amazon-ec2-utils (2.0.1-2) unstable; urgency=medium
 .
   [ Luca Boccassi ]
   * Remove diversion of udev rule 60-cdrom_id.rules (Closes: #1035667)

dirty-equals (0.6.0-1) unstable; urgency=medium
 .
   * New upstream release.
   * Update copyright year.
   * Update Standards-Version.
   * Skip new test that needs pytest-examples, because it is not packaged.

emacs-websocket (1.13-3) unstable; urgency=medium
 .
   * Import 0002-set-ready-state-to-closed-when-websocket-is-closed-a.patch
     from upstream.  At this time, this commit appears to be more about
     correctness rather than about fixing a release-critical bug or known
     vulnerability.  If ever the upstream bug becomes a more serious issue,
     then it will be better for the fix to have already been tested in Debian.
   * This fix makes emacs-websocket for Debian equivalent to upstream 1.14.

gmsh (4.8.4+ds2-3) unstable; urgency=medium
 .
   * [c8b0031] Skip reprotest in CI.
   * [7106608] Add copyright file to libgmsh-private-headers-dev.
               (Closes: #1035430)

kitty (0.26.5-5) unstable; urgency=high
 .
   * Ship kitty-open.desktop as an example, instead of under
     /usr/share/applications.  This avoids registering kitty as a handler for
     various MIME types, which could cause it to execute untrusted files,
     instead of viewing them. (Closes: #1034875)

lemonldap-ng (2.16.1+ds-2) unstable; urgency=medium
 .
   * Fix incorrect parsing of OP-provided acr
   * Fix regression introduced in 2.16.1 that render viewer unusable

libssh (0.10.5-2) unstable; urgency=medium
 .
   * Revert "Bump debhelper from old 12 to 13."
     This is not appropriate at this point of the release cycle any more.
libssh (0.10.5-1) unstable; urgency=high
 .
   [ Martin Pitt ]
   * New upstream security release (thus high urgency):
     - Fix authenticated remote DoS through potential NULL dereference during rekeying
       with algorithm guessing (CVE-2023-1667)
       https://www.libssh.org/security/advisories/CVE-2023-1667.txt
     - Client authentication bypass in pki_verify_data_signature() in low-memory
       conditions with OpenSSL backend; gcrypt backend is not affected
       https://www.libssh.org/security/advisories/CVE-2023-2283.txt
       (CVE-2023-2283, Closes: #1035832)
   * Bump Standards-Version to 4.6.2. No changes necessary.
   * Drop debian/source/lintian-overrides. It now causes a "mismatched-override"
     warning, and apparently is not necessary any more.
   * debian/copyright: Drop files which don't exist any more.
     Spotted by lintian's "superfluous-file-pattern" warnings.
 .
   [ Debian Janitor ]
   * Bump debhelper from old 12 to 13.
   * Avoid explicitly specifying -Wl,--as-needed linker flag.

mate-desktop (1.26.0-2) unstable; urgency=medium
 .
   * debian/patches:
     + Trivial rebase of 001_prefer-x-terminal-emulator.patch.
     + Add patches 0001 and 0002. Fix two memory leaks.
     + Add patch 0003 fix use-after-free issue. (Closes: #1033719).
   * debian/control:
     + In bin:pkg libmate-desktop-dev switch from libgdk-pixbuf2.0-dev
       (deprecated) to libgdk-pixbuf-2.0-dev. Thanks, lintian.
   * debian/copyright:
     + Update copyright attribution for debian/ folder.

mate-polkit (1.26.1-3) unstable; urgency=medium
 .
   * Re-upload source-only. (By mistake, previous upload was src+amd64 upload).
mate-polkit (1.26.1-2) unstable; urgency=medium
 .
   [ Thomas Uhle ]
   * debian/:
     + Move polkit-agent executable to /usr/libexec directory. Move man page
       into mate-polkit-bin bin:pkg. (Closes: #1006996). Re-adjust inter-package
       relations and bin:pkg architecture declarations. Remove remnants of this
       package being a shared library once (i.e. drop Multi-Arch: fields).
   * debian/rules:
     + Drop duplicate --disable-silent-rules from configure run.
 .
   [ Mike Gabriel ]
   * debian/control:
     + Switch from D: policykit-1 (deprecated) to polkitd. (Closes: #1025598).
   * debian/copyright:
     + Update copyright attributions for debian/.

mate-terminal (1.26.0-2) unstable; urgency=medium
 .
   [ Martin Wimpress ]
   * debian/patches:
     + Add 1002_fix_context_menu_font.patch (LP: #1955505, closes: #998856,
       #1001793).

mygui (3.4.1+dfsg-3) unstable; urgency=medium
 .
   * Team upload
   * libmygui-dev: Add missing Depends (Closes: #1035453)

srpc (0.9.8-1.1) unstable; urgency=medium
 .
   * Non-maintainer upload
   * libsrpc-dev: Add missing Depends (Closes: #1035456)

symfony (5.4.23+dfsg-1) unstable; urgency=medium
 .
   [ Fabien Potencier ]
   * Update VERSION for 5.4.23
symfony (5.4.22+dfsg-3) unstable; urgency=medium
 .
   * [Mime] regenerate test certificates (Closes: #1034854)

tuxmath (2.0.3-9) unstable; urgency=medium
 .
   * tuxmath-data: update link target to comply with the change in
     fonts-sil-andika: /usr/share/fonts/truetype/andika/Andika-R.ttf has been
     renamed to Andika-Regular.ttf. Thanks to Andreas Beckmann.
     Closes: #1035872.