game-data-packager (49) unstable; urgency=medium . * d/gbp.conf: Switch git branch to debian/stretch for updates during freeze * quake3: Symlink ioquake3 native game and UI code into ~/.q3a, and run with vm_cgame, vm_game, vm_ui set to 0 by default. This resolves bugs in the proprietary Quake III Arena releases by swapping in ioquake3's updated (and Free Software) versions, and mitigates security issues in ioquake3 by letting ioquake3_1.36+u20161101+dfsg1-2 put a confirmation prompt in front of the option to enable auto-downloading. This regressed in v46. gnome-sound-recorder (3.21.92-2) unstable; urgency=medium . * Depend on gstreamer1.0-pulseaudio for pulsesrc/pulsesink. Closes: #852870. * Drop dependency on gstreamer1.0-plugins-bad, all the necessary plugins are in base/good now. gthumb (3:3.4.4.1-5) unstable; urgency=medium . * debian/control:(gthumb package) - Remove: - Replaces gthumb2 - Add: (because of the previous revision) - Breaks: gthumb-data (<< 3:3.4.4.1-4~) - Replaces: gthumb-data (<< 3:3.4.4.1-4~) (Closes: #857181) Thanks Jeremy Bicha (previous revision too) and Sebastian Ramacher. gthumb (3:3.4.4.1-4) unstable; urgency=medium . * debian/gthumb-data.install: - Remove /usr/share/appdata * debian/gthumb.install: - Add /usr/share/appdata (Closes: #857012) iec16022 (0.2.4-1.2) unstable; urgency=medium . * Non-maintainer upload. * Cherry-pick from upstream: - Fix EDIFACT encoding (0f2adb) (Closes: #773719) - Fix encoding of _. (45813a) (Closes: #429210) - Fix cases where data might be lost. (ebbb6e2) (Closes: #835296) ifupdown2 (1.0~git20170314-1) unstable; urgency=medium . * debian: install files: fix LC_ALL=C.UTF-8 following comments on #857258 ifupdown2 (1.0~git20170308-1) unstable; urgency=medium . * debian: add LC_ALL=C.UTF-8 directive in prestinst, postinst, postrm files ifupdown2 (1.0~git20170307-1) unstable; urgency=medium . * preinst: remove english word from grep filter (closes: #856970) ioquake3 (1.36+u20161101+dfsg1-2) unstable; urgency=high . * d/gbp.conf: switch branch to debian/stretch for updates during freeze * d/patches: Add patches from upstream fixing security vulnerabilities - refuse to load potentially auto-downloadable .pk3 files as ioquake3 renderers, ioquake3 game code, libcurl, or OpenAL drivers (mitigation: auto-downloading is off by default, and in Debian we do not dlopen libcurl anyway) - refuse to load default configuration file names from a .pk3 file - protect cl_renderer, cl_curllib, s_aldriver configuration variables so game code cannot set them - refuse to overwrite files other than *.txt with the dump console command - refuse to overwrite files other than *.cfg with the writeconfig console command (Closes: #857699) * Add patch adapted from openarena to request confirmation before enabling auto-downloading if the native-code Quake III Arena UI is in use. Unfortunately this is not the case with quake3_46, but I'm adding this patch in the hope that the wrapper script can be fixed before the stretch release. iortcw (1.50a+dfsg1-3) unstable; urgency=high . * d/gbp.conf: switch branch to debian/stretch for updates during freeze * d/patches: Add patches from upstream fixing security vulnerabilities - refuse to load potentially auto-downloadable .pk3 files as iortcw renderers, iortcw game code, libcurl, or OpenAL drivers (mitigation: auto-downloading is off by default, and in Debian we do not dlopen libcurl anyway) - refuse to load default configuration file names from a .pk3 file - protect cl_renderer, cl_curllib, s_aldriver configuration variables so game code cannot set them - refuse to overwrite files other than *.txt with the dump console command - refuse to overwrite files other than *.cfg with the writeconfig console command (Closes: #857714) libguestfs (1:1.34.6-1) unstable; urgency=medium . * New upstream version mbedtls (2.4.2-1) unstable; urgency=high . * New upstream version. - Fixes CVE-2017-2784 - freeing of memory allocated on the stack when validating a public key with a secp224k1 curve. (Closes: #857560) . * debian/rules: - Run testsuite inside faketime to prevent it suddenly failing in the future. Thanks Niels Thykier! network-manager (1.6.2-2) unstable; urgency=medium . * libnm: disconnect signal from D-Bus proxies on dispose (Closes: #854810) * dhcp/dhclient: parse "interface" statements. Until now any "interface" statement was ignored and any enclosed statement for which we have a special handling was considered, even if belonging to a different interface. This can cause wrong options to be set in the generated dhclient configuration. (Closes: #855910) opendmarc (1.3.2-1) unstable; urgency=medium . * New upstream release - Update debian/copyright (added 2017) - Remove patches applied upstrea (debian/patches/ticket095.patch, ticket165_incomplete.patch, ticket166.patch, ticket185.patch, and ticket187.patch) * Update README.Debian to point to use of opendmarc.service.d/overrride.conf with systemd (Closes: #856489, #856057) * Update README.Debian to explain that TCP sockets bound to a specific IP address will not work if that address is not bound to a network connection and how to work avoid startup issues if network initialization is too slow (Closes: #856488) python-websockets (3.2-2) unstable; urgency=medium . * set WEBSOCKETS_TESTS_TIMEOUT_FACTOR to 100 to avoid FTBFS on slower buildd (closes: 854335) sddm (0.14.0-4) unstable; urgency=medium . * Update documentation, add information about HiDPI sddm (0.14.0-3) unstable; urgency=medium . * Drop pam_systemd.so from our pam rules. Thanks to Russell Coker for reporting (Closes: 850006) * Add new upstream patch: Fix-display-of-user-avatars.-684.patch. Thanks to Salvo Tomaselli for reporting (Closes: 856195) * Create sddm's home dir if not present * Add HiDPI patches: Add-a-config-option-to-enable-high-DPI-scaling-701.patch (upstream) and Regression-fix-disable-HiDPI-by-default.patch. Thanks to Laurent Bonnaud for reporting and testing (Closes: 853843) sogo-connector (31.0.3-3) unstable; urgency=medium . * [7f95a11] rebuild patch queue from patch-queue branch (Closes: #856457) * [9328a7e] debian/control: reverse the resolving order for -dev package sogo-connector (31.0.3-2) unstable; urgency=medium . * [85e9938] debian/control: wrap-and-sort all entries * [82988f2] Build-Depends: append possible thunderbird-dev package * [6ac973e] debhelper: bump to version 10 * [1f59a4a] debian/control: correcting, moving Vcs fields to https * [c4ff179] debian/copyright: update same sections, adding MPL-1.1 * [ba1f4ce] debian/control: extend the description of sogo-connector wireshark (2.2.5+g440fd4d-2) unstable; urgency=medium . * Upload to unstable wireshark (2.2.5+g440fd4d-1) experimental; urgency=medium . * New upstream release - release notes: https://www.wireshark.org/docs/relnotes/wireshark-2.2.5.html - security fixes: - The STANAG 4607 file parser could go into an infinite loop (CVE-2017-6014) - The NetScaler file parser could go into an infinite loop (CVE-2017-6467) - The NetScaler file parser could crash (CVE-2017-6468) - The LDSS dissector could crash (CVE-2017-6469) - The IAX2 dissector could go into an infinite loop (CVE-2017-6470) - The WSP dissector could go into an infinite loop (CVE-2017-6471) - The RTMTP dissector could go into an infinite loop (CVE-2017-6472) - The K12 file parser could crash (CVE-2017-6473) - The NetScaler file parser could go into an infinite loop (CVE-2017-6474) * Update symbols file for libwireshark8