Delta generated at: 2019-04-21 11:37 UTC

aide 0.16-4 -> 0.16.1-1

Unknown (Probably auto sync.)

Debian changes newer than ubuntu version:

aide (0.16.1-1) unstable; urgency=medium

  [ Hannes von Haugwitz ]
  * new upstream version v0.16.1
    - changes include:
      - fix short form of --limit parameter (closes: #855313)
      - use AC_PATH_TOOL to find pkg-config (closes: #907580)
    - move upstream to GitHub:
      - d/control: update Homepage field
      - d/watch: update download URL
      - d/copyright: update source URL
    - adapt debian/patches/10-manpages.patch
    - remove debian/patches/15-arithmetic-exit.patch (incorporated upstream)
  * Bump to Standards-Version 4.3.0 (no changes necessary)
  * 31_aide_gnupg: handle S.scdaemon
  * 31_aide_systemd_journal, 31_aide_mlocate: use @@{RUN} macro
  * 31_aide_cereal, 31_aide_systemd_sessions: add missing $ to some rules
  * aide.wrapper.8:
    - document default value of DBAGE
    - remove trailing whitespaces
  * Switch to debhelper 12
  * cron.daily/aide:
    - avoid subshell usage in conditions
    - fix shell globbing
    - fix new lines in filtered packages list
    - disable checkwinsize shell option
  * aide.wrapper: refactor DBAGE code
  * Remove empty lines at the end of rule files
  * Adjust lintian overrides:
    - aide,aide-xen: remove 'embedded-library' for libm
    - aide-common: add 'uses-dpkg-database-directly' (the pkg just provides
      rules for dpkg files)
  * debian/copyright: update copyright information
  * Add debian/upstream/metadata

  [ Marc Haber ]
  ∙ 31_aide_boinc-client: new rule
  ∙ 31_aide_crack: new rule
  ∙ 31:aide_dlocate: optimize rule
  ∙ 31_aide_mailman: add Varir for log directory
  * aideinit: send most output to stderr

  [ Ondřej Nový ]
  * d/copyright: Change Format URL to correct one
  * d/control: Remove redundant Priority field in binary package
  * d/changelog: Remove trailing whitespaces
  * d/watch: Use https protocol

 -- Hannes von Haugwitz   Thu, 28 Feb 2019 21:34:34 +0100

alembic 1.0.0-2ubuntu2 -> 1.0.0-3

* Last Uploader: James Page

Debian changes newer than ubuntu version:

alembic (1.0.0-3) unstable; urgency=medium

  * Require newer dh-python which cleans .pytest_cache directory
  * Revert removing of pytest_cache manually
  * Rename d/tests/control.autodep8 to d/tests/control.
  * Standards-Version is 4.3.0 now (no changes needed)

 -- Ondřej Nový   Tue, 22 Jan 2019 17:31:51 +0100

alsa-utils 1.1.8-1ubuntu1 -> 1.1.8-2

* Last Uploader: Sebastien Bacher

Debian changes newer than ubuntu version:

alsa-utils (1.1.8-2) unstable; urgency=medium

  * Introduce Fix-alsactl-to-restore-config.patch. Don't rely on undocumented
    /etc/alsa/state-daemon.conf to start alsa-state.service.  alsa-restore.service
    now will have an error code 99 the first time it runs. But after an reload of
    the service or just a reboot both services will run smoothly.
    [closes: #925455]

 -- Elimar Riesebieter   Sat, 30 Mar 2019 10:18:40 +0100

amavisd-new 1:2.11.0-5ubuntu1 -> 1:2.11.0-6.1

* Last Uploader: Karl Stenerud (sponsored by Andreas Hasenack)

Debian changes newer than ubuntu version:

amavisd-new (1:2.11.0-6.1) unstable; urgency=medium

  * Non-maintainer upload.
  * Fix to honor "originating" configuration flag, by cherry-picking upstream
    patch. (Closes: #882324)

 -- Tobias Frost   Fri, 05 Apr 2019 18:04:57 +0200

amavisd-new (1:2.11.0-6) unstable; urgency=medium

  * Fix start-stop-daemon insecure error. Closes: #921016.

 -- Brian May   Wed, 13 Feb 2019 17:48:10 +1100

apache2 2.4.38-2ubuntu2 -> 2.4.38-3

* Last Uploader: Marc Deslauriers

Debian changes newer than ubuntu version:

Error creating changes log. Please look manually

backuppc 3.3.1-4ubuntu2 -> 3.3.2-2

* Last Uploader: Andreas Hasenack

Debian changes newer than ubuntu version:

backuppc (3.3.2-2) unstable; urgency=low

  * There are no logs to chown upon a first installation, so don't try to
    chown them. (Fixes issue found by piuparts.)
  * Avoid recursive chown to /etc/backuppc, just chown /etc/backuppc and
    all files in it. By default it has no subdirectories.
  * Update line numbers in debian/config.pl.diff.

 -- Axel Beckert   Wed, 14 Nov 2018 23:27:21 +0100

backuppc (3.3.2-1) unstable; urgency=low

  [ Axel Beckert ]
  * Set Maintainer to the new Debian BackupPC team. (Closes: #887490)
    + Add Tobias Frost and myself to Uploaders.
  * Import new 3.3.2 upstream release.
    + Drop some hunks from 01-debian.patch which upstream applied or fixed
      otherwise:
      - lib/BackupPC/CGI/Browse.pm
      - all hunks which fix "{" to "\{" in regular expressions.
    + Refresh the remaining part of 01-debian.patch and fix non-applying
      hunks manually.
    + Remove unnecessary whitesapce changes from 01-debian.patch.
    + 01-debian.patch: Continue to use UTF-8 in doc/BackupPC.pod despite
      upstream has chose to explicitly declare it as ISO8859-1.
    + Refresh 02-fix-spelling-errors.patch.
  * Ship https://sourceforge.net/p/backuppc/mailman/message/27416276/ as
    debian/jLib.pm and install as BackupPC::jLib. (Closes: #876190)
    Thanks: Martin F Krafft and Alex Vandiver.
  * Run "wrap-and-sort -a".
  * Support IPv6 by extracting the according patch hunks from Ubuntu's
    backuppc package. (Closes: #876233, #610932)
    + Expand patch with web configuration editor support by lynxis
      lazus. (LP: #1349031)
  * Add lintian overrides for these false positives:
    + spelling-error-in-readme-debian (User and group name are the same
      and trigger a "duplicate word" case).
    + unused-debconf-template (mentioned template is used)
  * Fix typo in 3.3.1-4 changelog entry.
  * Add patch to replace the rather unlucky "IS" with "IT support" in mail
    templates. (Closes: #808241)
  * Add patch to fix bad e-mail headers in Polish and Czech mail templates
    as well as the encoding of the Czech mail templates. (Closes: #675013)
    Thanks Vladislav Kurz for the bug report!
  * debian/apache.conf:
    + Switch to Apache 2.4 syntax.
    + Only grant access from localhost by default (as by default HTTPS is
      not enforced). Mention that in NEWS.Debian.
    + Fix typo in comment.
  * Suggest a bunch of letsencrypt clients with certbot as default.
  * Document conf/sorttable.js in debian/copyright.
  * Unconditionally use invoke-rc.d in post{inst,rm}, drop existence check
  * Consistently use debian/ instead of debian/backuppc. and
    not half/half.
    + Rename debian/examples directory to debian/example-configs to avoid
      name conflict. Update debian/examples file accordingly.
  * debian/config: Use "set -e" instead of "-e" in the shebang line.
  * debian/post{inst,rm}: Add "set -e" at the beginning.
  * Apply patch to run rrdtool as the backuppc user rather than as the
    www-data user to fix the displaying of the RRD graphs in the web
    interface. (Closes: #903217, LP: #1612600)

  [ Andreas Hasenack ]
  * d/t/{control,smb-backup}: simple smb-based DEP8 test (LP: #1677755)

 -- Axel Beckert   Wed, 14 Nov 2018 04:07:00 +0100

backuppc (3.3.1-6) unstable; urgency=medium

  * QA upload.
  * Imported package to salsa.debian.org and set VCS-* fields accordingly.
  * Execute wrap-and-sort.
  * Convert to 3.0 (quilt) package format. The changes to the upstream
    sources have been put into 01-debian.patch.
  * Fix "FTBFS with merged /usr" by specifying all binary paths and not letting
    configure.pl letting them guess them. (Closes: #905761)
  * Modernize Package:
    - compat level 11 (d/compat and add B-D on debhelper >=11)
    - migrate to short debhelper.
    - drop the versioned conflict against libfile-rsyncp-perl, version
      in old-old-stable is already new enough.
    - remove versions specifier from dependencies, all are fulfilled in
      old-old-stable already. Tar and dpkg can be dropped, they are
      essential.
    - drop d/menu.
    - convert d/copyright to the Machine-readable copyright file format.
    - modify d/watch to point to (new) github project site.
    - S-V bumped to 4.2.1:  required.
    - postinst: do not check existence of executables with absolute path,
      but using which. (lintian command-with-path-in-maintainer-script).
  * Add patch to fix some spelling errors found by lintian.
  * Fix "Wrong path in BackupPC_deleteFile", patch from madduck (Closes:
    #876188)
  * Fix "BackupPC_deleteFile uses deprecated defined @{array}", patch from
    madduck. (Closes: #876193)
  * Do only recommmend smbclient and samba-common-bin, do not depend on it
    (Closes: #488098, #820980)
  * Change homepage in d/control to new upstream location.

 -- Tobias Frost   Wed, 17 Oct 2018 23:53:54 +0200

backuppc (3.3.1-5) unstable; urgency=medium

  * QA upload.
  * Set maintainer to Debian QA Group. (see #887490)
  * Add the missing dependency on lsb-base.
  * Add Homepage field.

 -- Adrian Bunk   Fri, 16 Feb 2018 16:48:37 +0200

bind9 1:9.11.5.P1+dfsg-1ubuntu2 -> 1:9.11.5.P4+dfsg-2

* Last Uploader: Marc Deslauriers

Debian changes newer than ubuntu version:

bind9 (1:9.11.5.P4+dfsg-2) unstable; urgency=medium

  [ Ondřej Surý ]
  * Update d/gbp.conf for Debian Buster

  [ Bernhard Schmidt ]
  * Cherry-Pick upstream commit to prevent dnssec-keymgr from immediately
    expiring and deleting old DNSSEC keys when being run for the first
    time (Closes: #923984)
  * Update AppArmor policy for Samba AD DLZ
    - Add changed default location for named.conf
    - Allow read/mmap on some Samba libraries
    Thanks to Steven Monai (Closes: #920530)

  [ Andreas Beckmann ]
  * bind9.preinst: cope with ancient conffile named.conf.options
    (Closes: #905177)

 -- Bernhard Schmidt   Tue, 02 Apr 2019 21:12:50 +0200

bind9 (1:9.11.5.P4+dfsg-1) unstable; urgency=high

  [ Bernhard Schmidt ]
  * New upstream version 9.11.5.P4+dfsg
    - CVE-2018-5744: A specially crafted packet can cause named to leak memory
    - CVE-2018-5745: An assertion failure can occur if a trust anchor rolls over
      to an unsupported key algorithm when using managed-keys
    - CVE-2019-6465: Controls for zone transfers might not be properly applied
      to Dynamically Loadable Zones (DLZs) if the zones are writable.
  * d/watch: Do not use beta or RC versions
  * d/libdns1104.symbols: fix symbols-file-contains-debian-revision for dnstap
    symbols

  [ Ondřej Surý ]
  * Add new upstream GPG signing-key

 -- Bernhard Schmidt   Fri, 22 Feb 2019 17:54:10 +0100

bind9 (1:9.11.5.P1+dfsg-2) unstable; urgency=medium

  [ Dominik George ]
  * Support dyndb modules with apparmor. (Closes: #900879)

  [ Bernhard Schmidt ]
  * apparmor-policy: permit locking of the allow-new-zones database
    (Closes: #922065)
  * apparmor-policy: allow access to Samba DLZ files (Closes: #920530)

 -- Bernhard Schmidt   Tue, 12 Feb 2019 00:34:21 +0100

byobu 5.127-0ubuntu1 -> 5.127-2

* Last Uploader: Dustin Kirkland 

Debian changes newer than ubuntu version:

byobu (5.127-2) unstable; urgency=medium

  * Fix up incorrect merge caused in 5.127-1.

 -- Alex Chernyakhovsky   Wed, 10 Apr 2019 22:07:52 -0400

byobu (5.127-1) unstable; urgency=medium

  * Syncing from Ubuntu.

 -- Alex Chernyakhovsky   Wed, 10 Apr 2019 18:14:36 -0400

celery 4.2.1-2fakesync1 -> 4.2.1-3

* Last Uploader: Mattia Rizzolo

Debian changes newer than ubuntu version:

celery (4.2.1-3) unstable; urgency=medium

  * Integrate py37-skip-tests patch into gbp-pq.
  * Add patch to relax version requirements on billiard (Closes:
    #923719).
  * Clean up pytest artifacts to allow two builds in a row.
  * Bump Standards-Version to 4.3.0.

 -- Michael Fladischer   Thu, 07 Mar 2019 22:14:11 +0100

chrony 3.4-1ubuntu1 -> 3.4-4

* Last Uploader: Christian Ehrhardt 

Debian changes newer than ubuntu version:

chrony (3.4-4) unstable; urgency=medium

  * debian/patches/*:
    - Add allow-further-syscalls-in-seccomp-filter.patch. Supplementing the
    seccomp filter whitelist with those syscalls is a prerequisite, notably for
    the arm64 architecture.

  [ Leigh Brown ]
  * debian/patches/*:
    - Add allow-recv-send-in-seccomp-filter.patch. Necessary on armel and
    ppc64el. Other architectures might also be affected. (Closes: #924494)

 -- Vincent Blut   Mon, 18 Mar 2019 19:35:34 +0100

chrony (3.4-3) unstable; urgency=medium

  * debian/.gitlab-ci.yml:
    - Check for missing hardening flags.

  * debian/patches/*:
    - Add allow-_llseek-in-seccomp-filter.patch. Needed on various 32-bit
    plateforms to log the {raw}measurements and statistics information when
    the seccomp filter is enabled. Thanks a lot to Francesco Poli (wintermute)
     for the report. (Closes: #923137)
    - Add allow-waitpid-in-seccomp-filter.patch. Needed to correctly stop
    chronyd on some plateforms when the seccomp filter is enabled.

 -- Vincent Blut   Mon, 04 Mar 2019 23:32:12 +0100

chrony (3.4-2) unstable; urgency=medium

  * debian/.gitlab-ci.yml:
    - Replace home-made GitLab CI with the standard Salsa pipeline.
    - Allow autopkgtest job to fail. The time-sources-from-dhcp-servers test
    currently fails due to a testbed issue on salsa CI.

  * debian/chrony.default:
    - Enable the system call filter by default.

  * debian/control:
    - Bump standard-version to 4.3.0 (no changes required).
    - Use the new debhelper-compat (= 12) notation and drop d/compat.
    - Add Pre-Depends: ${misc:Pre-Depends}. Debhelper compatibility level 12
    makes use of the “--skip-systemd-native” flag from “invoke-rc.d”. Adding
    Pre-Depends: ${misc:Pre-Depends} to d/control ensure that we have a recent
    enough version of “init-system-helpers”.
    - Suggest networkd-dispatcher.

  * debian/copyright:
    - Add myself as a copyright holder for 2019.

  * debian/links:
    - Now that “networkd-dispatcher” is in the Debian archive, link
    NetworkManager dispatcher script to networkd-dispatcher routable and off
    states. Patch cherry-picked from Ubuntu; thanks to Christian Ehrhardt
     for working on this.

  * debian/NEWS:
    - Report that a system call filter is now enabled by default and the way
    to disable it if needed.

  * debian/rules:
    - Don’t enable the system call filter on some architectures due to missing
    support in the “libseccomp” and/or the Linux kernel.

  * debian/upstream/:
    - Strip upstream key from extra signatures. Thanks lintian!
    - Remove the Miroslav-Lichvar.txt file as it serves no purpose.

  * debian/usr.sbin.chronyd:
    - Don’t include “tunables/sys”. The etc/apparmor.d/tunables/sys file has
    been deprecated in AppArmor 2.13.1! The @{sys} variable is now defined in
    “tunables/kernelvars” which is included in “tunables/global”.

 -- Vincent Blut   Wed, 13 Feb 2019 17:08:17 +0100

clamav 0.100.3+dfsg-0ubuntu1 -> 0.101.2+dfsg-1

* Last Uploader: Marc Deslauriers

Debian changes newer than ubuntu version:

clamav (0.101.2+dfsg-1) unstable; urgency=high

  * Import 0.101.2
   - CVE-2019-1787 (An out-of-bounds heap read condition may occur when
     scanning PDF documents)
   - CVE-2019-1789 (An out-of-bounds heap read condition may occur when
     scanning PE files)
   - CVE-2019-1788 (An out-of-bounds heap write condition may occur when
     scanning OLE2 files)
   - CVE-2019-1786 (An out-of-bounds heap read condition may occur when
     scanning malformed PDF documents)
   - CVE-2019-1785 (A path-traversal write condition may occur as a result of
     improper input validation when scanning RAR archives)
   - CVE-2019-1798 (A use-after-free condition may occur as a result of
     improper error handling when scanning nested RAR archives)
   - update symbols file
   - Remove DetectBrokenExecutables option from clamd template, it is
     deprecated.
  * Drop the dbgsym migration line.
  * Bump standards-version to 4.3.0 without further change

 -- Sebastian Andrzej Siewior   Sat, 30 Mar 2019 16:25:48 +0100

clamav (0.101.1+dfsg-3) unstable; urgency=medium

  * Upload to unstable.

 -- Sebastian Andrzej Siewior   Thu, 28 Feb 2019 23:36:02 +0100

clamav (0.101.1+dfsg-2) experimental; urgency=medium

  [ Scott Kitterman ]
  * Add information to README.Debian on configuring clamav-milter's socket to
    work with postfix

  [ Sebastian Andrzej Siewior ]
  * debian/libclamav-dev.install: also install clamav-types.h

 -- Scott Kitterman   Mon, 04 Feb 2019 10:12:57 -0500

clamav (0.101.1+dfsg-1) experimental; urgency=medium

  [ Scott Kitterman ]
  * Update debian/copyright
  * Add Build-Depends-Package to libclamav9.symbols
  * Update clamav-docs.doc-base for re-organized documentation
  * Add lintian override for source-is-missing on test file that happens
    to have long line length
  * Drop build-depends on electric-fence, upstream no longer ships the
    relevant tests that used it

  [ Sebastian Andrzej Siewior ]
  * Import 0.101.1
    - update symbol file
    - add back the json/curl configure options (don't rely on autodetect).
  * Add abstractions/openssl to apparmor's profile. Thanks to intrigeri for
    the help (Closes: #913020).
  * Load the apparmor profile before starting the daemon. Thanks to intrigeri
    for the help (Closes: #903834).
  * Add attach_disconnected to freshclam's apparmor profile to hopefully get
    it properly working in overlayfs enviroment. Thanks to Vincas Dargis
    (Closes: #917648).

 -- Sebastian Andrzej Siewior   Fri, 11 Jan 2019 23:00:17 +0100

clamav (0.101.0+dfsg-1) experimental; urgency=medium

  [ Scott Kitterman ]
  * Increase clamd socket command read timeout to 30 seconds (Closes: #915098)

  [ Sebastian Andrzej Siewior ]
  * Import new upstream release.
   - update symbol file.
   - add new options to the config file.
   - package libclamav9

 -- Sebastian Andrzej Siewior   Wed, 19 Dec 2018 21:22:53 +0100

cmd2 0.7.9-0ubuntu1 -> 0.8.5-2

* Last Uploader: Corey Bryant

Debian changes newer than ubuntu version:

cmd2 (0.8.5-2) unstable; urgency=medium

  [ Ondřej Nový ]
  * Add python-enum32 to D + B-D (Closes: #902514)
  * Add python-contextlib2 to D + B-D (Closes: #902518)
  * Add python{,3}-wcwidth to D + B-D
  * Enable autopkgtest-pkg-python testsuite
  * d/control: Remove ancient X-Python-Version field

  [ Federico Ceratto ]
  * Bump up Standards-Version

 -- Federico Ceratto   Thu, 12 Jul 2018 18:19:48 +0100

cmd2 (0.8.5-1) unstable; urgency=medium

  * New upstream release.

 -- Federico Ceratto   Mon, 14 May 2018 18:23:06 +0100

cmd2 (0.8.0-1) unstable; urgency=medium

  * New upstream release.
  * Patch out GTK import (Closes: #884875) Thanks to Corey Bryant

 -- Federico Ceratto   Sat, 24 Feb 2018 15:23:23 +0000

crmsh 3.0.1-3ubuntu1 -> 4.0.0~git20190108.3d56538-3

* Last Uploader: Dimitri John Ledkov

Debian changes newer than ubuntu version:

crmsh (4.0.0~git20190108.3d56538-3) unstable; urgency=medium

  * d/tests: disable regression tests for now
  * d/tests: cleanup regexp

 -- Valentin Vidic   Sun, 20 Jan 2019 10:59:14 +0100

crmsh (4.0.0~git20190108.3d56538-2) unstable; urgency=medium

  * d/tests: try to fix regression testsuite

 -- Valentin Vidic   Sat, 19 Jan 2019 23:53:26 +0100

crmsh (4.0.0~git20190108.3d56538-1) unstable; urgency=medium

  * New upstream version 4.0.0~git20190108.3d56538 (Closes: #883171)
  * d/control: update for python3
  * d/rules: update for python3
  * d/postinst,prerm: autogenerated with python3
  * d/patches: update for new version
  * d/tests: update for new version
  * d/tests: run testsuite
  * d/control: link fonts from fonts-font-awesome
  * d/rules: install README into /usr/share/doc/crmsh

 -- Valentin Vidic   Sat, 19 Jan 2019 12:39:02 +0100

crmsh (3.0.3-2) unstable; urgency=medium

  * d/patches: use knet for unicast bootstrap
  * d/tests: use unicast for cluster bootstrap
  * d/tests: fix default node name
  * d/control: update Standards-Version to 4.3.0
  * d/control: update my email address

 -- Valentin Vidic   Thu, 27 Dec 2018 21:05:17 +0100

crmsh (3.0.3-1) unstable; urgency=medium

  * New upstream version 3.0.3
  * d/rules: install bash completion
  * d/rules: install vim plugin
  * d/patches: refresh for new upstream version

 -- Valentin Vidic   Mon, 02 Jul 2018 14:35:45 +0200

crmsh (3.0.1-4) unstable; urgency=medium

  * d/control: update Vcs URLs to use salsa
  * d/rules: cleanup trailing whitespace
  * d/copyright: use https in Format url
  * d/control: update Standards-Version to 4.1.4

 -- Valentin Vidic   Wed, 11 Apr 2018 09:40:22 +0200

defusedxml 0.5.0-1ubuntu1 -> 0.5.0-2

* Last Uploader: James Page

Debian changes newer than ubuntu version:

defusedxml (0.5.0-2) unstable; urgency=medium

  [ Ondřej Nový ]
  * d/control: Set Vcs-* to salsa.debian.org
  * d/copyright: Use https protocol in Format field
  * d/changelog: Remove trailing whitespaces
  * d/control: Remove ancient X-Python-Version field
  * d/control: Remove ancient X-Python3-Version field
  * Convert git repository from git-dpm to gbp layout

  [ Jelmer Vernooij ]
  * Bump debhelper from old 9 to 10.
  * Re-export upstream signing key without extra signatures.
  * Add a basic debian/upstream/metadata.

 -- Jelmer Vernooij   Tue, 13 Feb 2018 10:18:18 +0100

dns-root-data 2018091102 -> 2019031302

Unknown (Probably auto sync.)

Debian changes newer than ubuntu version:

dns-root-data (2019031302) unstable; urgency=medium

  * cryptographically verify root.hints
  * get_orig_source: refresh root-anchors.{xml,p7s} as well
  * update root data to 2019031302
  * standards-version: bump to 4.3.0 (no changes needed)
  * parse-root-anchors.sh: account for validity windows
  * check: deliberately skip the TTL generated by ldns-key2ds
  * dns-root-data is Multi-Arch: foreign

 -- Daniel Kahn Gillmor   Sat, 23 Mar 2019 15:33:17 +0100

dovecot 1:2.3.4.1-1ubuntu2 -> 1:2.3.4.1-4

* Last Uploader: Marc Deslauriers

Debian changes newer than ubuntu version:

dovecot (1:2.3.4.1-4) unstable; urgency=high

  * [d04d4ba] Fix assert-crash in JSON encoder (CVE-2019-10691)

 -- Apollon Oikonomopoulos   Thu, 18 Apr 2019 10:21:19 +0300

dovecot (1:2.3.4.1-3) unstable; urgency=high

  * [07c9212] Fix two buffer overflows when reading oversized FTS headers
    and/or oversized POP3-UIDL headers (CVE-2019-7524).

 -- Apollon Oikonomopoulos   Mon, 25 Mar 2019 23:06:01 +0200

dovecot (1:2.3.4.1-2) unstable; urgency=medium

  [ Laurent Bigonville ]
  * [ac99918] Fix double-free crash in mysql driver
    Fix double closing of the connection in the mysql driver, this should
    fix the crash in the dovecot auth process, taken from upstream.
    (Closes: #918339)

  [ Apollon Oikonomopoulos ]
  * [8a30446] Bump Standards-Version to 4.3.0; no changes needed

 -- Apollon Oikonomopoulos   Thu, 14 Mar 2019 11:02:39 +0200

drbd8 n/a -> 2:8.4.4-1

Unknown (Probably auto sync.)

Debian changes newer than ubuntu version:


ebtables 2.0.10.4+snapshot20181205-1ubuntu1 -> 2.0.10.4+snapshot20181205-3

* Last Uploader: Karl Stenerud (sponsored by Christian Ehrhardt )

Debian changes newer than ubuntu version:

ebtables (2.0.10.4+snapshot20181205-3) unstable; urgency=medium

  [ Arturo Borrero Gonzalez ]
  * [9b474c7] src:ebtables: add salsa CI integration

  [ Alberto Molina Coballes ]
  * [5dbd22d] Remove /sbin symlinks on not usr-merged systems (Closes: #926728)

 -- Alberto Molina Coballes   Mon, 15 Apr 2019 18:23:43 +0000

ebtables (2.0.10.4+snapshot20181205-2) unstable; urgency=medium

  [ Alberto Molina Coballes ]
  * [d0a79d0] d/rules: include build architecture compiler (Closes: #848948)
  * [322fbda] Revert "d/rules: include build architecture compiler"
  * [25138b7] d/ebtables.prerm: iptables verification deleted (Closes: #919583)
  * [22208c6] d/control: Mark ebtables as 'Multi-Arch: foreign'
    (Closes: #918787)
  * [b739b36] d/ebtables-{save,restore}.8 renamed

  [ Arturo Borrero Gonzalez ]
  * [a9cfc27] d/rules: make build verbose
  * [5e3d23f] d/stamp-autotools-files: delete file

  [ Alberto Molina Coballes ]
  * [7a58bd0] ebtables: System V init script removed (Closes: #918678)
  * [9d015e9] ebtables: remove, disable and purge systemvinit script and
    systemd service
  * [1292475] d/README.Debian: add explanation about nftables migration
  * [de05c5e] d/patches: minor update
  * [b4d4f1e] d/control: bump std-version to 4.3.0

 -- Alberto Molina Coballes   Sat, 02 Feb 2019 19:31:28 +0000

exim4 4.92-4ubuntu1 -> 4.92-5

* Last Uploader: Karl Stenerud (sponsored by Christian Ehrhardt )

Debian changes newer than ubuntu version:

exim4 (4.92-5) unstable; urgency=medium

  * Improved spam-scanning example with accompaning information in
    README.Debian. Explicitly warn about adding the default SpamAssassin
    report in a header, which Closes: #774553
  * Drop 90_localscan_dlopen.dpatch. (It has been non-functional for a couple
    of months.) Closes: #925982 Add a Conflicts for sa-exim, which relied on
    the (working) version of the patch. Drop exim4-dev package. Add a NEWS
    entry for this change.

 -- Andreas Metzler   Sun, 07 Apr 2019 13:39:31 +0200

fetchmail 6.3.26-3ubuntu1 -> 6.4.0~beta4-3

* Last Uploader: Karl Stenerud (sponsored by Andreas Hasenack)

Debian changes newer than ubuntu version:

fetchmail (6.4.0~beta4-3) unstable; urgency=medium

  * Backport fix potential SIGSEGV in pop3_delete (closes: #921450).
  * Backport native name verification for OpenSSL.

 -- Laszlo Boszormenyi (GCS)   Wed, 06 Feb 2019 16:33:00 +0000

fetchmail (6.4.0~beta4-2) unstable; urgency=medium

  * Upload to Sid.
  * Update Standards-Version to 4.3.0 .

 -- Laszlo Boszormenyi (GCS)   Sun, 03 Feb 2019 15:45:40 +0000

fetchmail (6.4.0~beta4-1) experimental; urgency=medium

  * New major upstream beta release:
    - improved TLS support (closes: #768843).
  * Update watch file.
  * Disable Vcs-* fields for now.
  * Update debhelper level to 11:
    - remove dh-autoreconf build dependency,
    - remove autotools-dev build dependency,
    - don't specify parallel to debhelper,
    - specify restart-after-upgrade to dh_installinit .
  * Update Standards-Version to 4.1.4 .

  [ Russell Coker  ]
  * Run restorecon after creating directory from init script (closes: #752598).

  [ Nicolas Boulenguez  ]
  * Packaging updates (closes: #895366):
    - rename d/init to d/fetchmail.init, as recommended by policy,
    - give standard formatting to header of 01_fetchmailconf.patch ,
    - remove obsolete debian/pycompat ,
    - fix typo in manpage,
    - delegate installation of ppp and logcheck scripts to debhelper,
    - delegate manpages from dh_install to more specialized
      dh_installmanpages ,
    - install contrib files and resolvconf directly without intermediate copy
      in debian/tmp ,
    - switch copyright to format 1.0 and add some missing licenses.
    - delegate buggy installation of README.contrib to debhelper,
    - per policy 4.0.0, use invoke-rc.d instead of calling /etc/init.d/*
      directly,
    - rules: drop paragraphe preparing unused variable CONFFLAGS ,
    - rules: simplify some variable affectations,
    - delegate build flags stuff to dpkg-buildflags .

  [ Kevin Ryde  ]
  * Let fetchmail-mode run hook after other settings (closes: #710319).

 -- Laszlo Boszormenyi (GCS)   Sat, 23 Jun 2018 15:52:22 +0000

freeipmi 1.5.7-2ubuntu1 -> 1.6.3-1.1

* Last Uploader: dann frazier

Debian changes newer than ubuntu version:

freeipmi (1.6.3-1.1) unstable; urgency=high

  * Non-maintainer upload.

  [ Antonio Galea ]
  * Do not start ipmidetectd daemon until configured. Closes: #922404

  [ Dominik George ]
  * Use init system to handle defaults instead of RUN= (cf. lintian error).

 -- Dominik George   Sat, 23 Feb 2019 14:06:54 +0100

freeipmi (1.6.3-1) unstable; urgency=medium

  * [3f1f5ea] Updating symbols file
  * [0e89b2a] Update upstream source from tag 'upstream/1.6.3'
    Update to upstream version '1.6.3'
    with Debian dir 54827b9583bcd0d38618a83200a69a58c23a5ff9

 -- Bernd Zeimetz   Sat, 02 Feb 2019 15:50:10 +0100

freeipmi (1.6.2-1) unstable; urgency=medium

  * [35bac5a] Update upstream source from tag 'upstream/1.6.2'
    Update to upstream version '1.6.2'
    with Debian dir 16f1de27bc1a6a23b926afd2982d80b41f9ed4aa
  * [120bf23] Updating symbols file

 -- Bernd Zeimetz   Sun, 06 Jan 2019 16:33:28 +0100

freeipmi (1.5.7-3) unstable; urgency=medium

  * [1060d79] Add gitlab ci script
  * [d50960f] Ack'ing NMU.
    Thanks to Andreas Metzler (Closes: #864103)
  * [6f8e634] Updating Maintainer and Git Addresses.
    Thanks to Christoph Biedl (Closes: #899511)

 -- Bernd Zeimetz   Sun, 06 Jan 2019 15:57:29 +0100

freeipmi (1.5.7-2.1) unstable; urgency=low

  * Non-maintainer upload.
  * B-d on libgcrypt20-dev instead of (dummy transition package)
    libgcrypt11-dev. Closes: #864103

 -- Andreas Metzler   Sat, 27 Oct 2018 09:47:18 +0200

gfs2-utils 3.1.9-2ubuntu2 -> 3.2.0-1

* Last Uploader: Matthias Klose

Debian changes newer than ubuntu version:

gfs2-utils (3.2.0-1) unstable; urgency=medium

  * New upstream version 3.2.0
  * Refresh debian/patches
  * debian/rules: print testsuite.log when tests fail

 -- Valentin Vidic   Wed, 30 May 2018 09:11:21 +0200

gfs2-utils (3.1.10-3) unstable; urgency=medium

  * debian/patches: fix parallel cleanup
  * debian/patches: fix FTBFS with kernel 4.16 (Closes: #897508)
  * debian/control: update Standards-Version to 4.1.4

 -- Valentin Vidic   Sun, 13 May 2018 09:48:17 +0200

gfs2-utils (3.1.10-2) unstable; urgency=medium

  * debian/copyright: reorder paragraphs
  * debian/patches: update scripts for python3
  * debian/copyright: remove unused paragraph
  * debian/rules: enable build hardening
  * debian/control: replace Conflicts with Breaks
  * debian/patches: add patch descriptions
  * debian/control: update Vcs URLs to use salsa
  * debian/patches: fix spelling errors
  * debian/control: update debhelper to v11
  * debian/rules: add dh_missing check
  * debian/control: update Standards-Version to 4.1.3

 -- Valentin Vidic   Thu, 05 Apr 2018 21:39:48 +0200

gfs2-utils (3.1.10-1) unstable; urgency=medium

  * New upstream version
  * Refresh debian/patches
  * debian/watch: use pagure
  * debian/copyright: update Format URL
  * debian/control: update Homepage to pagure
  * debian/control: update Standards-Version to 4.0.0 with no changes

 -- Valentin Vidic   Wed, 21 Jun 2017 21:43:58 +0200

ghostscript 9.26~dfsg+0-0ubuntu7 -> 9.27~dfsg-2

* Last Uploader: Marc Deslauriers

Debian changes newer than ubuntu version:

ghostscript (9.27~dfsg-2) unstable; urgency=medium

  * Add patch cherry-picked upstream
    to fix regression resolving bounding box of font glyphs.
    Closes: Bug#927429. Thanks to Kenshi Muto.

 -- Jonas Smedegaard   Sat, 20 Apr 2019 10:16:50 +0200

ghostscript (9.27~dfsg-1) unstable; urgency=high

  [ upstream ]
  * New release.
    Closes: Bug#925256, 925257 (CVE-2019-3835, CVE-2019-3838).
    Thanks to Salvatore Bonaccorso.
  * Set urgency=high, due to CVE fix.

  [ Jonas Smedegaard ]
  * Drop patches cherry-picked upstream now applied.
  * Unfuzz patches.
  * Build-depend versioned on libjbig2dec0-dev
    (not unversioned on libjbig2dec-dev).
  * Use dpkg-provided snippet
    (not additional explicit dpkg-parsechangelog call)
    to resolve when build is targeted experimental suite.
  * Revert to again split ABI at ~ (not a)."
  * Update copyright info: Extend coverage for main upstream author.
  * Update testsuite to catch new error message.
  * Update symbols:
    + 18 private symbols dropped.
    + 51 private symbols dropped.

 -- Jonas Smedegaard   Thu, 04 Apr 2019 20:17:20 +0200

ghostscript (9.26a~dfsg-2) unstable; urgency=medium

  * Update symbols: 1 private added.
  * Add test to check that upstream bug 700317 is fixed,
    and a smoketest to check commanline options.
    Enable bugchecking and smoketest during build,
    and smoketest as autopkgtest.

 -- Jonas Smedegaard   Wed, 23 Jan 2019 20:26:09 +0100

ghostscript (9.26a~dfsg-1) unstable; urgency=high

  [ upstream ]
  * New security release.
    (CVE-2019-6116).
  * Set urgency=high, due to CVE fix.

  [ Jonas Smedegaard ]
  * Consult DEB_BUILD_OPTIONS (not bogusly DEB_BUILD_PROFILES)
    to decide if build is a profile.
  * Declare compliance with Debian Policy 4.3.0.
  * New upstream version 9.26a~dfsg
  * Update copyright info: Extend coverage of packaging.

 -- Jonas Smedegaard   Wed, 23 Jan 2019 12:47:56 +0100

golang n/a -> 2:1.6.1-2

Unknown (Probably auto sync.)

Debian changes newer than ubuntu version:


golang-gopkg-lxc-go-lxc.v2 0.0~git20180119.b964baa-1ubuntu3 -> 0.0~git20181101.0aadfc3-1

* Last Uploader: Stéphane Graber

Debian changes newer than ubuntu version:

golang-gopkg-lxc-go-lxc.v2 (0.0~git20181101.0aadfc3-1) unstable; urgency=medium

  [ Alexandre Viau ]
  * Point Vcs-* urls to salsa.debian.org.

  [ Clément Hermann ]
  * New upstream snapshot (Closes: #915619)
  * d/rules: Use DH_GOLANG_EXCLUDES_ALL instead of an override
  * d/control: Bump Standards-Version to 4.2.1 (no change)
  * Switch to debhelper compat level 11

 -- Clément Hermann   Wed, 05 Dec 2018 18:52:55 +0100

google-perftools 2.5-2.2ubuntu3 -> 2.7-1

* Last Uploader: Matthias Klose

Debian changes newer than ubuntu version:

google-perftools (2.7-1) unstable; urgency=medium

  * New upstream release.
  * Fix libprofiler build on ppc64el (closes: #894749).
  * Remove 0001-unbreak-printing-large-span-stats.patch as not needed.
  * Use short debhelper rules format.
  * Make package multiarch (closes: #893928).
  * Reference google-pprof in README (closes: #739572).
  * Update debhelper level to 11:
    - remove dh-autoreconf build dependency.
  * Update Standards-Version to 4.1.4 .
  * New maintainer (closes: #863782).

 -- Laszlo Boszormenyi (GCS)   Mon, 30 Apr 2018 06:52:01 +0000

google-perftools (2.6.90-0.1) unstable; urgency=medium

  * Non-maintainer upload.
  * Upload to unstable.
  * Cherry-pick patches from upstream to fix tests on i386.

 -- YunQiang Su   Sun, 25 Mar 2018 19:20:03 +0800

google-perftools (2.6.90-0.1~exp) experimental; urgency=medium

  * Non-maintainer upload.
  * Migrate to salsa.debian.org, and convert to git.
  * New upstream release, and use arch list to 'any' for test on experimental
    (Closes: #872511, #837343, #856203, #857275, #761685)
  * Migrate to 3.0 (quilt) format. (Closes: #872512)
  * Build-Dep on libunwind-dev instead of libunwind8-dev. (Closes: #872593)
  * Drop build-dep on binutils. (Closes: #873141)
  * Use standard version 4.1.3.
  * Use multiarch dir as libdir.
  * cdbs: dh-autoreconf.

 -- YunQiang Su   Wed, 21 Mar 2018 13:06:54 +0800

ifupdown 0.8.34ubuntu2 -> 0.8.35

* Last Uploader: Dimitri John Ledkov

Debian changes newer than ubuntu version:

ifupdown (0.8.35) unstable; urgency=medium

  [ Ondřej Nový ]
  * d/copyright: Use https protocol in Format field
  * d/changelog: Remove trailing whitespaces

  [ Guus Sliepen ]
  * Deprecate the netmask and broadcast options. Closes: #912220
  * Bump Standards-Version and Build-Depends on debhelper-compat (= 12).
  * Make sure no systemd scripts are restarted on upgrades. Closes: #900269
  * Use a DUID for DHCPv4 when using dhclient. Closes: #906894

 -- Guus Sliepen   Mon, 28 Jan 2019 21:37:33 +0100

ipxe 1.0.0+git-20190109.133f4c4-0ubuntu2 -> 1.0.0+git-20190125.36a4c85-1

* Last Uploader: Christian Ehrhardt 

Debian changes newer than ubuntu version:

ipxe (1.0.0+git-20190125.36a4c85-1) unstable; urgency=medium

  * New snapshot. (closes: #832765, #906365)
  * Add e1000e and vmxnet3 firmware for qemu. (closes: #884240, #868124)

 -- Bastian Blank   Sat, 09 Feb 2019 17:41:37 +0100

ldns 1.7.0-3ubuntu8 -> 1.7.0-4

* Last Uploader: Matthias Klose

Debian changes newer than ubuntu version:

ldns (1.7.0-4) unstable; urgency=medium

  * Fix invalid maintainer (Closes: #899938)
  * Add two upstream patches to address security issues:
   + CVE-2017-1000231: Memory corruption in ldns_rr_new_frm_fp_l
     (Closes: #882015)
   + CVE-2017-1000232: Memory corruption in ldns_str2rdf_long_str
     (Closes: #882014)
  * Bump debhelper compat to v12
  * Update the Vcs-* links to salsa.d.o
  * Bump the policy to the latest version (no change)
  * Add upstream Homepage link to d/control
  * Disable GOST and enable Ed25519 algorithm (see draft-wouters-sury-dnsop-algorithm-update)

 -- Ondřej Surý   Sun, 10 Mar 2019 21:56:02 +0000

ldns (1.7.0-3.1) unstable; urgency=medium

  * Non-maintainer upload.
  * Don't build-depend on python3-all-dev, the build rules don't handle
    multiple versions of python3 correctly.  Closes: #904038
    Thanks to Steve Langasek  for the patch.
  * Enable parallel building.

 -- Mattia Rizzolo   Thu, 27 Sep 2018 10:36:04 +0200

libcaca 0.99.beta19-2ubuntu2 -> 0.99.beta19-2.1

* Last Uploader: Marc Deslauriers

Debian changes newer than ubuntu version:

libcaca (0.99.beta19-2.1) unstable; urgency=medium

  * Non-maintainer upload.
  * Cherry-Pick fixes from upstream git repository:
    - CVE-2018-20545, CVE-2018-20546, CVE-2018-20547,CVE-2018-20548 and
      CVE-2018-20549 (Closes: #917807)

 -- Tobias Frost   Sat, 06 Apr 2019 22:18:41 +0200

libcgroup 0.41-8ubuntu2 -> 0.41-10

* Last Uploader: Dimitri John Ledkov

Debian changes newer than ubuntu version:

libcgroup (0.41-10) unstable; urgency=medium

  * Orphan package. Set Maintainer to Debian QA Group.

 -- Christian Kastner   Mon, 25 Feb 2019 20:04:27 +0100

libcgroup (0.41-9) unstable; urgency=medium

  * Acknowledge NMU. Thanks, Markus Koschany!

  * d/watch:
    - Update to format version 4
    - Switch to https
  * d/control:
    - Point Vcs-* fields to Salsa
    - Switch Build-Depends from debhelper to debhelper-compat
    - Bump debhelper compatibility level to 12
    - Add Rules-Requires-Root: no
      We don't need (fake)root to build the packages
    - Drop transitional package cgroup-bin
    - Drop Build-Depends on dh-autoreconf
      debhelper enables the sequence by default since compatibility level 10.
    - Bump Standards-Version to 4.3.0
  * Remove now obsolete d/compat
  * d/copyright:
    - Switch to https in Format field
    - Fix broken Source URL (libcg, not fuse)
  * gbp.conf: Set pristine-tar and sign-tags options
  * d/rules:
    - Drop override_dh_strip
      It was only needed for the dbgsym migration
    - Switch from dh_install to dh_missing for --fail-missing
    - Drop --parallel and --with=autoreconf
      They are enabled by default in compatibility level 10.
  * Add patch cgrulesengd-_GNU_SOURCE.patch.
    Fixes a FTBFS on ia64. Thanks, James Clarke! Closes: #886744

 -- Christian Kastner   Thu, 21 Feb 2019 21:34:30 +0100

libcgroup (0.41-8.1) unstable; urgency=high

  * Non-maintainer upload.
  * Fix CVE-2018-14348:
    It was discovered that the cgrulesengd daemon would create a log file which
    would allow any user to write to it. (Closes: #906308)

 -- Markus Koschany   Sun, 19 Aug 2018 23:10:45 +0200

libdbi-drivers 0.9.0-5ubuntu2 -> 0.9.0-6

* Last Uploader: Adam Conrad

Debian changes newer than ubuntu version:

libdbi-drivers (0.9.0-6) unstable; urgency=medium

  * Fix copyright file order.
  * Disable Vcs-* fields for now.
  * Update debhelper level to 11:
    - remove dh-autoreconf build dependency,
    - remove autotools-dev build dependency.
  * Update Standards-Version to 4.1.4 .
  * Sync with Ubuntu.

  [ Adam Conrad  ]
  * Upstream cherrypick to fix FTFBS with freetds 1.0 (closes: #891672).

 -- Laszlo Boszormenyi (GCS)   Mon, 23 Apr 2018 15:46:23 +0000

libpam-radius-auth 1.3.17-0ubuntu5 -> 1.4.0-2

* Last Uploader: Nish Aravamudan

Debian changes newer than ubuntu version:

libpam-radius-auth (1.4.0-2) unstable; urgency=medium

  * QA upload.
  * Fix a regression that made libpam-radius-auth/1.4.0-1 use
    a different configuration file than intended.  This version
    restores /etc/pam_radius_auth.conf as the configuration
    file for Debian package of libpam-radius-auth.
    (Closes: #908006)
  * Use the new "debhelper-compat (= 11)" method for specifying
    debhelper compat version.

 -- Niels Thykier   Wed, 05 Sep 2018 19:44:07 +0000

libpam-radius-auth (1.4.0-1) unstable; urgency=low

  * QA upload.
  * New upstream release.  (Closes: #854284)
  * Drop patch that was applied upstream or no longer relevant.
  * Set Rules-Requires-Root to "no".
  * Bump Priority to "optional" since "extra" has been
    removed.
  * Rewrite rules file to the dh7-style.
  * Add ${misc:Depends} to the Depends field.
  * Add Homepage field.
  * Correct section to admin.
  * Change to source format 3.0 (quilt).
  * Bump debhelper compat to 11.
  * Enable bindnow hardening.
  * Update debian/copyright.
  * Bump Standards-Versions to 4.2.0 - no additional changes
    required.

 -- Niels Thykier   Sun, 19 Aug 2018 12:16:13 +0000

libseccomp 2.3.3-3ubuntu2 -> 2.3.3-4

* Last Uploader: Matthias Klose

Debian changes newer than ubuntu version:

libseccomp (2.3.3-4) unstable; urgency=medium

  [ Ondřej Nový ]
  * d/copyright: Change Format URL to correct one

  [ Helmut Grohne ]
  * Fix FTCBFS: (Closes: #903556)
    + Multiarchify python Build-Depends.
    + Annotate cython dependencies with :native for now.
    + Drop noop dh_auto_build invocations.
    + Pass a suitable PYTHONPATH for python2.
    + Pass _PYTHON_SYSCONFIGDATA_NAME for python3.

 -- Felix Geyer   Sun, 10 Feb 2019 12:25:44 +0100

libvirt 5.0.0-1ubuntu2 -> 5.0.0-2

* Last Uploader: Christian Ehrhardt 

Debian changes newer than ubuntu version:

libvirt (5.0.0-2) unstable; urgency=medium

  [ Laurent Bigonville ]
  * [76e2cb7] Don't recommend ebtables.  It's part of the iptables package now.
    (Closes: #918472)

  [ intrigeri ]
  * [d7a7218] Fix virtio-gpu + virgl support by cherry-picking upstream
    commits virt-manager in current sid still creates new VMs with QXL
    graphics by default, so this bug only affects users who opt in for
    virtio-gpu 3D acceleration.  Still, the option for virtio-gpu + 3D
    acceleration is offered in the virt-manager GUI, so having it broken by
    default is an important problem.
    (Closes: #916587)

  [ Christian Ehrhardt ]
  * [3997186] d/libvirt-daemon-system.maintscript: remove obsolete conffile
    /etc/logrotate.d/libvirtd.uml became obsolete since UML was dropped in
    libvirt 5.0 (Closes: #920574)
  * [c64d020] d/libvirt-daemon-system.libvirtd.default: clarify libvirtd_opts
    example (Closes: #921713)

  [ Guido Günther ]
  * [790365e] CVE-2019-3886: Don't allow unprivileged users to use the guest
    agent. Apply upstream patches
    remote-enforce-ACL-write-permission-for-getting-guest-tim.patch
    api-disallow-virDomainGetHostname-for-read-only-connectio.patch
    (Closes: #926418)

 -- Guido Günther   Sun, 07 Apr 2019 12:36:21 +0200

logwatch 7.5.0-1ubuntu1 -> 7.5.0-2

* Last Uploader: Karl Stenerud (sponsored by Christian Ehrhardt )

Debian changes newer than ubuntu version:

logwatch (7.5.0-2) unstable; urgency=high

  * s/s/kernel: fix typo. closes: 917836

 -- Willi Mann   Sat, 09 Mar 2019 18:14:03 +0100

lxc 3.0.3-0ubuntu1 -> 1:3.1.0+really3.0.3-7

* Last Uploader: Stéphane Graber

Debian changes newer than ubuntu version:

lxc (1:3.1.0+really3.0.3-7) unstable; urgency=medium

  * d/ccontrol:
    - Add a dependency to AppArmor for lxc package as the default.conf file
      includes an AppArmor profile.
  * d/{NEWS,README.Debian}:
    - Add appropriate documentation for unprivileged containers
      (Closes: #925899)

 -- Pierre-Elliott Bécue   Tue, 09 Apr 2019 02:03:05 +0200

lxc (1:3.1.0+really3.0.3-6) unstable; urgency=medium

  * d/patches/0005: Tweaks the 0004 patch for CVE-2019-5736 (Closes: #923932)
  * d/NEWS: summary of the important changes since LXC2.

 -- Pierre-Elliott Bécue   Sat, 09 Mar 2019 15:49:21 +0100

lxc (1:3.1.0+really3.0.3-5) unstable; urgency=medium

  [ Christian Kastner ]
  * /etc/default/lxc.conf Change back to lxc.net.0.type
    (Closes: #923395)

  [ Frans Spiesschaert ]
  * debian/po/nl.po: Add Dutch translation of debconf messages
    (Closes: #923328)

 -- Antonio Terceiro   Sat, 02 Mar 2019 12:33:08 -0300

lxc (1:3.1.0+really3.0.3-4) unstable; urgency=medium

  [ Lev Lamberov ]
  * d/po/ru.po: Add russian translation for debconf templates (Closes: #920916)

  [ Américo Monteiro ]
  * d/po/pt.po: Add portuguese translation for debconf templates (Closes:
    #919221)

  [ Adriano Rafael Gomes ]
  * d/po/pr_BR.po: Add brazilian portuguese translation for debconf templates
    (Closes: #920543)

  [ Pierre-Elliott Bécue ]
  * d/patches/0004: Import the fix for CVE-2019-5736. (Closes: #922169)

 -- Pierre-Elliott Bécue   Sat, 16 Feb 2019 16:21:41 +0100

lxc (1:3.1.0+really3.0.3-3) unstable; urgency=medium

  * d/lxc.postinst:
    - Add a fallback method to handle the cases where apparmor_parser may
      fail while present. (nested virt or whatever else) (Closes: #921667)
  * d/patches:
    - Backports 3 patches from lxc 3.1 to have Apparmor confinement working
      properly with systemd 240. (Closes: #916639)
  * d/tests/exercise:
    - Update the configuration to match lxc 3 standards
  * d/contrib/default.conf:
    - Provide a minimalist default.conf including appropriate apparmor
      parameters.

 -- Pierre-Elliott Bécue   Mon, 11 Feb 2019 23:03:53 +0100

lxc (1:3.1.0+really3.0.3-2) unstable; urgency=medium

  [ Chris Leick ]
  * d/po/de.po:
    - Added German Debconf translation (Closes: #916263)

  [ Pierre-Elliott Bécue ]
  * d/lxc.postinst:
    - Add a call to apparmor_parser if present to ensure lxc containers work
      with apparmor after an upgrade. (Closes: #918842)
    - Add a check to make sure we're on a proper upgrade or a proper install
      to decide whether or not some code blocks are executed.
  * d/lxc.config:
    - Asks for the upgrade of configuration only when lxc is actually upgraded
      and not installed.

 -- Pierre-Elliott Bécue   Fri, 11 Jan 2019 01:12:41 +0100

lxc (1:3.1.0+really3.0.3-1) unstable; urgency=medium

  * Rollback to version 3.0.3 as this is a LTS release.
  * Revert symbols file.
  * d/control:
    - Bump Standards-Version to 4.3.0

 -- Pierre-Elliott Bécue   Thu, 10 Jan 2019 23:26:47 +0100

lxc (1:3.1.0-1) unstable; urgency=medium

  [ Pierre-Elliott Bécue ]
  * New upstream release 3.1.0

  [ Shengjing Zhu ]
  * d/liblxc1.symbols: Fix liblxc1 symbol version, missing the Debian epoch.
    Closes: #916362

 -- Pierre-Elliott Bécue   Sat, 22 Dec 2018 22:56:16 +0100

lxc (1:3.0.3-1) unstable; urgency=medium

  * New upstream version: 3.0.3
  * d/liblxc1.symbols: Updated symbols table
  * d/lxc.postinst: no absolute path for lxc-update-config (it's in the PATH)
  * d/copyright: remove statement for src/includes/ifaddrs.{c, h} as they're
    not shipped anymore
  * Release to unstable.

 -- Pierre-Elliott Bécue   Tue, 04 Dec 2018 08:04:18 +0100

lxc (1:3.0.2-1~exp+4) experimental; urgency=medium

  * d/rules: strip unnecessary DPKG_EXPORT_BUILDFLAGS and include that are not
    needed since dh compat 9
  * d/templates, d/po/*: updated templates and translation
  * d/lxc.config: refactor the config script a little

 -- Pierre-Elliott Bécue   Thu, 29 Nov 2018 22:24:03 +0100

lxc (1:3.0.2-1~exp+3) experimental; urgency=medium

  * d/control:
    - Update Recommends to suggest more recent tools.
      Replaces iptables => nftables | iptables
      Add iproute2 for more precise bridge manipulation
  * d/lxc{.config,.postinst}, d/templates, d/po/*
    - Implement a maintainer script allowing an auto-upgrade of lxc
      configuration files

 -- Pierre-Elliott Bécue   Thu, 29 Nov 2018 01:07:02 +0100

lxc (1:3.0.2-1~exp+2) experimental; urgency=medium

  * d/control:
    - Add explicit Recommend on lxc-templates
    - Version the Recommends
    - Update the Breaks on liblxc1
    - Add myself to uploaders

 -- Pierre-Elliott Bécue   Sun, 18 Nov 2018 23:57:26 +0100

lxc (1:3.0.2-1~exp+1) experimental; urgency=medium

  * Team upload
  * New upstream release: 3.0.2
  * d/p/000[1-3]*:
    - Dropped because Debian template got out of lxc release
  * d/p/000[4-7]*:
    - Upstream fixes taken into account into this release
  * d/control:
    - Drop packages lua-lxc and python3-lxc, as they got extracted from there
      by upstream
    - Raise debhelper dependency to 11
    - Bump Standards-Version to 4.2.1. No change required
    - Update VCS fields
    - Add libpam-cgfs that was previously in src:lxcfs
  * d/compat raised to 11
  * d/copyright:
    - Use HTTPS url for the copyright format link
    - Updated copyrights
  * d/watch:
    - Updated version and regex
  * d/libpam-cgfs* d/pam-cgfs.config added with pam-cgfs inclusion in the
    package
  * d/liblxc1.symbols added

 -- Pierre-Elliott Bécue   Sat, 17 Nov 2018 09:23:20 +0100

lxc (1:2.0.9-7) unstable; urgency=medium

  * debian/rules: pass --disable-werror to ./configure. Fixes FTBFS against
    python3 3.7

 -- Antonio Terceiro   Tue, 27 Nov 2018 14:53:56 -0200

lxc (1:2.0.9-6.2) unstable; urgency=medium

  * Non-maintainer upload.
  * autodev: adapt to changes in Linux 4.18 (Closes: #908223)

 -- Salvatore Bonaccorso   Mon, 22 Oct 2018 23:18:55 +0200

lxc (1:2.0.9-6.1) unstable; urgency=medium

  * Non-maintainer upload.
  * utils: add LXC_PROC_PID_FD_LEN
  * CVE 2018-6556: verify netns fd in lxc-user-nic (Closes: #905586)

 -- Salvatore Bonaccorso   Wed, 29 Aug 2018 15:22:46 +0200

lxc (1:2.0.9-6) unstable; urgency=medium

  * 0004-debian-Use-iproute2-instead-of-iproute.patch: fix creation of
    containers after the iproute binary has been removed.

 -- Antonio Terceiro   Sat, 27 Jan 2018 12:44:36 -0200

lxc (1:2.0.9-5) unstable; urgency=medium

  * Drop installation of disable-apparmor.conf. The issue that prevented lxc
    containers from starting with apparmor was fixed in apparmor 2.11.1-4.
  * debian/rules: drop --with autotools_dev in favor of debhelper built-in
    support for updating autotools files during build
  * Bump Standards-Version to 4.1.2; no changes needed
  * Drop debian/lxc-dev.lintian-overrides; false positive has been fixed in
    lintian.

 -- Antonio Terceiro   Tue, 19 Dec 2017 10:02:34 -0200

lxc (1:2.0.9-4) unstable; urgency=medium

  * Install disable-apparmor.conf disabling apparmor for all containers, until
    we can make it work. See #880502

 -- Antonio Terceiro   Thu, 02 Nov 2017 12:49:57 -0200

lxc (1:2.0.9-3) unstable; urgency=medium

  * 0002-lxc-debian-don-t-write-C.-locales-to-etc-locale.gen.patch: don't add
    C.UTF-8 to /etc/locale.gen (Closes: #879595)
  * 0003-lxc-debian-don-t-hardcode-valid-releases.patch: don't hardcode list
    of valid Debian releases

 -- Antonio Terceiro   Sat, 28 Oct 2017 09:12:47 -0200

lxc (1:2.0.9-2) unstable; urgency=medium

  * Add patch 0001-lxc-debian-allow-creating-testing-and-unstable.patch to
    allow creating `testing` and `unstable` containers.

 -- Antonio Terceiro   Thu, 26 Oct 2017 20:50:14 -0200

lxc (1:2.0.9-1) unstable; urgency=medium

  [ Evgeni Golov ]
  * New upstream version 2.0.9
  * track LTS release
  * drop use-lxc-stop-to-stop-systemd-service.patch, applied upstream
  * drop cgroups-workaround-gcc-7-bug.patch, applied upstream
  * drop the symbols file again

  [ Nicholas D Steeves ]
  * Update Suggests: btrfs-tools to btrfs-progs (Closes: #878908)

 -- Evgeni Golov   Sat, 21 Oct 2017 17:20:45 +0200

lxc (1:2.0.8-3) unstable; urgency=medium

  * Rebuild against python 3.6 (Closes: #878246)
  * Drop build-dependency on the deprecated dh-systemd package
  * Bump Standards-Version to 4.1.1; no changes needed
  * Add symbols file for liblxc1

 -- Antonio Terceiro   Wed, 11 Oct 2017 19:57:54 -0300

lxc (1:2.0.8-2) unstable; urgency=medium

  * Add cgroups-workaround-gcc-7-bug.patch from upstream to make lxc build
    against gcc 7 (Closes: #853531)

 -- Antonio Terceiro   Fri, 25 Aug 2017 18:20:29 -0300

lxc (1:2.0.8-1) unstable; urgency=medium

  [ Evgeni Golov ]
  * New upstream version 2.0.8
    + Make lxc-net return non-zero on failure (Closes: #854591)
  * drop old patches, all were cherry-picks from upstream
  * Use lxc-stop to stop systemd service (Closes: #863850)

  [ Baptiste Jonglez ]
  * Increase the maximum number of inotify listeners (Closes: #860974)

 -- Evgeni Golov   Sun, 18 Jun 2017 15:33:06 +0200

lxc (1:2.0.7-2) unstable; urgency=high

  * use bash-completion's pkg-config support and don't move files around
  * ignore lxc-test-cloneconfig if kernel has no overlay support
  * CVE-2017-5985: Ensure target netns is caller-owned (Closes: #857295)

 -- Evgeni Golov   Sat, 11 Mar 2017 09:47:20 +0100

lxc (1:2.0.7-1) unstable; urgency=medium

  * New upstream version 2.0.7
    + Closes: #847909, #847894, #847466

 -- Evgeni Golov   Mon, 23 Jan 2017 22:03:24 +0100

lxc (1:2.0.6-1) unstable; urgency=high

  * New upstream version 2.0.6
    + attach: do not send procfd to attached process
      Closes: #845465
      CVE-2016-8649
  * liblxc1: add depends on cgroupfs-mount | systemd (Closes: #844086)
  * drop patches applied/imported upstream
  * debian/tests: add iptables to tests depends

 -- Evgeni Golov   Thu, 24 Nov 2016 08:07:02 +0100

lxc (1:2.0.5-3) unstable; urgency=medium

  * add python3:Depends for lxc, so it gets a depends on python3
  * lxc-tests replace lxc-dev, not lxc
  * add a lintian override that the tests do not have a manpage
  * register lxc-dev docs with doc-base
  * add lintian override for ldconfig-trigger in lua-lxc
  * s/LUA/Lua/g in d/control

 -- Evgeni Golov   Sun, 06 Nov 2016 14:33:14 +0100

lxc (1:2.0.5-2) experimental; urgency=medium

  * split lua and python3 bindings in their own packages
  * split tests into their own package
  * only add bash completion links for commands we actually complete
  * backport two patches from Ubuntu
  * kill all the .la files, we do not need them
  * enable ALL the hardening flags
  * autopkgtest: only reboot if the memory cgroup is not activated yet
  * replace our lxc-dbg package by the autogenerated dbgsym one

 -- Evgeni Golov   Sun, 30 Oct 2016 17:59:32 +0100

lxc (1:2.0.5-1) unstable; urgency=medium

  * New upstream version 2.0.5
  * drop cgmanager support
    it's orphaned and upstream does recommend lxcfs instead
  * fix execution of tests on systems which do not have overlay.ko
  * add depends on lsb-base, thanks lintian

 -- Evgeni Golov   Sat, 08 Oct 2016 14:03:16 +0200

lxc (1:2.0.4-1) unstable; urgency=medium

  [ Antonio Terceiro ]
  * debian/rules: create symlinks for each lxc-* binary in
    /usr/share/bash-completion/completions/ so that bash completion actually
    works

  [ Evgeni Golov ]
  * Imported Upstream version 2.0.4
    + Uses SIGRTMIN+3 for systemd containers (Closes: #831691, #799541)
    + The debian template properly generates locaes (Closes: #806746)
  * drop 0020-fix-regression-when-creating-wheezy-containers.patch
  * rebase patches ontop of 2.0.4
  * add gnupg and dirmngr to recommends
  * improve autopkgtest execution, making most autopkgtest run properly

 -- Evgeni Golov   Thu, 25 Aug 2016 19:52:33 +0200

lxc (1:2.0.3-1) unstable; urgency=medium

  * Imported Upstream version 2.0.3
    - Fixes Inconsistent settings in lxc@.service (Closes: #826100)
  * drop patch hunks that were applied in 2.0.3
  * document how to change passwords in the container (Closes: #829239)

 -- Evgeni Golov   Sat, 16 Jul 2016 11:52:47 +0200

lxc (1:2.0.1-3) unstable; urgency=medium

  * 0020-lxc-debian-make-sure-init-is-installed.patch: update to fix
    regression when creating wheezy containers.

 -- Antonio Terceiro   Wed, 29 Jun 2016 15:10:57 -0300

lxc (1:2.0.1-2) unstable; urgency=medium

  * 0020-lxc-debian-make-sure-init-is-installed.patch: make sure init is
    included in Debian containers, since as of 1.34 it is not Essential
    anymore.

 -- Antonio Terceiro   Sat, 18 Jun 2016 09:16:43 -0300

lxc (1:2.0.1-1) unstable; urgency=medium

  * Imported Upstream version 2.0.1
  * drop patches applied upstream:
  * demote apparmor to suggests (Closes: #824120)

 -- Evgeni Golov   Sun, 22 May 2016 22:04:19 +0200

lxc (1:2.0.0-3) unstable; urgency=medium

  * drop lxcinitdir.patch
  * replace all patches by the versions accepted upstream
  * cherry-pick fix for creating unpriv container on non-systemd systems
  * add gbp.conf

 -- Evgeni Golov   Sun, 01 May 2016 13:00:16 +0200

lxc (1:2.0.0-2) unstable; urgency=medium

  [ Evgeni Golov ]
  * add lxcfs and libpam-cgfs to recommends
  * Standards-Version: 3.9.8

  [ Antonio Terceiro ]
  * Refresh patches
  * debian/patches/0018-lxc-create-fix-B-best-option.patch: Fix `-B best`
    option to lxc-create

 -- Antonio Terceiro   Mon, 11 Apr 2016 14:19:45 -0300

lxc (1:2.0.0-1) unstable; urgency=medium

  * Imported Upstream version 2.0.0
  * set Maintainer to pkg-lxc, Antonio and me as Uploaders
  * re-enable seccomp on almost all arches again

 -- Evgeni Golov   Wed, 06 Apr 2016 21:26:24 +0200

lxc (1:2.0.0~rc15-1) experimental; urgency=medium

  * Team upload.

  [ Evgeni Golov ]
  * Imported Upstream version 2.0.0~rc15
    + Updates supported Debian releases in template (Closes: #816710)
    + Does not enable non-free by default anymore (Closes: #793598)
    + Uses httpredir.debian.org (Closes: #805085)
  * add uidmap to Recommends (Closes: #817796)
  * Standards-Version: 3.9.7

  [ Reiner Herrmann ]
  * use the date from the latest changelog entry when building manpages
    (Closes: #807837)

 -- Evgeni Golov   Sun, 03 Apr 2016 16:09:25 +0200

lxc (1:2.0.0~rc13-1) experimental; urgency=medium

  * Team upload.

  [ Antonio Terceiro ]
  * debian/tests/control: require isolation-machine to run; the tests can't
    run under lxc themselves.
  * debian/control: add Vcs-* fields pointing fields to the new repository
    location on https://anonscm.debian.org/cgit/pkg-lxc/lxc.git

  [ Evgeni Golov ]
  * Add debian/NEWS entry about lxc.aa_allow_incomplete = 1
    Closes: #813954
  * Imported Upstream version 2.0.0~rc13
  * refresh patches for LXC 2.0.0
  * install hooks from /usr/lib too

 -- Evgeni Golov   Fri, 25 Mar 2016 16:44:25 +0100

lxc (1:1.1.5-1) unstable; urgency=medium

  [ Evgeni Golov ]
  * Imported Upstream version 1.1.5
  * drop patches either applied or obsoleted upstream
  * refresh patches
  * call dh_installinit for lxc-net
  * drop useless lintian override
  * add autopkgtests from Ubuntu
    - fix up some tests for Debian
  * add dnsmasq-base to test depends
  * debian/watch: updated to look for all LXC releases
  * use dh_apparmor
  * do not restart LXC on upgrades when using systemd
  * build-depend on gnutls-dev
  * update Depends/Recommends/Suggests based on the packaging in Ubuntu
  * properly pass the systemd unit dir to configure

  [ Antonio Terceiro ]
  * 0014-Fix-520-multiple-instances-of-agetty-on-systemd.patch: add
    upstream patch to avoid multiple instances of agetty on each console.

 -- Antonio Terceiro   Sun, 31 Jan 2016 18:22:40 -0200

lxc (1:1.0.8-1) unstable; urgency=medium

  * New upstream release
    - Includes fixes for CVE-2015-1335 (Closes: #800471)
    - Patches dropped for being already applied upstream:
      - CVE-2015-1331.patch
      - CVE-2015-1334.patch
      - lxc-clone-rsync-hardlinks.patch
      - lxc-clone-rsync-capabilities.patch
      - big-big-login-delays-in-CentOS-7-systemd.patch
      - lxc-debian-skip-security-updates-for-unstable-sid.patch
      - lxc-debian-support-stretch-Debian-9-images.patch
      - CVE-2015-1335.patch
    - Renumbered patches
    - Add cgmanager do Recommends:. Without it, lxc will always print a
      warning, which seems to be harmless but for example will break
      autopkgtest because of the unexpected output to stderr.
  * debian/watch: added
  * debian/upstream/signing-key.asc: added upstream signing key.

 -- Antonio Terceiro   Tue, 24 Nov 2015 19:10:28 -0200

lxc (1:1.0.7-12) unstable; urgency=high

  * Added 0025-CVE-2015-1335.patch from the final version of the fix for
    CVE_2015-1335 from the Ubuntu package (Closes: #800471)

 -- Antonio Terceiro   Fri, 13 Nov 2015 08:37:41 -0200

lxc (1:1.0.7-11) unstable; urgency=medium

  * New maintainer (myself)
    - Thanks Daniel Baumann for his previous efforts in maintaing lxc
  * Added patches (all already applied upstream):
    - 0019-big-big-login-delays-in-CentOS-7-systemd.patch
    - 0020-Centos7-systemd.patch
    - 0022-lxc-debian-skip-security-updates-for-unstable-sid.patch
    - 0023-lxc-debian-support-stretch-Debian-9-images.patch
    - 0024-lxc-debian-allow-not-including-contrib-non-free.patch

 -- Antonio Terceiro   Sun, 08 Nov 2015 10:52:37 -0200

lxc (1:1.0.7-10) unstable; urgency=low

  * Adding build-depends to dh-python.

 -- Daniel Baumann   Tue, 18 Aug 2015 14:12:31 +0200

lxc (1:1.0.7-9) unstable; urgency=low

  * Adjusting breaks (Closes: #795799).
  * Correcting email address in previous changelog entry.

 -- Daniel Baumann   Mon, 17 Aug 2015 06:42:20 +0200

lxc (1:1.0.7-8) unstable; urgency=low

  * Adding patch from upstream to preserve hardlinks in lxc-clone.
  * Adding patch from upstream to preserve capabilities in lxc-clone
    (Closes: #795422).

 -- Daniel Baumann   Sun, 16 Aug 2015 13:46:24 +0200

lxc (1:1.0.7-7) unstable; urgency=low

  * Moving shared library to dedicated package for future upload of lxd
    (#768073).
  * Re-adding lxc-dev which is now allowed again having the shared library
    split out (Closes: #774085, #793202).

 -- Daniel Baumann   Wed, 12 Aug 2015 18:03:23 +0200

lxc (1:1.0.7-6) unstable; urgency=low

  * Using misc:Pre-depends variable instead of hardcoding multiarch-
    support.
  * Moving bash-completion integration from /etc/bash-completion.d to
    /usr/share/bash-completion/completions.
  * Dropping obsolete syslog target from systemd service file.
  * Adding patch from upstream to fix errors in lxc-debian if dbus is not
    installed (Closes: #794207).
  * Updating lintian overrides.

 -- Daniel Baumann   Wed, 12 Aug 2015 17:25:44 +0200

lxc (1:1.0.7-5) unstable; urgency=low

  * Updating homepage field.
  * Updating debian copyright string.
  * Dropping conditionals for lua-alt-getopt, not needed anymore.
  * Dropping enforcing of xz compression, not needed anymore.
  * Dropping vcs fields in control for the time being.

 -- Daniel Baumann   Wed, 12 Aug 2015 11:09:50 +0200

lxc (1:1.0.7-4) unstable; urgency=high

  * Adding backported patch from upstream to prevent an unprivileged user
    to use LXC to create arbitrary file on the filesystem [CVE-2015-1331]
    (Closes: #793298).
  * Adding backported patch from upstream to prevent an user to use LXC
    to over-mount /proc which can be used to unconfined code execution
    [CVE-2015-1334] (Closes: #793298).

 -- Daniel Baumann   Wed, 22 Jul 2015 18:33:48 +0200

lxc (1:1.0.7-3) unstable; urgency=low

  * Building with cgmanager (Closes: #773421).

 -- Daniel Baumann   Tue, 28 Apr 2015 22:01:41 +0200

lxc (1:1.0.7-2) unstable; urgency=low

  * Dropping pre-jessie upgrade handling.
  * Dropping pre-jessie conflicts/replaces.

 -- Daniel Baumann   Sat, 25 Apr 2015 08:10:48 +0200

lxc (1:1.0.7-1) experimental; urgency=low

  * Merging upstream version 1.0.7.
  * Removing apparmor.patch, not needed anymore.
  * Removing lxc-create-manpage.patch, included upstream.
  * Removing lxc-debian-systemd.patch, included upstream.
  * Removing lxc-debian-init.patch, included upstream.
  * Renumbering patches.

 -- Daniel Baumann   Sat, 06 Dec 2014 13:11:57 +0100

lxc (1:1.0.6-5) unstable; urgency=low

  * Mounting /sys read-only in lxc-debian to prevent (one way of) escaping
    containers (Closes: #770901).
  * Adding patch from lxc 1.0.7 to make lxc-debian work with systemd
    (Closes: #766216).
  * Adding patch from lxc 1.0.7 to make lxc-debian handle switch of
    initsystem better.

 -- Daniel Baumann   Sat, 06 Dec 2014 13:00:36 +0100

lxc (1:1.0.6-4) unstable; urgency=low

  * Marking -t option in lxc-create manpage as required (Closes: #768778).

 -- Daniel Baumann   Tue, 11 Nov 2014 19:57:58 +0100

lxc (1:1.0.6-3) unstable; urgency=low

  * Preserving setuid on lxc-user-nic (Closes: #764815).

 -- Daniel Baumann   Mon, 13 Oct 2014 20:44:15 +0200

lxc (1:1.0.6-2) unstable; urgency=low

  * Correcting automatic lua:Suggests generation.
  * Adding openssl to recommends since upstreams lxc-debian template
    uses openssl for mac generation.

 -- Daniel Baumann   Tue, 07 Oct 2014 09:42:36 +0200

lxc (1:1.0.6-1) unstable; urgency=low

  * Merging upstream version 1.0.6.
  * Refreshing sysvinit-lsb-functions.patch.
  * Updating to standards version 3.9.6.
  * Setting options for systemd in debian.common.conf (Closes: #761196,
    #761197).

 -- Daniel Baumann   Mon, 29 Sep 2014 12:04:40 +0200

lxc (1:1.0.5-3) unstable; urgency=low

  * Dropping fixes for prefix in systemd unit file, not needed anymore.
  * Moving debootstrap to recommends.
  * Moving lua to suggests.
  * Adding lua suggests for non-debian system.
  * Showing warning when lxc is used on systemd with cgroups mounted in
    /etc/fstab (Closes: #760357).

 -- Daniel Baumann   Thu, 04 Sep 2014 04:30:47 +0200

lxc (1:1.0.5-2) unstable; urgency=low

  * Using and build-depending on dh-systemd (Closes: #758628).
  * Rewording changelog entry about merging upstream version 1.0.5.
  * Marking removal of lxc-top due to missing lua-alt-getopt in rules as
    debian only.
  * Dropping special handling of lxc-debian on progress-linux.
  * Renaming debian-config.patch to lxc-debian-fuse.patch.
  * Renaming lxc-sysvinit.patch to sysvinit-directory.patch.
  * Renaming lsb-init-headers.patch to sysvinit-lsb-headers.patch.
  * Renaming lsb-init-functions.patch to sysvinit-lsb-functions.patch.
  * Renaming lxc-init-lock.patch to sysvinit-lsb-lock.patch.
  * Renaming lxc-sigint.patch to lxc-attach-sigint.patch.
  * Adding references to upstreams bug tracker in all patches.
  * Adding patch from Ondřej Surý  to change
    PermitRootLogin yes to PermitRootLogin without-password in sshd_config
    (Closes: #758647).
  * Adding patch to set random root password in lxc-debian (Closes:
    #758643).
  * Removing /etc/default/lxc for upgrades of wheezy to jessie (Closes:
    #758800).

 -- Daniel Baumann   Thu, 21 Aug 2014 15:54:58 +0200

lxc (1:1.0.5-1) unstable; urgency=low

  * Due to 'popular demand', dropping Debian custom additions and shipping
    an (almost) vanilla lxc package in Debian from now on.
  * Removing Jonas from uploaders, thanks for your past support.
  * Dropping lxc-dev, according to ftp-master this is not acceptable
    anymore without having split out library package.
  * Merging upstream version 1.0.5 (Closes: #757326).
  * Refreshing lsb-init-functions.patch.
  * Refreshing debian-config.patch.
  * Adding debootstrap to suggests.

 -- Daniel Baumann   Sun, 10 Aug 2014 12:55:27 +0200

lxcfs 3.0.3-0ubuntu1 -> 3.0.3-2

* Last Uploader: Stéphane Graber

Debian changes newer than ubuntu version:

lxcfs (3.0.3-2) unstable; urgency=medium

  * Add a call to dpkg-maintscript-helper rm_conffile to handle properly the
    removal of /etc/init/lxcfs.conf (Closes: #914082)

 -- Pierre-Elliott Bécue   Sun, 09 Dec 2018 22:06:41 +0100

lxcfs (3.0.3-1) unstable; urgency=medium

  * New upstream release: 3.0.3
  * d/changelog: Add myself to uploaders
  * Release to unstable

 -- Pierre-Elliott Bécue   Tue, 04 Dec 2018 08:17:32 +0100

mailman3 3.2.0-1ubuntu1 -> 3.2.1-1

* Last Uploader: Matthias Klose

Debian changes newer than ubuntu version:

mailman3 (3.2.1-1) unstable; urgency=medium

  * New upstream release 3.2.1
  * d/p/0002_no_results_emails.patch:
    - Remove, got incorporated upstream
  * d/p/0002-remove_import_resources_dependency.patch:
    - New patch to remove dependency on `importlib_resources` and migrate
      to `importlib.resources`. Mailman3 depends on the external library
     `importlib_resources` to stay compatible with Python 3.5 and 3.7.
      Since this library is not available in Debian and Buster only ships
      Python 3.7 anyway, this patch replaces `importlib_resources` with
      `importlib.resources`.
  * d/control:
    - Bump X-Python3-Version to '>= 3.7' because `importlib.resources` is only
      available since Python 3.7.

 -- Jonas Meurer   Sun, 24 Feb 2019 09:48:00 +0100

mailman3 (3.2.0-5) unstable; urgency=medium

  [ Jonas Meurer ]
  * d/mailman3.service:
    - Pass '--force' when starting the mailman runner. This fixes starts when
      a stale lockfile exists but no corresponding process is running.
      (Closes: #919160)
  * d/contrib/mailman-wrapper
    - Add mailman-wrapper, which takes care of invoking mailman as user
      'list', and a corresponding manpage.

  [ Lev Lamberov ]
  * d/po/ru.po: updated Russian translation (Closes: #920890)

 -- Jonas Meurer   Sat, 09 Feb 2019 22:02:12 +0100

mailman3 (3.2.0-4) unstable; urgency=medium

  * d/control:
    - Bump Standards-Version to 4.3.0, no changes required
  * d/p/0002_no_results_emails.patch:
    - Backport upstream patch that stops messages to -join, -leave and
      -confirm from producing result emails.

 -- Jonas Meurer   Sun, 23 Dec 2018 23:32:14 +0100

mailman3 (3.2.0-3) unstable; urgency=medium

  [ Jonas Meurer ]
  * d/control:
    - Demote lynx from Recommends to Suggests. (Closes: #909571)

  [ Pierre-Elliott Bécue ]
  * d/po/fr.po refreshed
  * d/control:
    - Add www-browser as an alternative Suggests for lynx.

 -- Pierre-Elliott Bécue   Sun, 09 Dec 2018 22:30:08 +0100

mailman3 (3.2.0-2) unstable; urgency=medium

  * d/control:
    - Replace my Crans address by my Debian one.
    - Add an explicit dependency on mailman3-web >= 0+20180916-1 to ensure the
      whole dependency chain is python3 when mailman3-full is installed.

 -- Pierre-Elliott Bécue   Fri, 05 Oct 2018 21:46:26 +0200

multipath-tools 0.7.4-2ubuntu8 -> 0.7.9-3

* Last Uploader: Dimitri John Ledkov

Debian changes newer than ubuntu version:

multipath-tools (0.7.9-3) unstable; urgency=medium

  * [51a7724] Reliably extract the running systemd version
    (Closes: #924860)

 -- Ritesh Raj Sarraf   Mon, 18 Mar 2019 20:56:38 +0530

multipath-tools (0.7.9-2) unstable; urgency=medium

  * [c2f0c23] Enable proper cross build.
    Thanks to Helmut Grohne (Closes: #916521)

 -- Ritesh Raj Sarraf   Thu, 27 Dec 2018 19:54:40 +0530

multipath-tools (0.7.9-1) unstable; urgency=medium

  * [c3bbe11] Fix installation of incorrect file to del-part-nodes.rules.
    Thanks to Jean-François Remy (Closes: #914158)
  * [9421efd] Add filter config to exclude file .gitignore
  * [16da907] New upstream version 0.7.9

 -- Ritesh Raj Sarraf   Tue, 20 Nov 2018 12:54:25 +0530

multipath-tools (0.7.8-2) unstable; urgency=medium

  * [8b8f73c] Update debian/gbp.conf
  * Upload to Unstable

 -- Ritesh Raj Sarraf   Fri, 26 Oct 2018 19:20:27 +0530

multipath-tools (0.7.8-1) experimental; urgency=medium

  [ Ritesh Raj Sarraf ]
  * [1dea65d] New upstream version 0.7.8 (Closes: #909926)
  * [2d9b752] Refresh patches and drop some that are now applied upstream
  * [63ac09f] Drop RADOS support

 -- Ritesh Raj Sarraf   Tue, 23 Oct 2018 19:45:00 +0530

multipath-tools (0.7.7-3) unstable; urgency=medium

  [ Chris Hofstaedtler ]
  * [fc0938c] Synchronize loading of kernel modules
    dm-round-robin is auto-loaded by the kernel if needed, but the
    scsi_dh_* modules are not. They need to be loaded before setting
    up the mappings. This makes sure all paths (initramfs, early and
    late sysvinit and systemd) load the same modules. (Closes: #827407)
  * [3d59bff] Add myself to Uploaders:
  * [f78c116] Update Priority to be optional instead of deprecated extra
  * [7543c5d] debian/tests/control: Fix Restrictions syntax

 -- Ritesh Raj Sarraf   Sun, 07 Oct 2018 20:50:13 +0530

multipath-tools (0.7.7-2) unstable; urgency=medium

  * [315dacd] Also include the wwids file
  * [57d84ce] Update NEWS file about systemd integration

 -- Ritesh Raj Sarraf   Sun, 07 Oct 2018 20:20:57 +0530

multipath-tools (0.7.7-1) unstable; urgency=medium

  * [d4529eb] Switch packaging repository to Salsa (Closes: #899615)
  * [d2c41ec] Use tracker as maintainer email address
  * [1d49dfa] New upstream version 0.7.7
  * [012281c] Refresh patches and drop one patch which is merged
    upstream

 -- Ritesh Raj Sarraf   Tue, 12 Jun 2018 11:34:19 +0545

multipath-tools (0.7.4-3) unstable; urgency=medium

  [ Ritesh Raj Sarraf ]
  * [a22d317] Make build reproducible.
    Thanks to Chris Lamb (Closes: #885408)
  * [f029a76] Add linux-initramfs-tool as a initramfs dependency
    instead of initramfs-tools. This extends multipath to other
    implementations like dracut.
    Thanks to Thomas Lange (Closes: #887917)

  [ Julian Andres Klode ]
  * [1b595cb] Move dm-mpath rules from position 11 to position 56
  * [6053243] Install dm-parts.rule
  * [c1a1a53] Fix /usr/lib/udev to be /lib/udev
  * [c80ab6e] Fix 11-dm-mpath.rules to check for DM_UDEV_RULES,
    not DM_UDEV_RULES_VSN
  * [75d7eff] d/rules: Run dh_clean from clean target
  * [83c25f2] Install 68-del-part-nodes.rules
  * [5136bc1] Import upstream commit to fix crash in multipathd
  * (Closes: #886938)

 -- Ritesh Raj Sarraf   Sat, 10 Feb 2018 11:23:20 +0530

nagios-nrpe 3.2.1-1ubuntu1 -> 3.2.1-2

* Last Uploader: Dimitri John Ledkov

Debian changes newer than ubuntu version:

nagios-nrpe (3.2.1-2) unstable; urgency=medium

  * Bump Standards-Version to 4.1.5, no changes.
  * Update Vcs-* URLs for Salsa.
  * Drop dh-systemd build dependency, use debhelper (>= 9.20160709) instead.
  * Strip trailing whitespace from changelog file.

 -- Bas Couwenberg   Fri, 20 Jul 2018 21:04:36 +0200

nss 2:3.42-1ubuntu2 -> 2:3.42.1-1

* Last Uploader: Marc Deslauriers

Debian changes newer than ubuntu version:

nss (2:3.42.1-1) unstable; urgency=medium

  * New upstream release.
    - Fixes CVE-2018-18508. Closes: #921614.

 -- Mike Hommey   Wed, 13 Feb 2019 13:19:39 +0900

open-iscsi 2.0.874-5ubuntu15 -> 2.0.874-7.1

* Last Uploader: Heitor Alves de Siqueira (sponsored by Eric Desrochers)

Debian changes newer than ubuntu version:

open-iscsi (2.0.874-7.1) unstable; urgency=medium

  * Non-maintainer upload
  * [38db62d] Update patch for missing macro (Closes: #908160)

 -- Hilko Bengen   Wed, 12 Dec 2018 01:05:19 +0100

open-iscsi (2.0.874-7) unstable; urgency=medium

  * [eeda27c] Enable back pristine-tar as we have now committed it
    from the old upload

 -- Ritesh Raj Sarraf   Sun, 07 Oct 2018 09:57:48 +0530

open-iscsi (2.0.874-6) unstable; urgency=medium

  * [645e13b] Switch packaging to Salsa (Closes: #899771)
  * [9c86242] Add patch to fix FTBFS for missing macro.
    Thanks to Scott Moser (Closes: #908160)

 -- Ritesh Raj Sarraf   Fri, 05 Oct 2018 11:31:19 +0530

openvpn 2.4.6-1ubuntu3 -> 2.4.7-1

* Last Uploader: Joy Latten (sponsored by Andreas Hasenack)

Debian changes newer than ubuntu version:

openvpn (2.4.7-1) unstable; urgency=medium

  [ Bernhard Schmidt ]
  * New upstream version 2.4.7
    - improvements regarding TLSv1.3
    - Add CAP_AUDIT_WRITE for auth_pam for upstream units (Closes: #868806)
  * adjust kfreebsd_support.patch for new upstream version
  * Also Add CAP_AUDIT_WRITE for auth_pam for openvpn@.service (Closes: #868806)
  * openvpn@.service: Bump LimitNPROC to 100, see #861923

  [ Simon Deziel ]
  * d/control: suggests openvpn-systemd-resolved (Closes: #913265)

  [ Hilko Bengen ]
  * Avoid hangs when spawning child processes by not setting pkcs11-helper
    "safe fork mode" (Closes: #772812, #900805, #907452)

 -- Bernhard Schmidt   Wed, 20 Feb 2019 14:50:03 +0100

pacemaker 1.1.18-2ubuntu1 -> 2.0.1-2

* Last Uploader: Robie Basak

Debian changes newer than ubuntu version:

pacemaker (2.0.1-2) unstable; urgency=medium

  * [d8939cc] Avoid file conflicts with leftover packages from wheezy.
    Pacemaker-dev in wheezy was a metapackage pulling in several -dev
    packages.  It is removed during the jessie dist-upgrade due to
    dependency problems, and jessie does not have pacemaker at all, so these
    obsolete -dev packages are left behind, unless replaced by the
    renamed -dev packages from jessie-backports or later from stretch, both
    of which requires manual action.  Lacking that, a manual install of the
    reintroduced pacemaker-dev from buster will try to overwrite headers
    from those obsolete -dev packages causing file conflicts, because the
    old Breaks+Replaces relations weren't carried over from the stretch
    packages. (Closes: #925354)

 -- Ferenc Wágner   Mon, 01 Apr 2019 13:39:28 +0200

pacemaker (2.0.1-1) unstable; urgency=medium

  * [7d6ff2e] New upstream release (2.0.1)

 -- Ferenc Wágner   Mon, 04 Mar 2019 21:34:46 +0100

pacemaker (2.0.1~rc5-1) unstable; urgency=medium

  * [79e9089] Drop duplicate external library linkages
  * [07f0c78] Make the libpe_rules dependency of schedulerd explicit
  * [5346dc9] New upstream pre-release (2.0.1~rc5)
  * [c5ce20d] Refresh our patches
  * [af3fc54] Update libcrmcommon34.symbols

 -- Ferenc Wágner   Tue, 26 Feb 2019 09:52:21 +0100

pacemaker (2.0.1~rc4-1) unstable; urgency=medium

  * [dfc5875] New upstream pre-release (2.0.1~rc4)
  * [e25c248] Refresh our patches
  * [5622895] Update symbols files

 -- Ferenc Wágner   Mon, 04 Feb 2019 09:44:21 +0100

pacemaker (2.0.1~rc2-2) unstable; urgency=medium

  * [b7a3e66] Fix BASH_PATH to make it reproducible.
    Otherwise it's detected differently on merged-usr vs non-merged.
  * [7c66cac] Header dependency generation is not needed with merged dev
    packages
  * Upload to unstable

 -- Ferenc Wágner   Wed, 09 Jan 2019 09:28:39 +0100

pacemaker (2.0.1~rc2-1) experimental; urgency=medium

  * [04a14aa] New upstream pre-release (2.0.1~rc2)
  * [b50164d] Delete the upstreamed patch and refresh the rest.
    Simplify skipping the CTS, upstream is not interested in making it
    optional (https://github.com/ClusterLabs/pacemaker/pull/1149).
  * [1ae3096] The development documentation gained actual images, ship them
  * [a8311c7] Upstream renamed the daemons.
    But we keep the compatibility symlinks for now, based on Ken Gaillot's
    "Pacemaker packagers: important information about 2.0.0":
    The configure script has a new option, --enable-legacy-links. If
    enabled (the default), symlinks will be installed at the old daemon
    names pointing at the new ones.
    This has two purposes: to allow older versions of tools (such as crm
    shell and pcs) that directly invoke the old names for metadata etc. to
    continue working; and to allow Pacemaker 1.1.17+ cluster nodes to host
    bundles using a container image containing Pacemaker 2.0.0+. If you do
    not need this support (most likely in the future when versions of the
    tools that support the new names are available), you can specify
    --disable-legacy-links.
  * [ae3ffd0] fence_pcmk was removed with CMAN compatibility (7a9891f)
  * [412939c] Isolation wrapper support was removed in c713bbe
  * [f072d4a] Upstream refactored libcrmcommon in 4864ed4
  * [07bcf39] Ship new document: Pacemaker Administration
  * [4416b33] Adjust library package names to their new SO versions
  * [7e06681] Pre-Depends aren't needed for multiarch since jessie
  * [932df15] fence_legacy switched to Python.
    We choose Python 3 instead of the default Python 2.
  * [5669068] Provide man page for the pacemaker_remote compatibility symlink
  * [b0b5a21] Follow renames and years in debian/copyright
  * [e4f73c3] Switch Build-Depends to libsensors-dev from libsensors4-dev
    (Closes: #917445)
  * [d559bde] Merge all dev packages into pacemaker-dev.
    The header files are interdependent, so meaningful separation wasn't
    possible anyway.
  * [5db3079] dh_installchangelogs finds ChangeLog by itself

 -- Ferenc Wágner   Wed, 02 Jan 2019 19:21:59 +0100

pacemaker (1.1.19-2) unstable; urgency=medium

  * [8975ce9] Adapt autopkgtest to the node1 name from Corosync
  * [f579893] The debug symbol migration is complete

 -- Ferenc Wágner   Wed, 26 Dec 2018 01:36:24 +0100

pacemaker (1.1.19-1) unstable; urgency=medium

  * [f8af7fd] New upstream release (1.1.19)
  * [fd1d1a2] Delete the patches from-upstream and refresh ours
  * [b66cd0e] Hurd compatibility is off the table due to Kronosnet
  * [b22ae0b] Update Standards-Version to 4.3.0 (no changes required)
  * [ce19e2e] Update symbols files (all dropped symbols were internal)

 -- Ferenc Wágner   Tue, 25 Dec 2018 20:17:46 +0100

partman-iscsi 40ubuntu3 -> 61

* Last Uploader: Mathieu Trudel-Lapierre

Debian changes newer than ubuntu version:

partman-iscsi (61) unstable; urgency=medium
  * Team upload

  [ Updated translations ]
  * Ukrainian (uk.po) by Anton Gladky

 -- Holger Wansing   Thu, 28 Mar 2019 22:09:37 +0100

partman-iscsi (60) unstable; urgency=medium
  * Team upload

  [ Updated translations ]
  * Arabic (ar.po) by Yaron Shahrabani
  * Hebrew (he.po) by Yaron Shahrabani
  * Vietnamese (vi.po) by Trần Ngọc Quân

 -- Holger Wansing   Sun, 03 Mar 2019 13:12:47 +0100

partman-iscsi (59) unstable; urgency=medium
  * Team upload

  * Switch copyright URL to https, to fix lintian tag.

  [ Updated translations ]
  * Arabic (ar.po) by ButterflyOfFire
  * Gujarati (gu.po) by Kartik Mistry

 -- Holger Wansing   Sun, 10 Feb 2019 12:12:51 +0100

partman-iscsi (58) unstable; urgency=medium

  * Team upload

  [ Updated translations ]
  * Arabic (ar.po) by ButterflyOfFire
  * Asturian (ast.po) by Xuacu Saturio
  * Icelandic (is.po) by Sveinn í Felli
  * Latvian (lv.po) by Tranzistors

 -- Holger Wansing   Mon, 29 Oct 2018 23:31:05 +0100

partman-iscsi (57) unstable; urgency=medium

  * Team upload

  [ Updated translations ]
  * Finnish (fi.po) by Arto Keiski
  * Hindi (hi.po) by Himanshu Awasthi

 -- Holger Wansing   Thu, 27 Sep 2018 20:52:05 +0200

partman-iscsi (56) unstable; urgency=medium

  * Team upload

  [ Cyril Brulebois ]
  * Update Vcs-{Browser,Git} to point to salsa (alioth's replacement).

  [ Updated translations ]
  * Finnish (fi.po) by Juhani Numminen
  * Hebrew (he.po) by Yaron Shahrabani

 -- Holger Wansing   Sun, 12 Aug 2018 19:33:09 +0200

partman-iscsi (55) unstable; urgency=medium

  [ Updated translations ]
  * Welsh (cy.po) by Huw Waters
  * Hebrew (he.po) by Yaron Shahrabani
  * Indonesian (id.po) by Andika Triwidada

 -- Christian Perrier   Sat, 07 Apr 2018 07:28:11 +0200

partman-iscsi (54) unstable; urgency=medium

  [ Updated translations ]
  * Hebrew (he.po) by Yaron Shahrabani
  * Indonesian (id.po) by Al Qalit
  * Tajik (tg.po) by Victor Ibragimov

 -- Christian Perrier   Mon, 19 Feb 2018 08:50:02 +0100

partman-iscsi (53) unstable; urgency=medium

  [ Updated translations ]
  * Norwegian Nynorsk (nn.po) by Petter Reinholdtsen
  * Tajik (tg.po) by Victor Ibragimov

 -- Christian Perrier   Wed, 24 Jan 2018 07:52:48 +0100

partman-iscsi (52) unstable; urgency=medium

  [ Updated translations ]
  * Icelandic (is.po) by Sveinn í Felli
  * Bokmål, Norwegian (nb.po) by Alexander Jansen
  * Panjabi (pa.po) by Aman ALam
  * Serbian (sr.po) by Filipovic Dragan

 -- Christian Perrier   Sun, 14 Jan 2018 10:08:50 +0100

partman-iscsi (51) unstable; urgency=medium

  [ Updated translations ]
  * Esperanto (eo.po) by Felipe Castro
  * Nepali (ne.po) by Jeewal Kunwar
  * Simplified Chinese (zh_CN.po) by Boyuan Yang

 -- Christian Perrier   Mon, 25 Dec 2017 18:08:22 +0100

partman-iscsi (50) unstable; urgency=medium

  [ Updated translations ]
  * Hungarian (hu.po) by Dr. Nagy Elemér Károly
  * Lithuanian (lt.po) by Rimas Kudelis
  * Swedish (sv.po) by Anders Jonsson

 -- Christian Perrier   Sun, 03 Dec 2017 16:19:52 +0100

partman-iscsi (49) unstable; urgency=medium

  [ Updated translations ]
  * Greek (el.po) by Sotirios Vrachas
  * Estonian (et.po) by Kristjan Räts
  * Norwegian Nynorsk (nn.po) by Allan Nordhøy
  * Swedish (sv.po) by Anders Jonsson

 -- Christian Perrier   Sun, 26 Nov 2017 07:54:07 +0100

partman-iscsi (48) unstable; urgency=medium

  [ Updated translations ]
  * Panjabi (pa.po) by A S Alam

 -- Christian Perrier   Tue, 31 Oct 2017 09:55:54 +0100

partman-iscsi (47) unstable; urgency=medium

  [ Updated translations ]
  * Latvian (lv.po) by Rūdolfs Mazurs

 -- Christian Perrier   Wed, 18 Oct 2017 09:06:00 +0200

partman-iscsi (46) unstable; urgency=medium

  [ Updated translations ]
  * Greek (el.po) by Sotirios Vrachas
  * Hebrew (he.po) by Lior Kaplan
  * Albanian (sq.po) by Redon Skikuli

 -- Christian Perrier   Mon, 18 Sep 2017 21:22:28 +0200

partman-iscsi (45) unstable; urgency=medium

  [ Updated translations ]
  * Traditional Chinese (zh_TW.po) by Yao Wei (魏銘廷)

 -- Christian Perrier   Thu, 29 Jun 2017 06:55:50 +0200

partman-iscsi (44) unstable; urgency=medium

  [ Updated translations ]
  * Serbian (sr.po) by Dragan Filipović

 -- Christian Perrier   Wed, 08 Jun 2016 19:00:17 +0200

partman-iscsi (43) unstable; urgency=medium

  [ Updated translations ]
  * Serbian (sr.po) by Dragan Filipović

 -- Christian Perrier   Mon, 25 Apr 2016 06:59:49 +0200

partman-iscsi (42) unstable; urgency=medium

  [ Colin Watson ]
  * Use HTTPS for Vcs-* URLs, and link to cgit rather than gitweb.

 -- Christian Perrier   Sun, 14 Feb 2016 08:08:47 +0100

partman-iscsi (41) unstable; urgency=medium

  [ Updated translations ]
  * Swedish (sv.po) by Martin Bagge / brother

 -- Christian Perrier   Wed, 27 Jan 2016 16:09:32 +0100

pmdk 1.4.1-0ubuntu1 -> 1.5.1-1

* Last Uploader: Andreas Hasenack (sponsored by Christian Ehrhardt )

Debian changes newer than ubuntu version:

pmdk (1.5.1-1) unstable; urgency=medium

  * New upstream release.

 -- Adam Borowski   Tue, 19 Feb 2019 14:50:48 +0100

pmdk (1.5.1~rc3-2) experimental; urgency=medium

  * Disable a failing test (real bug; tmpfs only).

 -- Adam Borowski   Mon, 18 Feb 2019 01:18:14 +0100

pmdk (1.5.1~rc3-1) experimental; urgency=medium

  * New upstream pre-release.
  * Drop upstreamed patch.

 -- Adam Borowski   Fri, 15 Feb 2019 16:11:49 +0100

pmdk (1.5.1~rc2-1) experimental; urgency=medium

  * New upstream pre-release.
  * Drop upstreamed patches.
  * Re-enable valgrind tests.
  * Fix broken .pc for librpmem.

 -- Adam Borowski   Mon, 11 Feb 2019 16:14:47 +0100

pmdk (1.5-5) unstable; urgency=medium

  * Fix one, and paper over another, tests failing with bash 5.

 -- Adam Borowski   Mon, 04 Feb 2019 20:06:36 +0100

pmdk (1.5-4) unstable; urgency=medium

  * Use UTC for SOURCE_DATE_EPOCH.

 -- Adam Borowski   Tue, 08 Jan 2019 13:42:12 +0100

pmdk (1.5-3) unstable; urgency=medium

  * Make the build reproducible.

 -- Adam Borowski   Mon, 07 Jan 2019 15:26:53 +0100

pmdk (1.5-2) unstable; urgency=medium

  * Don't B-Depend on valgrind, it can't handle glibc 2.28 yet.

 -- Adam Borowski   Fri, 04 Jan 2019 14:05:10 +0100

pmdk (1.5-1) unstable; urgency=medium

  * Initial release.  Closes: #913889

 -- Adam Borowski   Thu, 06 Dec 2018 16:19:04 +0100

pollinate 4.33-0ubuntu1 -> 4.33-2

* Last Uploader: Scott Moser

Debian changes newer than ubuntu version:

pollinate (4.33-2) unstable; urgency=medium

  * debian/control: add salsa VCS URLs

 -- Thorsten Alteholz   Thu, 28 Feb 2019 19:15:14 +0100

pollinate (4.33-1) sid; urgency=medium

  * first upload to Debian
  * debian/control: use dh11
  * debian/control: use standard 4.3.0
  * debian/copyright: use https for copyright-format-uri
  * debian/rules: dh 11 does not allow "--with systemd"
  * don't use chown -r in maintainer script

 -- Thorsten Alteholz   Mon, 04 Feb 2019 19:15:14 +0100

python-automaton 1.14.0-0ubuntu1 -> 1.15.0-1

* Last Uploader: Corey Bryant

Debian changes newer than ubuntu version:

python-automaton (1.15.0-1) unstable; urgency=medium

  [ Ondřej Nový ]
  * d/control: Use team+openstack@tracker.debian.org as maintainer

  [ Thomas Goirand ]
  * New upstream release.
  * Fixed (build-)depends for this release.
  * Using Python 3 when building the sphinx doc.

 -- Thomas Goirand   Tue, 04 Sep 2018 00:10:49 +0200

python-automaton (1.14.0-2) unstable; urgency=medium

  [ Ondřej Nový ]
  * d/control: Fix wrong Vcs-*

  [ Thomas Goirand ]
  * Uploading to unstable.

 -- Thomas Goirand   Sun, 25 Feb 2018 22:48:47 +0000

python-automaton (1.14.0-1) experimental; urgency=medium

  [ Ondřej Nový ]
  * Bumped debhelper compat version to 10

  [ Thomas Goirand ]
  * New upstream release.
  * Points VCS URLs to Salsa.
  * Ran wrap-and-sort -a.
  * Updating maintainer field.
  * Standards-Version is now 4.1.3.
  * Fixed (build-)depends for this release.
  * Using pkgos-dh_auto_{test,install}.

 -- Thomas Goirand   Thu, 15 Feb 2018 09:53:25 +0000

python-ceilometerclient 2.9.0-0ubuntu1 -> 2.9.0-2

* Last Uploader: Corey Bryant

Debian changes newer than ubuntu version:

python-ceilometerclient (2.9.0-2) unstable; urgency=medium

  * Uploading to unstable.

 -- Thomas Goirand   Wed, 01 Nov 2017 23:46:43 +0000

python-ceilometerclient (2.9.0-1) experimental; urgency=medium

  [ Ondřej Nový ]
  * Standards-Version is 3.9.8 now (no change)
  * Change directory to $ADTTMP before running Debian tests
  * d/copyright: Changed source URL to https protocol

  [ Daniel Baumann ]
  * Updating vcs fields.
  * Updating copyright format url.
  * Running wrap-and-sort -bast.
  * Updating maintainer field.
  * Updating standards version to 4.0.0.
  * Removing gbp.conf, not used anymore or should be specified in the
    developers dotfiles.
  * Correcting permissions in debian packaging files.
  * Updating standards version to 4.0.1.
  * Deprecating priority extra as per policy 4.0.1.
  * Updating standards version to 4.1.0.

  [ Thomas Goirand ]
  * New upstream release.
  * Fixed (build-)depends for this release.
  * Using pkgos-dh_auto_install.
  * Remove test patch.
  * Removed XS-Testsuite: field.

 -- Thomas Goirand   Wed, 04 Oct 2017 19:31:50 +0200

python-cotyledon 1.6.8-2ubuntu2 -> 1.6.8-3

* Last Uploader: Corey Bryant

Debian changes newer than ubuntu version:

python-cotyledon (1.6.8-3) unstable; urgency=medium

  [ Ondřej Nový ]
  * d/control: Set Vcs-* to salsa.debian.org
  * d/control: Use team+openstack@tracker.debian.org as maintainer

  [ Thomas Goirand ]
  * Run tests using PYTHONPATH=$(CURDIR) (Closes: #898421).

 -- Thomas Goirand   Thu, 10 Jan 2019 10:10:31 +0100

python-cryptography 2.3-1ubuntu2 -> 2.6.1-3

* Last Uploader: Matthias Klose

Debian changes newer than ubuntu version:

python-cryptography (2.6.1-3) unstable; urgency=medium

  * Fix autopkgtest dependencies.

 -- Tristan Seligmann   Sat, 09 Mar 2019 13:25:47 +0200

python-cryptography (2.6.1-2) unstable; urgency=medium

  [ Ondřej Nový ]
  * Convert git repository from git-dpm to gbp layout
  * Use 'python3 -m sphinx' instead of sphinx-build for building docs

  [ Tristan Seligmann ]
  * Fix merge.

 -- Tristan Seligmann   Fri, 08 Mar 2019 20:56:58 +0200

python-cryptography (2.6.1-1) unstable; urgency=medium

  * New upstream release.

 -- Tristan Seligmann   Fri, 08 Mar 2019 13:33:42 +0200

python-cursive 0.2.1-0ubuntu1 -> 0.2.1-2

* Last Uploader: Corey Bryant

Debian changes newer than ubuntu version:

python-cursive (0.2.1-2) unstable; urgency=medium

  * Uploading to unstable.

 -- Thomas Goirand   Sun, 25 Feb 2018 22:56:29 +0000

python-cursive (0.2.1-1) experimental; urgency=medium

  [ Ondřej Nový ]
  * d/control: Set Vcs-* to salsa.debian.org

  [ Thomas Goirand ]
  * New upstream release.
  * Fixed (build-)depends for this release.

 -- Thomas Goirand   Thu, 15 Feb 2018 07:30:00 +0000

python-formencode 1.3.0-0ubuntu5 -> 1.3.0-3

* Last Uploader: LaMont Jones

Debian changes newer than ubuntu version:

python-formencode (1.3.0-3) unstable; urgency=medium

  [ Chris Lamb ]
  * Move from git-dpm -> gbp.
  * Use "alpha_2" over "alpha2" for compatibility with newer versions of
    pycountry. (Closes: #880247)
  * wrap-and-sort -sa.
  * Bump Standards-Version to 4.1.5.
  * Install examples.
  * Move to debhelper compat level 11.

  [ Ondřej Nový ]
  * d/control: Set Vcs-* to salsa.debian.org
  * d/copyright: Use https protocol in Format field
  * d/changelog: Remove trailing whitespaces
  * d/control: Remove trailing whitespaces
  * d/control: Remove ancient X-Python-Version field
  * d/control: Remove ancient X-Python3-Version field

 -- Chris Lamb   Mon, 06 Aug 2018 22:42:30 +0800

python-formencode (1.3.0-2) unstable; urgency=medium

  * Add myself to Uploaders field.
  * Don't ship files in /usr/lib/python{2.7,3}/dist-packages/docs.
    (Closes: #860146)

 -- Chris Lamb   Fri, 14 Apr 2017 09:11:53 +0100

python-formencode (1.3.0-1) unstable; urgency=low

  [ Neil Muller]
  * New upstream release.
  * Add recent fixes from upstream to fix syntax errors in the *.po
    files.
  * Reformat copyright to the machine readable format.
    - Update some stale information.
  * Add myself to Uploaders.
  * Bump standards version to 3.9.8 (No further changes needed).
  * Tweak packages descriptions.
  * Add debian/0004-Remove-test_email-dns-tests.patch to disable new
    tests which require dns.

  [ Piotr Ożarowski ]
  * Bump minimum required Python version to 2.6
  * Add python3-formencode binary package
  * Replace python-dns with python-dnspython dependency
  * Add disable_pkg_resources_in_tests patch - this makes it possible to run
    tests after build (and is useless anyway)

  [ Stefano Rivera ]
  * Refresh patches.
  * Move from SVN to Git, update Vcs-* fields.

  [ Ondřej Nový ]
  * Fixed VCS URL (https)

 -- Neil Muller   Fri, 17 Jun 2016 22:47:57 +0000

python-microversion-parse 0.2.1-0ubuntu1 -> 0.2.1-2

* Last Uploader: Corey Bryant

Debian changes newer than ubuntu version:

python-microversion-parse (0.2.1-2) unstable; urgency=medium

  * Uploading to unstable.

 -- Ondřej Nový   Wed, 05 Sep 2018 10:04:48 +0200

python-microversion-parse (0.2.1-1) experimental; urgency=medium

  * New upstream release
  * Change build deps for new upstream release

 -- Ondřej Nový   Tue, 21 Aug 2018 14:19:33 +0200

python-mistralclient 1:3.7.0-0ubuntu1 -> 1:3.7.0-2

* Last Uploader: Corey Bryant

Debian changes newer than ubuntu version:

python-mistralclient (1:3.7.0-2) unstable; urgency=medium

  [ Ondřej Nový ]
  * Running wrap-and-sort -bast

  [ Thomas Goirand ]
  * Uploading to unstable.
  * Blacklist HTTPClientTest.test_get_request_options_with_profile_enabled() in
    Python 3.x.

 -- Thomas Goirand   Wed, 05 Sep 2018 00:08:49 +0200

python-mistralclient (1:3.7.0-1) experimental; urgency=medium

  [ Ondřej Nový ]
  * d/control: Use team+openstack@tracker.debian.org as maintainer

  [ Thomas Goirand ]
  * New upstream release.
  * Fixed (build-)depends for this release.
  * Building doc with Python 3.
  * Using pkgos-dh_auto_test.

 -- Thomas Goirand   Wed, 22 Aug 2018 11:12:32 +0200

python-os-client-config 1.31.2-0ubuntu1 -> 1.31.2-2

* Last Uploader: Corey Bryant

Debian changes newer than ubuntu version:

python-os-client-config (1.31.2-2) unstable; urgency=medium

  * Uploading to unstable.

 -- Thomas Goirand   Tue, 04 Sep 2018 22:28:31 +0200

python-os-client-config (1.31.2-1) experimental; urgency=medium

  [ Ondřej Nový ]
  * d/control: Set Vcs-* to salsa.debian.org
  * d/control: Use team+openstack@tracker.debian.org as maintainer

  [ Thomas Goirand ]
  * New upstream release.
  * Fixed (build-)depends for this release.
  * Using Python 3 for building sphinx doc.
  * Using pkgos-dh_auto_test.

 -- Thomas Goirand   Mon, 20 Aug 2018 18:46:00 +0200

python-pecan 1.3.2-0ubuntu1 -> 1.3.2-2

* Last Uploader: Corey Bryant

Debian changes newer than ubuntu version:

python-pecan (1.3.2-2) unstable; urgency=medium

  * Uploading to unstable.

 -- Thomas Goirand   Mon, 03 Sep 2018 17:12:46 +0200

python-pecan (1.3.2-1) experimental; urgency=medium

  [ Ondřej Nový ]
  * d/control: Set Vcs-* to salsa.debian.org
  * Running wrap-and-sort -bast
  * d/control: Use team+openstack@tracker.debian.org as maintainer

  [ Thomas Goirand ]
  * New upstream release.
  * Rebased remove-broken-test.patch.

 -- Thomas Goirand   Fri, 24 Aug 2018 09:28:21 +0200

python-pyeclib 1.5.0-1ubuntu5 -> 1.5.0-4

* Last Uploader: Matthias Klose

Debian changes newer than ubuntu version:

python-pyeclib (1.5.0-4) unstable; urgency=medium

  * d/control:
    - Use team+openstack@tracker.debian.org as maintainer
    - Build depend on libisal on amd64 archs to run unit tests during build
    - Build depend on libjerasure to run unit tests during build
  * d/rules: Remove useless debhelper overrides
  * Standards version is 4.2.1 now (no changes)

 -- Ondřej Nový   Mon, 01 Oct 2018 15:05:06 +0200

python-pyeclib (1.5.0-3) unstable; urgency=medium

  * d/tests/*: Don't run encode/decode tests for isa_* ec types on non-amd64
    architures because libisal2 is not available for non-amd64 architectures.
    (Closes: #898733)
  * Add upstream metadata

 -- Ondřej Nový   Wed, 16 May 2018 12:29:30 +0200

python-pyeclib (1.5.0-2) unstable; urgency=medium

  [ Ondřej Nový ]
  * Updating standards version to 4.1.4
  * d/control: Set Vcs-* to salsa.debian.org
  * d/copyright: Bump my copyright year
  * d/control:
    - Add trailing tilde to min version depend to allow backports
    - Move python3-six from python-pyeclib Depends to python3-pyeclib Depends
      (Closes: #898455)
  * Bump debhelper compat level to 11

 -- Ondřej Nový   Mon, 14 May 2018 13:13:18 +0200

python-pyvmomi 6.5.0.2017.5-0ubuntu1 -> 6.7.1-2

* Last Uploader: Dimitri John Ledkov

Debian changes newer than ubuntu version:

python-pyvmomi (6.7.1-2) unstable; urgency=medium

  * Upload to unstable

 -- Mathieu Parent   Sat, 17 Nov 2018 17:33:30 +0100

python-pyvmomi (6.7.1-1) experimental; urgency=medium

  [ Ondřej Nový ]
  * d/control: Set Vcs-* to salsa.debian.org
  * d/control: Add trailing tilde to min version depend to allow
    backports
  * d/control: Use team+openstack@tracker.debian.org as maintainer
  * d/control: Fix wrong Vcs-*

  [ Mathieu Parent ]
  * Upload to experimental
  * New upstream version (Closes: #860285)
    - Removing data_files.patch, merged upstream
    - Add patch to unpin vcrpy out of =1.12.0 and remove SSL tunnel tests
  * Package takeover:
    - Maintainer: Debian OpenStack -> Debian Python Modules Team
    - Uploaders: Remove Julien Danjou, Thomas Goirand, Mehdi Abaakouk and Joshua
      Kwan
    - Uploaders: Add myself
  * Update d/watch to github as doc is missing on pypi
  * Standards-Version: 4.2.1
  * Enable python3 tests and required Build-Depends
  * Debhelper compat: 9 -> 11
  * Add NOTICE.txt in python{,3}-pyvmomi.docs

 -- Mathieu Parent   Fri, 16 Nov 2018 06:22:46 +0100

python-scrypt 0.8.0-0ubuntu5 -> 0.8.0-0.1

* Last Uploader: Matthias Klose

Debian changes newer than ubuntu version:

python-scrypt (0.8.0-0.1) unstable; urgency=medium

  * Non-maintainer upload.
  * New upstream release (Closes: #877732).
  * Added Python 3 support (Closes: #742225).
  * Build-depends: on python{3,}-setuptools.

 -- Thomas Goirand   Thu, 05 Oct 2017 17:07:52 +0200

python-seamicroclient 0.4.0-1ubuntu1 -> 0.4.0-3

* Last Uploader: Andres Rodriguez

Debian changes newer than ubuntu version:

python-seamicroclient (0.4.0-3) unstable; urgency=medium

  [ Thomas Goirand ]
  * Uploading to unstable.
  * Added missing build-depends-indep: subunit.
  * Removed argparse from requirements.txt and lift pbr upper bound.
  * Added missing python-requests build-dep.
  * Blacklist a number of tests:
    - tests.test_http.ClientTest.test_get
    - test_http.ClientTest.test_post
    - v2.test_fantrays.FanTraysTest.test_list_fantrays
    - v2.test_scards.ScardsTest.test_list_scards
    - v2.test_servers.ServersTest.test_server_set_tagged_vlan
    - v2.test_servers.ServersTest.test_server_set_untagged_vlan
    - v2.test_servers.ServersTest.test_server_unset_tagged_vlan
    - v2.test_servers.ServersTest.test_server_unset_untagged_vlan
    - v2.test_system.Systemstest.test_list_system
  * Using OpenStack's Gerrit as VCS URLs.

  [ Ondřej Nový ]
  * Fixed VCS URLs (https).
  * d/rules: Changed UPSTREAM_GIT protocol to https
  * d/s/options: extend-diff-ignore of .gitreview
  * d/control: Use correct branch in Vcs-* fields

 -- Thomas Goirand   Thu, 10 Mar 2016 10:31:04 +0100

python-tornado 5.1.1-2ubuntu2 -> 5.1.1-4

* Last Uploader: Matthias Klose

Debian changes newer than ubuntu version:

python-tornado (5.1.1-4) unstable; urgency=medium

  * d/patches/0007-Higher-test_gc-timeout.patch: Added, fixies FTBS on mipsel

 -- Ondřej Nový   Sat, 26 Jan 2019 13:15:05 +0100

python-tornado (5.1.1-3) unstable; urgency=medium

  * Set TRAVIS env variable to "true"
  * Use SOURCE_DATE_EPOCH for copyright year to make build reproducible
  * Bump Standards-Version to 4.3.0 (no changes)

 -- Ondřej Nový   Tue, 22 Jan 2019 17:24:12 +0100

qemu 1:3.1+dfsg-2ubuntu3 -> 1:3.1+dfsg-7

* Last Uploader: Christian Ehrhardt 

Debian changes newer than ubuntu version:

qemu (1:3.1+dfsg-7) unstable; urgency=high

  [ Michael Tokarev ]
  * device_tree-don-t-use-load_image-CVE-2018-20815.patch
    fix heap buffer overflow while loading device tree blob
    (Closes: CVE-2018-20815)

  [ Christian Ehrhardt ]
  * qemu-guest-agent: fix path of fsfreeze-hook (LP: #1820291)
   - d/qemu-guest-agent.install: use correct path for fsfreeze-hook
   - d/qemu-guest-agent.pre{rm|inst}/.postrm: special handling for
     mv_conffile since the new path is a directory in the old package
     version which can not be handled by mv_conffile.

 -- Michael Tokarev   Wed, 27 Mar 2019 14:24:06 +0300

qemu (1:3.1+dfsg-6) unstable; urgency=high

  * slirp-check-sscanf-result-when-emulating-ident-CVE-2019-9824.patch
    fix information leakage in slirp code (Closes: CVE-2019-9824)

 -- Michael Tokarev   Mon, 18 Mar 2019 14:41:51 +0300

qemu (1:3.1+dfsg-5) unstable; urgency=high

  * i2c-ddc-fix-oob-read-CVE-2019-3812.patch fixes
    OOB read in hw/i2c/i2c-ddc.c which allows for memory disclosure.
    Closes: #922635, CVE-2019-3812

 -- Michael Tokarev   Mon, 11 Mar 2019 14:30:44 +0300

qemu (1:3.1+dfsg-4) unstable; urgency=medium

  * mention closing of #855043 by 3.1+dfsg-3
  * disable pvrdma for now, it is a bit too buggy.
    Besides several security holes there are many other bugs there as well,
    and the amount of patches applied upstream after 3.1 release is large
    (Closes, or really makes unimportant again: CVE-2018-20123 CVE-2018-20124
     CVE-2018-20125 CVE-2018-20126 CVE-2018-20191 CVE-2018-20216)

 -- Michael Tokarev   Mon, 11 Feb 2019 14:00:09 +0300

qemu (1:3.1+dfsg-3) unstable; urgency=medium

  [ Michael Tokarev ]
  * mention #696289 closed by 2.10
  * move ovmf to recommends on debian and update aarch ovmf refs
    (Closes: #889885, #855043)
  * remove /dev/kvm permission handling (moved to systemd 239-6)
    (Closes: #892945)
  * build qemu-palcode using alpha cross-compiler
    (Closes: #913103)
  * fix path in qemu-guest-agent.service (#918378), fixs Bind[s]To
    (Closes: #918378
  * use int for sparc64 timeval.tv_usec
    (Closes: #920032)
  * build-depend on libglusterfs-dev not glusterfs-common
    (Closes: #919668, #881527)
  * add breaks: qemu-system-data to qemu-system-common,
    to close #916279 completely (all this can be removed after buster)
    (Closes: #916279)
  * scsi-generic-avoid-possible-oob-access-to-r-buf-CVE-2019-6501.patch
    (Closes: #920222, CVE-2019-6501)
  * slirp-check-data-length-while-emulating-ident-function-CVE-2019-6778.patch
    (Closes: #921525)
  * pvrdma-release-device-resources-on-error-CVE-2018-20123.patch
    (Closes: #916442, CVE-2018-20123)
  * enable rdma and pvrdma, build-depend on
    librdmacm-dev, libibverbs-dev, libibumad-dev
  * sync debian/qemu-user-static.1 and debian/qemu-user.1 generate the latter
    from the former (finally Closes: #901407)
  * move ivshmem-server & ivshmem-client from qemu-utils to qemu-system-common
    (the binaries are also specific to qemu-system, not useable alone)
  * move qemu-pr-helper from qemu-utils to qemu-system-common -
    this is an internal qemu-system helper, with possible socket activation,
    not intended for use outside of qemu-system

  [ Christian Ehrhardt ]
  * qemu-guest-agent: freeze-hook to ignore dpkg files (packaging changes)

 -- Michael Tokarev   Wed, 06 Feb 2019 12:23:01 +0300

quota 4.04-2ubuntu2 -> 4.05-1

* Last Uploader: Jeremy Bicha

Debian changes newer than ubuntu version:

quota (4.05-1) unstable; urgency=medium

  * New upstream version 4.05
  * Bumped Standards-Version to 4.3.0, no changes needed.

 -- Michael Meskes   Tue, 09 Apr 2019 10:12:04 +0200

resource-agents 1:4.2.0-1ubuntu1 -> 1:4.2.0-2

* Last Uploader: James Page

Debian changes newer than ubuntu version:

resource-agents (1:4.2.0-2) unstable; urgency=medium

  * debian/rules: fix build with merged-usr (Closes: #915848)
  * debian/patches: use /run for ldirectord pid file

 -- Valentin Vidic   Sun, 09 Dec 2018 21:04:49 +0100

sg3-utils 1.42-2ubuntu1 -> 1.44-1

* Last Uploader: Mathieu Trudel-Lapierre

Debian changes newer than ubuntu version:


spice 0.14.0-1ubuntu5 -> 0.14.0-1.3

* Last Uploader: Marc Deslauriers

Debian changes newer than ubuntu version:

spice (0.14.0-1.3) unstable; urgency=medium

  * Non-maintainer upload.
  * memslot: Fix off-by-one error in group/slot boundary check (CVE-2019-3813)
    (Closes: #920762)

 -- Salvatore Bonaccorso   Mon, 28 Jan 2019 13:04:44 +0100

spice (0.14.0-1.2) unstable; urgency=medium

  * Non-maintainer upload.
  * tests/pki: Use CA/certificate with 2048 bit RSA keys (Closes: #910634)

 -- Salvatore Bonaccorso   Thu, 11 Oct 2018 23:41:48 +0200

spice (0.14.0-1.1) unstable; urgency=medium

  * Non-maintainer upload.
  * Fix flexible array buffer overflow (CVE-2018-10873) (Closes: #906315)

 -- Salvatore Bonaccorso   Sat, 15 Sep 2018 09:15:28 +0200

squid 4.4-1ubuntu2 -> 4.6-2

* Last Uploader: Andreas Hasenack

Debian changes newer than ubuntu version:

squid (4.6-2) unstable; urgency=high

  [ Andreas Hasenack  ]
  * Add disabled by default AppArmor profile (Closes: #923213)

 -- Luigi Gangitano   Mon, 04 Mar 2019 09:28:15 +0100

squid (4.6-1) unstable; urgency=high

  [ Amos Jeffries  ]
  * New Upstream Release
    - Fix multiple memory leak and data corruption issues
    - Detect IPv6 loopback binding errors
    - Do not call setsid() in --foreground mode
    - Exit on fork() failures
    - Fix OpenSSL builds that define OPENSSL_NO_ENGINE
    - Fix multiple GCC-8 compile errors

 -- Luigi Gangitano   Fri, 22 Feb 2019 14:28:15 +0100

squid (4.5-2) unstable; urgency=medium

  [ Luigi Gangitano  ]
  * debian/{rules,squid.tmpfile}
    - Add tmpfiles configuration to handle /var/run/squid at boot

  * debian/squid.lintian-overrides
    - Removed unused override file

 -- Luigi Gangitano   Wed, 20 Feb 2019 17:28:15 +0100

squid (4.5-1) unstable; urgency=medium

  [ Amos Jeffries  ]
  * New Upstream Release

  * debian/control
    - Bumped Standards-Version to 4.3.0, no change needed

  * debian/rules
    - Add /var/run/squid directory for SMP workers and helpers

  [ Helmut Grohne  ]
  * debian/rules
    - Pass BUILDCXX to ./configure on cross-builds
    - use --with-build-environment=default to avoid arm64 flag issues

  * debian/control
    - Add cross-compile annotations to restrict GCC/LLVM dependency
      (Closes: #916536)

  [ Luigi Gangitano  ]
  * debian/control
    - Fixed dependency on winbind instead of winbindd

  * debian/squid{,3}.{postinst,postrm,preinst,maintscript}
    - Moved dpkg-maintscript-helper commands to proper DH file

 -- Luigi Gangitano   Wed, 20 Feb 2019 11:57:15 +0100

sssd 1.16.3-3ubuntu1 -> 1.16.3-3.1

* Last Uploader: Andreas Hasenack

Debian changes newer than ubuntu version:

sssd (1.16.3-3.1) unstable; urgency=high

  * Non-maintainer upload.
  * Fix copy_ccache test broken by recent krb5 changes. (Closes: #921761)
  * Fix PAC responder build with krb5 1.17. (Closes: #923125)

 -- Dominik George   Sun, 24 Feb 2019 11:05:55 +0100

strongswan 5.7.1-1ubuntu2 -> 5.7.2-1

* Last Uploader: Christian Ehrhardt 

Debian changes newer than ubuntu version:

strongswan (5.7.2-1) unstable; urgency=medium

  * d/control: remove Rene from Uploaders, thanks!
  * d/copyright: fix typos
  * d/watch: use HTTPS protocol
  * d/control: update standards version to 4.2.1
  * drop unused debconf template
  * use a clean export for upstream signing key
  * d/copyright update
  * New upstream version 5.7.2
  * d/copyright updated
  * d/control: update standards version to 4.3.0
  * d/libstrongswan.dirs: drop lintian overrides dir
  * d/u/signing-key.asc: strip signatures from upstream signing key
  * d/patches: import patches in gbp pq

 -- Yves-Alexis Perez   Wed, 02 Jan 2019 13:02:11 +0100

vlan 2.0.4ubuntu1 -> 2.0.5

* Last Uploader: Dan Streetman (sponsored by Eric Desrochers)

Debian changes newer than ubuntu version:

vlan (2.0.5) unstable; urgency=medium

  * debian/network/if-pre-up.d/vlan: add missing biosdevname (Closes: #922801).
    - Thanks to Dan Steetman for the patch.

 -- Willem van den Akker   Thu, 21 Feb 2019 08:29:59 +0100

webtest 2.0.28-1ubuntu1 -> 2.0.32-1

* Last Uploader: Corey Bryant

Debian changes newer than ubuntu version:

webtest (2.0.32-1) unstable; urgency=medium

  [ Ondřej Nový ]
  * d/control: Set Vcs-* to salsa.debian.org
  * d/watch: Use https protocol
  * d/control: Remove ancient X-Python-Version field
  * Convert git repository from git-dpm to gbp layout

  [ Piotr Ożarowski ]
  * New upstream release
  * Add patch to use default Sphinx theme (pylons_sphinx_theme is not packaged)
  * Standards-Version bumped to 4.3.0 (no changes needed)

 -- Piotr Ożarowski   Sat, 29 Dec 2018 22:14:13 +0100

xen 4.9.2-0ubuntu2 -> 4.11.1+26-g87f51bf366-3

* Last Uploader: Matthias Klose

Debian changes newer than ubuntu version:

xen (4.11.1+26-g87f51bf366-3) unstable; urgency=medium

  Minor useability improvements and fixes:
  * bash-completion: also complete 'xen'  [Hans van Kranenburg]
  * /etc/default/xen: Handle with ucf again, like in stretch.
    Closes:#923401.  [Ian Jackson]

  Build fix:
  * Fix FTBFS when building only arch-indep binaries (eg
    dpkg-buildpackage -A).  Was due to dh-exec bug wrt not-installed.
    Closes:#923013.  [Hans van Kranenburg; report from Santiago Vila]

  Documentation fix:
  * grub.d/xen.cfg: dom0_mem max IS needed  [Hans van Kranenburg]

 -- Ian Jackson   Thu, 28 Feb 2019 16:37:04 +0000

xen (4.11.1+26-g87f51bf366-2) unstable; urgency=medium

  * Packaging change: override spurious lintian warning about
    fsimage.so rpath.

 -- Ian Jackson   Fri, 22 Feb 2019 16:07:37 +0000

xen (4.11.1+26-g87f51bf366-1) unstable; urgency=medium

  Significant changes:
  * Update to new upstream version 4.11.1+26-g87f51bf366.
    (This is from the upstream stable branch.)  [Ian Jackson]
  * Build and use oxenstored rather than the C xenstored by default.
    [Ian Jackson and Hans van Kranenburg]
  * xen init script: rewrite and reorganise xenstored start logic.
    [Hans van Kranenburg]

  Documentation etc. improvements:
  * Refresh hypervisor and dom0 command line options documentation.
    (Closes: #919758)  [Hans van Kranenburg; report from Gergely]
  * Ship /etc/default/xen, a striped and tidied version of upstream
    sysconfig.xencommons.in.  [Hans van Kranenburg]

  Significant bugfixes:
  * xen init script: Do nothing if running for wrong Xen package.
    Avoids mystery loss of xenconsoled.  Closes:#851654.
    [Ian Jackson; report from Wolodja Wentland]
  * Make pygrub work again (by fixing python module and shared library
    paths).  Closes:#912381.  [Ian Jackson; earlier, Bastian Blank;
    report from Dimitar Angelov, also Torben Schou Jensen]

  Packaging bugfixes:
  * Have xen-utils-common suggest xen-doc, because it contains a broken
    symlink to it.  Closes:#911046.
    [Hans van Kranenburg; report from Andreas Beckmann]
  * Have xenstore-utils declare Breaks on xen-utils-common to make
    piuparts happy.  Closes:#911045.
    [Hans van Kranenburg, report from Andreas Beckmann]
  * hotplug-common: Strip arch-specific libdir from config file
    Closes:#862236.  [Ian Jackson; report from Stefan Bühler]
  * xendomains init script; Add dependency on $network.
    Closes:#798510.  [Francois Lesueur]
  * xendomains init script; Add should-dependency on nfs-kernel-server
    Closes:#826871.  [Geoffrey McRae]

  Packaging minor fixes and improvements [Hans van Kranenburg]:
  * debian/libxenstore3.0.symbols: revert ea2334dfe0
  * debian/control: add dh-python build-dep
  * d/xen-utils-V...: override xen-shim-syms lintian
  * debian/control: bump debhelper builddep to 10
  * debian/.gitignore: ignore more debhelper snippets
  * bash-completion: install completion rules for xl
  * xen init script: don't fail when being run in domU
  * Remove xend cruft from various init scripts etc.

  Packaging minor fixes and improvements [Ian Jackson]:
  * xen version/upgrade handling: Improve an error message
  * xen init script: silently exit status 0 if not running under xen
  * xen init script: Tidy up wrong/missing Xen version error handling
  * debian/rules: Fix tiny typos
  * hotplug-common: Do not adjust LD_LIBRARY_PATH

 -- Ian Jackson   Fri, 22 Feb 2019 15:11:45 +0000

xen (4.11.1-1) unstable; urgency=medium

  * debian/control: Add Homepage, Vcs-Browser and Vcs-Git.
    (Closes: #911457)
  * grub.d/xen.cfg: fix default entry when using l10n (Closes: #865086)
  * debian/rules: Don't exclude the actual pygrub script.
  * Update to new upstream version 4.11.1, which also contains:
    - Fix: insufficient TLB flushing / improper large page mappings with AMD
      IOMMUs
      XSA-275 CVE-2018-19961 CVE-2018-19962
    - Fix: resource accounting issues in x86 IOREQ server handling
      XSA-276 CVE-2018-19963
    - Fix: x86: incorrect error handling for guest p2m page removals
      XSA-277 CVE-2018-19964
    - Fix: x86: Nested VT-x usable even when disabled
      XSA-278 CVE-2018-18883
    - Fix: x86: DoS from attempting to use INVPCID with a non-canonical
      addresses
      XSA-279 CVE-2018-19965
    - Fix for XSA-240 conflicts with shadow paging
      XSA-280 CVE-2018-19966
    - Fix: guest use of HLE constructs may lock up host
      XSA-282 CVE-2018-19967
  * Update version handling patching to put the team mailing list address in
    the first hypervisor log line and fix broken other substitutions.
  * Disable handle_iptable hook in vif-common script. See #894013 for more
    information.

 -- Hans van Kranenburg   Wed, 02 Jan 2019 20:59:40 +0100

xen (4.11.1~pre.20180911.5acdd26fdc+dfsg-5) unstable; urgency=medium

  * debian/rules: Cope if xen-utils-common not being built
    (Fixes binary-indep FTBFS.)

 -- Ian Jackson   Mon, 15 Oct 2018 18:07:11 +0100

xen (4.11.1~pre.20180911.5acdd26fdc+dfsg-4) unstable; urgency=medium

  * Many packaging fixes to fix FTBFS on all arches other than amd64.
  * xen-vbd-interface(7): Provide properly-formatted NAME section
  * Add pandoc and markdown to Build-Depends - fixes missing docs.
  * Revert "tools-xenstore-compatibility.diff" apropos of discussion
    https://lists.xenproject.org/archives/html/xen-devel/2018-10/msg00838.html

 -- Ian Jackson   Mon, 15 Oct 2018 12:15:36 +0100

xen (4.11.1~pre.20180911.5acdd26fdc+dfsg-3) unstable; urgency=medium

  * hypervisor package postinst: Actually install (avoids need to
    run update-grub by hand).
  * debian/control: Adding Section to source stanza
  * debian/control: Add missing Replaces on old xen-utils-common
  * debian/rules: Add a -n to a gzip rune to improve reproducibility

 -- Ian Jackson   Fri, 12 Oct 2018 16:55:48 +0100

xen (4.11.1~pre.20180911.5acdd26fdc+dfsg-2) unstable; urgency=medium

  * Redo as an upload with binaries, because source-only uploads to NEW
    are not allowed.

 -- Ian Jackson   Fri, 05 Oct 2018 19:38:52 +0100

xen (4.11.1~pre.20180911.5acdd26fdc+dfsg-1) unstable; urgency=medium

  * Update to new upstream version 4.11.1~pre.20180911.5acdd26fdc+dfsg;
    merging in 4.11.1~pre.20180911.5acdd26fdc+dfsg-1~exp1.

 -- Ian Jackson   Fri, 05 Oct 2018 18:39:58 +0100

xen (4.11.1~pre+1.733450b39b-1) unstable; urgency=medium

  * Completely overhauled the packaging.  In the source package, things
    are very much simpler now with only a few hundred loc of templating
    and scriptery.  In the binary packages the resulting changes are:
     - We now provide -dbgsym packages in the standard way
      - Shared libraries with unstable ABI upstream (ie, whose
        ABI changes with the Xen version) are now in
        libxen-misc rather than libxen and
        have more conventional-looking filenames.
     - Shared libraries with a stable ABI upstream are now each in their
       own package, named after the soname (ABI version), as is
       conventional.  The sonames and minor versions of these are
       no longer mangled.
     - xs.h, replaced upstream by xenstore.h, is now in
       /usr/include/xenstore-compat (as shipped upstream), with
       symlinks left behind.
     - fsimage*.h is no longer shipped (it's namespace-grabbish).
     - libxenvchan.h is in /usr/include as it is in upstream,
       not buried in /usr/include/xen/io
     - /etc/xen/cpupool, a not very interesting example config file,
       has been moved into /usr/share/doc/.
     - There is a new xen-doc package, in which the upstream HTML
       documentation, and various other bits, is now provided.  This
       replaces the text format documentation previously provided in
       xen-utils-common (but the manpages are still there).
     - Utilities which use on libraries with stable ABIs upstream
       are no longer subjected to the Xen version wrapper.
     - Several utilities are now provided in /usr/bin which were
       previously only available buried in /usr/lib/xen-:
          xen-detect xenalyze xencons xencov_split xen-cpuid
       (version-wrapped, where necessary).
     - Likewise very many utilities and daemons in /usr/sbin:
          gdbsx xen-bugtool xen-ringwatch xen-tmem-list-parse
          xenmon xenpmd flask-* xen-kdd xen-diag xen-hptool
          xen-hvmcrash xen-hvmctx xen-livepatch xen-lowmemd
          xen-mfndump xenbaked xenconsoled xencov xenlockprof
          xenstored xenwatchdogd
     - xend and xm are long gone, so remove the support for the
       TOOLSTACK setting in /etc/default/xen.  /usr/sbin/xen just
       runs xl now.  Remove mentions of xend-config.sxp and all
       *.sxp files.  Drop the xend init script.
     - There is no longer any Built-Using.  This is no longer true for
       seabios, which is depended on and used at runtime, rather than
       being embedded into hvmloader.  (The source package also previously
       tried to mention ipxe-qemu in Built-Using but that's (i) dependent
       upstream on CONFIG_ROMBIOS which we disable, and not a
       build-dependency either.)
     - The hvmloader and xen-shim binaries no longer have their .note
       and .comment section(s) stripped.  .note is needed for xen-shim
       to work properly and to find the corresponding debug files.
       And .comment is tiny and harmless AFAICT.
     - Hypervisor debug map files are installed in /usr/lib/debug.
     - The xl bash_completion file from upstream is installed.
     - libxenvchan.h is installed.
     - We install xen-*.efi in /boot.
     - Sections of some packages have been rationalised.
     - We install a doc-base control file.

 -- Ian Jackson   Wed, 03 Oct 2018 18:45:02 +0100

xen (4.11.1~pre.20180911.5acdd26fdc+dfsg-1~exp1) experimental; urgency=medium

  * Update to new upstream version 4.11.1~pre.20180911.5acdd26fdc+dfsg.
  * Remove stubdom/grub.patches/00cvs from the upstream source because it's
    not DFSG compliant. (license-problem-gfdl-invariants)
  * Override statically-linked-binary lintian error about
    usr/lib/xen-4.11/boot/xen-shim

 -- Hans van Kranenburg   Tue, 11 Sep 2018 15:34:34 +0200

xen (4.11.1~pre+1.733450b39b-1~exp1) experimental; urgency=medium

  [ Hans van Kranenburg ]
  * Update to 4.11.1-pre commit 733450b39b, which also contains:
    - Additional fix for: Unlimited recursion in linear pagetable de-typing
      XSA-240 CVE-2017-15595 (listed as xsa240-4.8/0004)
    - Fix x86 PV guests may gain access to internally used pages
      XSA-248 CVE-2017-17566
    - Fix broken x86 shadow mode refcount overflow check
      XSA-249 CVE-2017-17563
    - Fix improper x86 shadow mode refcount error handling
      XSA-250 CVE-2017-17564
    - Fix improper bug check in x86 log-dirty handling
      XSA-251 CVE-2017-17565
    - Fix: DoS via non-preemptable L3/L4 pagetable freeing
      XSA-252 CVE-2018-7540
    - Fix x86: memory leak with MSR emulation
      XSA-253 CVE-2018-5244
    - Multiple parts of fixes for...
      Information leak via side effects of speculative execution
      XSA-254 CVE-2017-5753 CVE-2017-5715 CVE-2017-5754
      - XPTI stage 1 a.k.a. 'Meltdown band-aid', XPTI-S1 or XPTI-lite
      - Branch predictor hardening for ARM CPUs
      - Support compiling with indirect branch thunks (e.g. retpoline)
      - Report details of speculative mitigations in boot logging
    - Fix: grant table v2 -> v1 transition may crash Xen
      XSA-255 CVE-2018-7541
    - Fix: x86 PVH guest without LAPIC may DoS the host
      XSA-256 CVE-2018-7542
    - The "Comet" shim, which can be used as a mitigation for Meltdown to
      shield the hypervisor against 64-bit PV guests.
    - Fix: Information leak via crafted user-supplied CDROM
      XSA-258 CVE-2018-10472
    - Fix: x86: PV guest may crash Xen with XPTI
      XSA-259 CVE-2018-10471
    - Fix: x86: mishandling of debug exceptions
      XSA-260 CVE-2018-8897
    - Fix: x86 vHPET interrupt injection errors
      XSA-261 CVE-2018-10982
    - Fix: qemu may drive Xen into unbounded loop
      XSA-262 CVE-2018-10981
    - Fix: Speculative Store Bypass
      XSA-263 CVE-2018-3639
    - Fix: preemption checks bypassed in x86 PV MM handling
      XSA-264 CVE-2018-12891
    - Fix: x86: #DB exception safety check can be triggered by a guest
      XSA-265 CVE-2018-12893
    - Fix: libxl fails to honour readonly flag on HVM emulated SCSI disks
      XSA-266 CVE-2018-12892
    - Fix: Speculative register leakage from lazy FPU context switching
      XSA-267 CVE-2018-3665
    - Fix: Use of v2 grant tables may cause crash on ARM
      XSA-268 CVE-2018-15469
    - Fix: x86: Incorrect MSR_DEBUGCTL handling lets guests enable BTS
      XSA-269 CVE-2018-15468
    - Fix: oxenstored does not apply quota-maxentity
      XSA-272 CVE-2018-15470
    - Fix: L1 Terminal Fault speculative side channel
      XSA-273 CVE-2018-3620
  * Merge changes for 4.9 from the ubuntu packaging (thanks, Stefan Bader):
    - Rebase patches against upstream source (line numbers etc).
    - debian/rules.real:
      - Add a call to build common tool headers.
      - Add a call to install common tool headers.
    - debian/libxen-dev.install, d/p/ubuntu-tools-libs-abiname.diff:
      - Add additional modifications for new libxendevicemodel.
    - debian/patches/tools-fake-xs-restrict.patch:
      - Re-introduce (fake) xs_restrict call to keep libxenstore version at
        3.0 for now.
    - debian/libxenstore3.0.symbols: add xs_control_command
  * Rebase patches against 4.10 upstream source.
  * Rebase patches against 4.11 upstream source.
  * Add README.source.md to document how the packaging works.
  * This package builds correctly with gcc 7. (Closes: #853710)
  * Fix grub config file conflict when upgrading from Stretch. (Closes: #852545)
  * Init scripts: Do not kill per-domain qemu processes. (Closes: #879751)
  * debian/patches: Fix "'vwprintw' is deprecated" gcc 8 compilation error

  [ Mark Pryor ]
  * Fix shared library build dependencies for the new xentoolcore library.

  [ John Keates ]
  * Enable OVMF (Closes: #858962)

 -- Hans van Kranenburg   Sun, 08 Jul 2018 14:30:32 +0200