount underflow in transport_cmd_finish_abort - iscsi-target: Fix delayed logout processing greater than SECONDS_FOR_LOGOUT_COMP - iscsi-target: Reject immediate data underflow larger than SCSI transfer length - drm/radeon: add a PX quirk for another K53TK variant - drm/radeon: add a quirk for Toshiba Satellite L20-183 - [x86] drm/amdgpu/atom: fix ps allocation size for EnableDispPowerGating - [x86] drm/amdgpu: adjust default display clock - [x86] drm/amdgpu: add Polaris12 DID - ACPI / scan: Apply default enumeration to devices with ACPI drivers - ACPI / scan: Fix enumeration for special SPI and I2C devices - rxrpc: Fix several cases where a padded len isn't checked in ticket decode (CVE-2017-7482) - drm: Fix GETCONNECTOR regression - usb: gadget: f_fs: avoid out of bounds access on comp_desc - spi: double time out tolerance - net: phy: fix marvell phy status reading - netfilter: xtables: zero padding in data_to_user - netfilter: xtables: fix build failure from COMPAT_XT_ALIGN outside CONFIG_COMPAT - brcmfmac: fix uninitialized warning in brcmf_usb_probe_phase2() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.11.9 - net: don't call strlen on non-terminated string in dev_set_alias() - net: Fix inconsistent teardown and release of private netdev state. - [s390x] net: fix up for "Fix inconsistent teardown and release of private netdev state" - mac80211: free netdev on dev_alloc_name() error - decnet: dn_rtmsg: Improve input length sanitization in dnrmg_receive_user_skb - net: Zero ifla_vf_info in rtnl_fill_vfinfo() - net: ipv6: Release route when device is unregistering - net: vrf: Make add_fib_rules per network namespace flag - af_unix: Add sockaddr length checks before accessing sa_family in bind and connect handlers - Fix an intermittent pr_emerg warning about lo becoming free. - sctp: disable BH in sctp_for_each_endpoint - net: caif: Fix a sleep-in-atomic bug in cfpkt_create_pfx - net: tipc: Fix a sleep-in-atomic bug in tipc_msg_reverse - net/mlx5: Remove several module events out of ethtool stats - net/mlx5e: Added BW check for DIM decision mechanism - net/mlx5e: Fix wrong indications in DIM due to counter wraparound - net/mlx5: Enable 4K UAR only when page size is bigger than 4K - proc: snmp6: Use correct type in memset - igmp: acquire pmc lock for ip_mc_clear_src() - igmp: add a missing spin_lock_init() - qmi_wwan: new Telewell and Sierra device IDs - net: don't global ICMP rate limit packets originating from loopback - ipv6: fix calling in6_ifa_hold incorrectly for dad work - sctp: return next obj by passing pos + 1 into sctp_transport_get_idx - net/mlx5e: Fix min inline value for VF rep SQs - net/mlx5e: Avoid doing a cleanup call if the profile doesn't have it - net/mlx5: Wait for FW readiness before initializing command interface - net/mlx5e: Fix timestamping capabilities reporting - decnet: always not take dst->__refcnt when inserting dst into hash table - net: 8021q: Fix one possible panic caused by BUG_ON in free_netdev - ipv6: Do not leak throw route references - rtnetlink: add IFLA_GROUP to ifla_policy - netfilter: synproxy: fix conntrackd interaction - NFSv4.x/callback: Create the callback service through svc_create_pooled - xen/blkback: don't use xen_blkif_get() in xen-blkback kthread - [mips*] head: Reorder instructions missing a delay slot - [mips*] Avoid accidental raw backtrace - [mips*] pm-cps: Drop manual cache-line alignment of ready_count - [mips*] Fix IRQ tracing & lockdep when rescheduling - ALSA: hda - Fix endless loop of codec configure - ALSA: hda - set input_path bitmap to zero after moving it to new place - NFSv4.2: Don't send mode again in post-EXCLUSIVE4_1 SETATTR with umask - NFSv4.1: Fix a race in nfs4_proc_layoutget - Revert "NFS: nfs_rename() handle -ERESTARTSYS dentry left behind" - ovl: copy-up: don't unlock between lookup and link - gpiolib: fix filtering out unwanted events - [x86] intel_rdt: Fix memory leak on mount failure - [x86] perf/x86/intel/uncore: Fix wrong box pointer check - [x86] drm/vmwgfx: Free hash table allocated by cmdbuf managed res mgr - dm thin: do not queue freed thin mapping for next stage processing - [x86] mm: Fix boot crash caused by incorrect loop count calculation in sync_global_pgds() - [arm64] pinctrl/amd: Use regular interrupt instead of chained - mm/vmalloc.c: huge-vmap: fail gracefully on unexpected huge vmap mappings - xen/blkback: don't free be structure too early - xfrm6: Fix IPv6 payload_len in xfrm6_transport_finish - xfrm: move xfrm_garbage_collect out of xfrm_policy_flush - xfrm: fix stack access out of bounds with CONFIG_XFRM_SUB_POLICY - xfrm: NULL dereference on allocation failure - xfrm: Oops on error in pfkey_msg2xfrm_state() - [arm64] PCI: Fix struct acpi_pci_root_ops allocation failure path - [arm64] ACPI: Fix BAD_MADT_GICC_ENTRY() macro implementation - [arm*] 8685/1: ensure memblock-limit is pmd-aligned - [arm*] davinci: PM: Free resources in error handling path in 'davinci_pm_init' - [arm*] davinci: PM: Do not free useful resources in normal path in 'davinci_pm_init' - Revert "x86/entry: Fix the end of the stack for newly forked tasks" - [x86] boot/KASLR: Fix kexec crash due to 'virt_addr' calculation bug - [x86] perf: Fix spurious NMI with PEBS Load Latency event - [x86] mpx: Correctly report do_mpx_bt_fault() failures to user-space - [x86] mm: Fix flush_tlb_page() on Xen - ocfs2: o2hb: revert hb threshold to keep compatible - ocfs2: fix deadlock caused by recursive locking in xattr - iommu/dma: Don't reserve PCI I/O windows - [amd64] iommu/amd: Fix incorrect error handling in amd_iommu_bind_pasid() - [amd64] iommu/amd: Fix interrupt remapping when disable guest_mode - mtd: nand: brcmnand: Check flash #WP pin status before nand erase/program - mtd: nand: fsmc: fix NAND width handling - [x86] KVM: fix emulation of RSM and IRET instructions - [x86] KVM: vPMU: fix undefined shift in intel_pmu_refresh() - [x86] KVM: zero base3 of unusable segments - KVM: nVMX: Fix exception injection - esp4: Fix udpencap for local TCP packets. - [armhf] hsi: Fix build regression due to netdev destructor fix. https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.11.10 - fs: completely ignore unknown open flags - driver core: platform: fix race condition with driver_override - RDMA/uverbs: Check port number supplied by user verbs cmds - ceph: choose readdir frag based on previous readdir reply - tracing/kprobes: Allow to create probe with a module name starting with a digit - drm/virtio: don't leak bo on drm_gem_object_init failure (CVE-2017-10810) - usb: dwc3: replace %p with %pK - Add USB quirk for HVR-950q to avoid intermittent device resets - usb: usbip: set buffer pointers to NULL after free - usb: Fix typo in the definition of Endpoint[out]Request - USB: core: fix device node leak - [armhf] pinctrl: meson: meson8b: fix the NAND DQS pins - [armhf,arm64] pinctrl: sunxi: Fix SPDIF function name for A83T - pinctrl: core: Fix warning by removing bogus code - [x86] xhci: Limit USB2 port wake support for AMD Promontory hosts - gfs2: Fix glock rhashtable rcu bug - Add "shutdown" to "struct class". - tpm: Issue a TPM2_Shutdown for TPM2 devices. - tpm: fix a kernel memory leak in tpm-sysfs.c - [x86] uaccess: Optimize copy_user_enhanced_fast_string() for short strings - xen: avoid deadlock in xenbus driver - crypto: drbg - Fixes panic in wait_for_completion call - [x86] rt286: add Thinkpad Helix 2 to force_combo_jack_table https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.11.11 - mqueue: fix a use-after-free in sys_mq_notify() (CVE-2017-11176) - proc: Fix proc_sys_prune_dcache to hold a sb reference - locking/rwsem-spinlock: Fix EINTR branch in __down_write_common() - [x86] staging: comedi: fix clean-up of comedi_class in comedi_init() - crypto: rsa-pkcs1pad - use constant time memory comparison for MACs - ext4: check return value of kstrtoull correctly in reserved_clusters_store - [x86] mm/pat: Don't report PAT on CPUs that don't support it . [ Ben Hutchings ] * [m68k] udeb: Use only the common module list for nic-shared-modules (fixes FTBFS) * [sparc64] Update "Revert "sparc: move exports to definitions"" for the addition of __multi3 (fixes FTBFS) * binfmt_elf: use ELF_ET_DYN_BASE only for PIE (CVE-2017-1000370, CVE-2017-1000371) * [rt] Update to 4.11.9-rt7: - smp/hotplug: Move unparking of percpu threads to the control CPU - cpu_pm: replace raw_notifier to atomic_notifier * media: Enable MEDIA_CEC_SUPPORT, VIDEO_VIVID_CEC; USB_PULSE8_CEC as module (Closes: #868511) * [armhf] udeb: Add sunxi_wdt to kernel-image (Closes: #866130) * crypto: Enable CRYPTO_USER, CRYPTO_USER_API_RNG as modules (Closes: #868291) * udeb: Add dm-raid to md-modules (Closes: #868251) * [arm64] sound: Enable SND_HDA_INTEL as module (Closes: #867611) * aufs: Update support patchset to aufs4.11.7+-20170703 (Closes: #867257) * [x86] ideapad-laptop: Add various IdeaPad models to no_hw_rfkill list (Closes: #866706) * firmware: dmi: Add DMI_PRODUCT_FAMILY identification string * [x86] pinctrl: cherryview: Extend the Chromebook DMI quirk to Intel_Strago systems (Closes: #862723) * [armhf] Add ARM Mali Midgard device tree bindings and gpu node for rk3288 (thanks to Guillaume Tucker) (Closes: #865646) . [ Uwe Kleine-König ] * [arm64] enable FB_SIMPLE . [ Vagrant Cascadian ] * [arm64] Enable support for Rockchip systems (Closes: #860976). . [ Salvatore Bonaccorso ] * Bump ABI to 2 * [rt] Update to 4.11.8-rt5 . [ Cyril Brulebois ] * [arm64,armhf] udeb: Ship usb3503 module in usb-modules, needed for e.g. Arndale development boards, thanks to Wei Liu (Closes: #865645). linux-latest (84) unstable; urgency=medium . * Update to 4.12.0-1 (Closes: #872055) linux-latest (83) unstable; urgency=medium . * Update to 4.11.0-2 magithub (0.1.3-1) unstable; urgency=medium . * New upstream release mathic (1.0~git20170606-1) unstable; urgency=medium . * New upstream release (git snapshot). * debian/control - Bump Standards-Version to 4.0.1. - Bump versioned dependency on debhelper to >= 10. - Remove Build-Depends on dh-autoreconf. * debian/compat - Bump debhelper compatibility level to 10. * debian/copyright - Use https in Format. * debian/libmathic0v5.symbols - Remove file for ease of maintainability (Closes: #853540). * debian/patches/fix_typo.patch - Remove patch; applied upstrem. * debian/rules - Remove call to dh_autoreconf; enabled by default with debhelper 10. - New override_dh_makeshlibs target. Generates tightest possible dependency. node-minimatch (3.0.4-1) unstable; urgency=medium . [ Pirate Praveen ] * Team upload * New upstream release . [ Bastien Roucariès ] * Bump policy no change * Bump compat * Enable testsuite * Run autopkgtest suite in isolation node-readable-stream (2.3.3-1) unstable; urgency=medium . * New upstream version * Bump policy (no changes) node-stream-http (2.7.2+dfsg-1) unstable; urgency=medium . * New upstream version. Fixes problem with safari and ios * Bump policy, no changes nomacs (3.4.1+dfsg-10) unstable; urgency=medium . * Fixed symbols for gcc 7.1.0 (Closes: #871180) * Patched appdata syntax and location nomacs (3.4.1+dfsg-9) unstable; urgency=medium . * Tested again with gcc-7, compiles fine (Closes: #853575) praat (6.0.30-3) unstable; urgency=medium . * d/p/pangocairo-pkg-config.patch: New patch. This patch replaces d/p/use-gtk-pkg-config.patch and provides a better argument for the pkg-config invocation when building praat_nogui. Thanks to Adrian Bunk for the patch (Closes: #871907) * d/README.Debian: Remove this obsolete file praat (6.0.30-2) unstable; urgency=medium . * d/p/use-gtk-pkg-config.patch: New patch praat (6.0.30-1) unstable; urgency=medium . * New upstream version 6.0.30 * d/control: Bump Standards-Version to 4.0.1 (no changes needed) * d/p/deprecated-g-type-init.patch: Drop patch (applied upstream) * d/p/tensor-h-filename.patch: New patch * Add praat_nogui executable and manual page pytest (3.2.1-1) unstable; urgency=medium . * New upstream release. - Properly escape test names when setting PYTEST_CURRENT_TEST environment variable. (Closes: #871994) pytest (3.2.0-1) unstable; urgency=medium . * New upstream release. * debian/control: Bump Standards-Version. * debian/{control,rules}: Build with python3-sphinx. python-flask-rdf (0.2.0-1.1) unstable; urgency=medium . * Non-maintainer upload. * Fix the missing dependencies in python3-flask-rdf. (Closes: #867429) python-q (2.6-1.1) unstable; urgency=medium . * Non-maintainer upload. * Fix the missing dependencies in python3-q. (Closes: #867452) pythonmagick (0.9.17-1) unstable; urgency=medium . * Bug fix: "FTBFS with python3.6 as a supported python3", thanks to Scott Kitterman (Closes: #866694). * Use lastest autoconf-archive for some python macros. * Bump policy (no changes) pythonmagick (0.9.14-3) unstable; urgency=medium . * Remove obsolete m4 files that lead to FTBFS. This files will be regenerated from autoconf-archive by dh_autoreconf. (Closes: #843196). pythonmagick (0.9.14-2) unstable; urgency=medium . * Update copyright . pythonmagick (0.9.14-1) unstable; urgency=medium . * Switch watch to .xz and add signature check * Add myself as uploader. * Switch to git-dpm. * Bump Standards-Version no changes. * Bump compat to 10. * Fixed VCS URL (https) thanks to Ondřej Nový * Build python3 and python2 version. * Add autopkgtest * New upstream release: - Bug fix: "FTBFS with newer experimental version of imagemagick", (Closes: #840428). pythonmagick (0.9.11-2) unstable; urgency=medium . * Team upload. * debian/rules: Do not build static library. (Closes: #763716) * debian/copyright: Add short license names. * debian/control: Update Standards-Verison. No changes required. pythonmagick (0.9.11-1) unstable; urgency=medium . * Team upload. * New upstream release. - Fix build with newer imagemagick releases. (Closes: #758001) * debian/patches: - 003_detect_py27.diff: Removed, no longer needed. - 001_autofoo_fixes.diff: Refreshed. * debian/{rules,control,source/format}: Use 3.0 (quilt) and remove quilt from build depends and dh call. * debian({rules,control}: Switch to dh_python2. Replace python-support with dh-python in Build-Depends and invoke dh with --with python2 instead of python-support. * debian/control: - Bump libmagic++-dev to >= 8:6.8.6. Required by the new upstream version. - Bump Standards-Version to 3.9.5. No changes required. * debian/rules: - Build with --disable-silent-rules. - Build with --parallel. - Remove *.la files. * debian/copyright: Update copyright years. pythonmagick (0.9.8-1) unstable; urgency=low . * Team upload. . [ Sebastian Ramacher ] * New upstream release. * debian/control: - Bump Standards-Version to 3.9.4. - Bump debhelper to (>= 9) for arch and indep targets. - Remove unnecessary Build-Depends autotools-dev and dpkg-dev. * debian/compat: Bump to 9. * debian/rules: - Run loops with set -e. - Call dh correctly. - No need to include /usr/share/dpkg/buildflags.mk anymore. * debian/copyright: - Update Format URL. - Merge the two debian/* sections. - Fix formatting of the ImageMagick license. - Update copyright years * debian/patches: - 001_autofoo_fixes.diff: Use python-config --includes to fix build failure. (Closes: #710790) - 002_set_minimum_python_version_to_2.4.diff: Removed, not needed anymore. - 004_quote_cppflags.diff: Removed, not needed anymore. - __init__-fixup: Removed, not needed anymore. . [ Jakub Wilk ] * Use canonical URIs for Vcs-* fields. pythonmagick (0.9.7-2) unstable; urgency=low * Team upload. * Enable hardened build: - debian/patches: add 004_quote_cppflags.diff to fix build issues with enabled hardening flags (Closes: #652483). - debian/rules: export buildflags. - debian/control: add versioned Buil-Dep on dpkg-dev for /usr/share/dpkg/buildlflags.mk * debian/control: fix spelling error in description. pythonmagick (0.9.7-1) unstable; urgency=low * Team upload. [ Bernd Zeimetz ] * Upstream's __init__.py is *WEIRD*. I think I've fixed it as it should be, although this change might introduce features which are not available in other distributions. (Closes: #495025) * Removing myself from uploaders. [ Sebastian Ramacher ] * New upstream release - Fixes build issues with newer ligmagick++ versions (Closes: #625581). - debian/control: Bump Build-Dep of libmagick++-dev to 8:6.6.7-9. * Drop autotools related diffs and run dh --with autoreconf instead. - debian/control: Add Build-Dep on dh-autoreconf. - debian/rules: call dh with --with autoreconf. - debian/patches: remove diffs that are releated to autotools output. * Detect Python 2.7 correctly (Closes: #632508) and honor PYTHON environment variable. * Build for all supported Python versions. - debian/control: Build-Dep on python-all-dev instead of python-dev. - debian/rules: Build for all supported Python versions. * debian/patches: Format according to DEP-3. * debian/control: Bump Standards-Version (no changes required). * debian/copyright: - Update copyright years. - Fixes to be DEP-5 compliant. - Fix license of PythonMagick. It is released under the ImageMagick License, not GPL-3+. pythonmagick (0.9.1-3) unstable; urgency=low * Add pkg-config as build-dependency. * Bumping Standards-Version to 3.8.4. * Add debian/README.source. * Update patches to include python2.6 properly. pythonmagick (0.7-3) unstable; urgency=high * Really include pythonmagick in the deb-files (closes: #439251) pythonmagick (0.7-2) unstable; urgency=medium * Move it to use python 2.4 instead per changes in libboost-python. pythonmagick (0.7-1) unstable; urgency=low * Initial release (Closes: #433709) pythonmagick (0.7-1) unstable; urgency=low * Initial release (Closes: #433709) qterminal (0.7.1-2) unstable; urgency=medium . * Fixed appdata format and location * Bumped Standards to 4.0.0, no changes needed * Bumpded copyright year radare2 (1.6.0+dfsg-1) unstable; urgency=medium . * New upstream release - Fix for CVE-2017-9520 (Closes: #864533) The r_config_set function in libr/config/config.c in radare2 1.5.0 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted DEX file. - Fix for CVE-2017-9949 (Closes: #866068) The grub_memmove function in shlr/grub/kern/misc.c in radare2 1.5.0 allows remote attackers to cause a denial of service (stack-based buffer underflow and application crash) or possibly have unspecified other impact via a crafted binary file, possibly related to a buffer underflow in fs/ext2.c in GNU GRUB 2.02. - Fix for CVE-2017-10929 (Closes: #867369) The grub_memmove function in shlr/grub/kern/misc.c in radare2 1.5.0 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, possibly related to a read overflow in the grub_disk_read_small_real function in kern/disk.c in GNU GRUB 2.02. * Switch to Debian Standard Version 4.0.0 radare2 (1.5.0+dfsg-1) experimental; urgency=medium . * New upstream release radare2 (1.4.0+dfsg-1) experimental; urgency=medium . * New upstream release - Dropped cherry picked patches (applied upstream) radare2 (1.3.0+dfsg-2) experimental; urgency=medium . * Add upstream patch to fix CVE-2017-7274 (Closes: #858873) radare2 (1.3.0+dfsg-1) experimental; urgency=low . * New upstream release - Dropped cherry picked patches (applied upstream) radare2 (1.2.1+dfsg-5) experimental; urgency=high . * Add upstream patches to fix security bugs - CVE-2017-6415 (Closes: #856572) The dex_parse_debug_item function in libr/bin/p/bin_dex.c in radare2 1.2.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted DEX file. - CVE-2017-6387 (Closes: #856574) The dex_loadcode function in libr/bin/p/bin_dex.c in radare2 1.2.1 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted DEX file. - CVE-2017-6319 (Closes: #856579) The dex_parse_debug_item function in libr/bin/p/bin_dex.c in radare2 1.2.1 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted DEX file. * Add small patch from Graham Inggs to fix FTBFS when linked with as-needed (Closes: #856329) radare2 (1.2.1+dfsg-4) experimental; urgency=high . * Add upstream patch to fix security bug (Closes: #856063) - CVE-2017-6197 The r_read_* functions in libr/include/r_endian.h in radare2 1.2.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted binary file, as demonstrated by the r_read_le32 function. radare2 (1.2.1+dfsg-3) experimental; urgency=medium . * Add upstream patch to fix hurd build radare2 (1.2.1+dfsg-2) experimental; urgency=medium . * Fix build on architectures without debugger support via cherry-picked upstream patch radare2 (1.2.1+dfsg-1) experimental; urgency=medium . * New upstream release - bugfixes * Drop patch (fixed upstream) radare2 (1.2.0+dfsg-1) experimental; urgency=low . * New upstream release - Lots of new features - misc. bugfixes * Add patch to fix build with capstone 3.0.4 ros-ros (1.14.1-1) unstable; urgency=medium . * New upstream version 1.14.1 ruby-concurrent (1.0.5-1) unstable; urgency=medium . * Team upload * New upstream release subversion (1.9.7-2) unstable; urgency=medium . * Disable optimizations on mips64el to workaround GCC bug #871514. * Use debhelper's dh_update_autotools_config and drop explicit Build-Depends on autotools-dev. subversion (1.9.7-1) unstable; urgency=high . * New upstream release + Security fix - CVE-2017-9800: Arbitrary code execution on clients through malicious svn+ssh URLs in svn:externals and svn:sync-from-url supervisor (3.3.1-1.1) unstable; urgency=medium . * Non-maintainer upload. * Disable object traversal in XML-RPC dispatch (CVE-2017-11610) (Closes: #870187) sxiv (1.3.2-2) unstable; urgency=medium . * Fix FTCBFS Let dh_auto_build pass cross compilers to make. (Closes: #871393). + Thanks to Helmut Grohne for the patch!. * debian/control + Bump standard versions 4.0.0 (no changes). + Bump debhelper to 10 in B-D. + Switch compat level 9 to 10. * debian/copyright + Extend debian copyright holders years. * debian/rules + export hardening flags. tor (0.3.0.10-1) unstable; urgency=medium . * New upstream version. * Update apparmor profile: replace CAP_DAC_OVERRIDE with CAP_DAC_READ_SEARCH to match the systemd capability bounding set changed with 0.3.0.4-rc-1. This change will allow tor to start again under apparmor if hidden services are configured. Patch by intrigeri. (closes: #862993) * Remove tor-dbg binary package. Nowadays Debian's toolchain automatically builds packages containing debugging symbols. The new tor-dbgsym package will end up in the debian-debug archive. This tor-dbgsym package will Replace/Break tor-dbg versions prior to 0.3.1.5-alpha for now (to match the version in experimental with the same change), but as we keep providing backported builds for older suites, and since those keep the tor-dbg package for now, we'll likely keep increasing this version in future releases. (closes: #867547) * The dbgsym migration options require debhelper >= 9.20160114; update build dependency list accordingly.