ia32-libs (20160228) squeeze-lts; urgency=low

  * Packages updated

  [ krb5 (1.8.3+dfsg-4squeeze11) squeeze-lts; urgency=medium ]

  * Non-maintainer upload by the Squeeze LTS Team.
  * patches taken from the Wheezy version
    (prepared by Salvatore Bonaccorso)
  * Verify decoded kadmin C strings [CVE-2015-8629]
    CVE-2015-8629: An authenticated attacker can cause kadmind to read
    beyond the end of allocated memory by sending a string without a
    terminating zero byte. Information leakage may be possible for an
    attacker with permission to modify the database. (#813296)
  * Fix leaks in kadmin server stubs [CVE-2015-8631]
    CVE-2015-8631: An authenticated attacker can cause kadmind to leak
    memory by supplying a null principal name in a request which uses one.
    Repeating these requests will eventually cause kadmind to exhaust all
    available memory. (#813126)

  [ libssh2 (1.2.6-1+deb6u2) squeeze-lts; urgency=high ]

  * Non-maintainer upload by the Debian LTS team
  * diffie_hellman_sha256: convert bytes to bits (CVE-2016-0787)

  [ nss (3.12.8-1+squeeze14) squeeze-lts; urgency=medium ]

  * Non-maintainer upload by the Debian LTS Team.
  * Add CVE-2016-1938.patch:
    CVE-2016-1938: The s_mp_div function improperly divides numbers

  [ openssl (0.9.8o-4squeeze23) squeeze-lts; urgency=medium ]

  * Fix CVE-2015-3197
  * Always generate new key for DHE.

  [ tiff (3.9.4-5+squeeze14) squeeze-lts; urgency=medium ]

  * Non-maintainer upload by the Squeeze LTS Team
  * Fix CVE-2015-8781, CVE-2015-8782 and CVE-2015-8783: out-of-band read/write
    when decoding invalid data
  * Fix CVE-2015-8784: potential out-of-bound write in NeXTDecode()

  [ tiff (3.9.4-5+squeeze13) squeeze-lts; urgency=medium ]

  * Non-maintainer upload by the Debian LTS Team.
  * Fix CVE-2015-8665: Out-of-bounds read in TIFFRGBAImage interface.
  * Fix CVE-2015-8683: Out-of-bounds read in CIE Lab image format.

 -- Thijs Kinkhorst <thijs@debian.org>  Sun, 28 Feb 2016 11:54:58 +0100

ia32-libs (20151231) squeeze-lts; urgency=low

  * Packages updated

  [ arts (1.5.9-3+deb6u1) squeeze-lts; urgency=medium ]

  * Non-maintaine upload by the Debian LTS team.
  * Add debian/patches/99_CVE-2015-7543.diff to fix CVE-2015-7543:
    insecure use of mktemp() leading to possible hijack of IPC directory.

  [ cups (1.4.4-7+squeeze10) squeeze-lts; urgency=medium ]

  * Fix buffer overflow on size allocation of texttopdf.
    Updated debian/local/filters/pdf-filters/filter/texttopdf.c
    - CVE-2015-3258: Heap-based buffer overflow in the WriteProlog
      function.
    - CVE-2015-3279: Integer overflow.

  [ freetype (2.4.2-2.1+squeeze6) squeeze-lts; urgency=medium ]

  * Non-maintainer upload by the Squeeze LTS Team.
  * CVE-2014-9745: Fix Savannah bug #41590. Protect against invalid number in
    t1load.c parse_encoding().
  * CVE-2014-9746, CVE-2014-9747: Fix Savannah bug #41309. Correct use of
    uninitialized data in t1load.c, cidload.c, t42parse.c and psobjs.c.

  [ gnutls26 (2.8.6-1+squeeze6) squeeze-lts; urgency=high ]

  * Non-maintainer upload by the Squeeze LTS Team.
  * CVE-2015-8313: A tiny POODLE left. Gnutls didn't check the first padding
    byte in CBC modes.

  [ krb5 (1.8.3+dfsg-4squeeze10) squeeze-lts; urgency=medium ]

  * Non-maintainer upload by the Squeeze LTS Team.
  * CVE-2015-2697: Fix build_principal memory bug
  * Backport k5memdup0 from 1.13.2 for that
  * CVE-2015-2695: Fix SPNEGO context aliasing bugs
  * The upstream patch for CVE-2015-2695 introduced regressions preventing the
    use of gss_import_sec_context() with contexts established using SPNEGO;
    the fixes for those regressions are included here.

  [ libidn (1.15-2+deb6u2) squeeze-lts; urgency=high ]

  * Non-maintainer upload by the Squeeze LTS team
  * fix_utf8_error_handling. Issue introduced in fix for CVE-2015-2059

  [ libpng (1.2.44-1+squeeze6) squeeze-lts; urgency=high ]

  * Non-maintainer upload by the Squeeze LTS Team.
  * CVE-2015-8472
    update incomplete patch for CVE-2015-8126
  * CVE-2015-8540
    underflow read in png_check_keyword in pngwutil.c
  * CVE-2012-3425
    The png_push_read_zTXt function in pngpread.c in libpng 1.0.x
    before 1.0.58, 1.2.x before 1.2.48, 1.4.x before 1.4.10, and
    1.5.x before 1.5.10 allows remote attackers to cause a denial
    of service (out-of-bounds read) via a large avail_in field value
    in a PNG image.
    In contrast to the next changelog entry, the vulnerable code
    is present.

  [ libpng (1.2.44-1+squeeze5) squeeze-lts; urgency=high ]

  * Non-maintainer upload by the Squeeze LTS Team.
  * CVE-2015-7981
    Added a safety check in png_set_tIME() (Bug report from Qixue Xiao).
  * CVE-2015-8126
    Multiple buffer overflows in the (1) png_set_PLTE and
    (2) png_get_PLTE functions in libpng before 1.0.64, 1.1.x and 1.2.x
    before 1.2.54, 1.3.x and 1.4.x before 1.4.17, 1.5.x before 1.5.24,
    and 1.6.x before 1.6.19 allow remote attackers to cause a denial
    of service (application crash) or possibly have unspecified other
    impact via a small bit-depth value in an IHDR (aka image header)
    chunk in a PNG image.
  * CVE-2012-3425
    vulnerable code is not present here

  [ libsndfile (1.0.21-3+squeeze2) squeeze-lts; urgency=high ]

  * Non-maintainer upload by the Squeeze LTS Team.
  * debian/patches :
    - Add 102_sd2_buffer_read_overflow.diff (CVE-2014-9496, #774162).
    - Add 103_file_io_divide_by_zero.diff (CVE-2014-9756, #804447).
    - Add 104_fix_aiff_heap_overflow.diff (CVE-2015-7805, #804445).

  [ libxml2 (2.7.8.dfsg-2+squeeze16) squeeze-lts; urgency=high ]

  * Non-maintainer upload by the Squeeze LTS Team.
  * Patches taken from Wheezy, thanks to Salvatore Bonaccorso
  * Add Avoid-processing-entities-after-encoding-conversion-.patch patch.
    CVE-2015-7498: Heap-based buffer overflow in xmlParseXmlDecl.
  * Add CVE-2015-7497-Avoid-an-heap-buffer-overflow-in-xmlDi.patch patch.
    CVE-2015-7497: Heap-based buffer overflow in xmlDictComputeFastQKey.
  * Add CVE-2015-5312-Another-entity-expansion-issue.patch patch.
    CVE-2015-5312: CPU exhaustion when processing specially crafted XML
    input.
  * Add patches to address CVE-2015-7499.
    CVE-2015-7499: Heap-based buffer overflow in xmlGROW.
    Add a specific parser error (XML_ERR_USER_STOP), backported from
    e50ba8164eee06461c73cd8abb9b46aa0be81869 upstream (commit to address
    CVE-2013-2877, the "Try to stop parsing as quickly as possible" was not
    backported).
  * Add CVE-2015-7500-Fix-memory-access-error-due-to-incorre.patch patch.
    CVE-2015-7500: Heap buffer overflow in xmlParseMisc.

  [ libxml2 (2.7.8.dfsg-2+squeeze15) squeeze-lts; urgency=high ]

  * Non-maintainer upload by the Squeeze LTS Team.
  * fix off by one error for previous patch for CVE-2015-7942
    (thanks to Salvatore for spotting this)
  * Add patch for CVE-2015-8241 (#806384)
    Buffer overread with XML parser in xmlNextChar
  * Add patch for CVE-2015-8317_751631
    issues in the xmlParseXMLDecl function:
    If we fail conversing the current input stream while
    processing the encoding declaration of the XMLDecl
    then it's safer to just abort there and not try to
    report further errors.
  * Add patch for CVE-2015-8317_51603
    If the string is not properly terminated do not try to convert
    to the given encoding.

  [ libxml2 (2.7.8.dfsg-2+squeeze14) squeeze-lts; urgency=high ]

  * Non-maintainer upload by the Squeeze LTS Team.
  * rebuild for correct triggers file

  [ libxml2 (2.7.8.dfsg-2+squeeze13) squeeze-lts; urgency=high ]

  * Non-maintainer upload by the Squeeze LTS Team.
  * Add patch for CVE-2015-7942 (#802827)

  [ nspr (4.8.6-1+squeeze3) squeeze-lts; urgency=high ]

  * Non-maintainer upload by the Squeeze LTS team.
  * Fix CVE-2015-7183, MFSA-2015-133: heap-buffer overflow in
    PL_ARENA_ALLOCATE

  [ nss (3.12.8-1+squeeze13) squeeze-lts; urgency=medium ]

  * Non-maintainer upload by the Debian LTS Team.
  * Add CVE-2015-7182.patch:
    CVE-2015-7182: Heap-based buffer overflow in the ASN.1 decoder
  * Add CVE-2015-7181.patch:
  * CVE-2015-7181: The sec_asn1d_parse_leaf function improperly restricts
    access to an unspecified data structure
  * Add autopkgtest for certificate generation/signing and library linking
  * Add gbp.conf for LTS

  [ nss (3.12.8-1+squeeze12) squeeze-lts; urgency=medium ]

  * Non-maintainer upload by the Debian LTS Team.
  * Add CVE-2015-2730.patch:
    CVE-2015-2730: ECDSA signature validation fails to handle some
    signatures correctly.
  * Add CVE-2015-2721.patch:
    CVE-2015-2721: NSS incorrectly permits skipping of ServerKeyExchange.

  [ openldap (2.4.23-7.3+deb6u2) squeeze-lts; urgency=high ]

  * Import upstream patch to remove an unnecessary assert(0) that could be
    triggered remotely by an unauthenticated user by sending a malformed BER
    element. (ITS#8240) (CVE-2015-6908) (#798622)

  [ openssl (0.9.8o-4squeeze22) squeeze-lts; urgency=medium ]

  * Fix CVE-2015-3195

 -- Thijs Kinkhorst <thijs@debian.org>  Thu, 31 Dec 2015 14:02:28 +0100

ia32-libs (20150804) squeeze-lts; urgency=low

  * Packages updated

  [ cups (1.4.4-7+squeeze9) squeeze-lts; urgency=medium ]

  * Add the previous patch name into debian/patches/00list, it wasn't applied

  [ cups (1.4.4-7+squeeze8) squeeze-lts; urgency=medium ]

  * Import 1.4 upstream fix for CERT VU#810572: Privilege escalation through
    dynamic linker and isolated vulnerabilities: STR: #4609, VU#810572
    - CVE-2015-1158 - Improper Update of Reference Count
    - CVE-2015-1159 - Cross-Site Scripting

  [ curl (7.21.0-2.1+squeeze12) squeeze-lts; urgency=high ]

  * Non-maintainer upload by the Squeeze LTS Team.
  * Fix re-using authenticated connection when unauthenticated
    as per CVE-2015-3143
    http://curl.haxx.se/docs/adv_20150422A.html
  * Fix Negotiate not treated as connection-oriented as per CVE-2015-3148
    http://curl.haxx.se/docs/adv_20150422B.html

  [ expat (2.0.1-7+squeeze2) squeeze-lts; urgency=low ]

  * Non-maintainer upload by the Squeeze LTS Team.
  * debian/rules: deactivate unpatch, does not even work
                  in +squeeze1 anymore
  * CVE-2015-1283
    Multiple integer overflows in the XML_GetBuffer function in Expat
    through 2.1.0, as used in Google Chrome before 44.0.2403.89 and
    other products, allow remote attackers to cause a denial of service
    (heap-based buffer overflow) or possibly have unspecified other
    impact via crafted XML data, a related issue to CVE-2015-2716.

  [ libidn (1.15-2+deb6u1) squeeze-lts; urgency=high ]

  * Non-maintainer upload by the Squeeze LTS team
  * Change source format to 3.0 (quilt)
  * stringprep_utf8_to_ucs4 now rejects invalid UTF-8 (CVE-2015-2059)
  * Run gnulib and autoreconf to update generated files

  [ libsdl1.2 (1.2.14-6.1+build1) squeeze-lts; urgency=medium ]

  * Rebuild against libx11-dev fixed for CVE-2013-7439.

  [ libx11 (2:1.3.3-4+squeeze2) squeeze-lts; urgency=high ]

  * Non-maintainer upload from the Debian LTS team.
  * CVE-2013-7439: buffer overflow in the MakeBigReq macro

  [ libxext (2:1.1.2-1+squeeze1+build1) squeeze-lts; urgency=medium ]

  * Rebuild against libx11-dev fixed for CVE-2013-7439.

  [ libxfixes (1:4.0.5-1+squeeze1+build1) squeeze-lts; urgency=medium ]

  * Rebuild against libx11-dev fixed for CVE-2013-7439.

  [ libxi (2:1.3-8+build1) squeeze-lts; urgency=medium ]

  * Rebuild against libx11-dev fixed for CVE-2013-7439.

  [ libxml2 (2.7.8.dfsg-2+squeeze12) squeeze-lts; urgency=medium ]

  * Non-maintainer upload by the Debian LTS team.
  * debian/patches:
    + Fix CVE-2015-1819:  Enforce the reader to run in constant memory.
      (#782782).
    + Fix out-of-bounds memory access when parsing an unclosed HTML comment.
      (#782985).
    + Fix out-of-bound memory access during read operations. (#783010).
  * debian/rules:
    + Disable updating of config.sub and config.guess during
      override_dh_auto_clean to avoid .debdiff pollution.

  [ libxp (1:1.0.0.xsf1-2+squeeze1+build1) squeeze-lts; urgency=medium ]

  * Rebuild against libx11-dev fixed for CVE-2013-7439.

  [ libxrandr (2:1.3.0-3+squeeze1+build1) squeeze-lts; urgency=medium ]

  * Rebuild against libx11-dev fixed for CVE-2013-7439.

  [ libxrender (1:0.9.6-1+squeeze1+build1) squeeze-lts; urgency=medium ]

  * Rebuild against libx11-dev fixed for CVE-2013-7439.

  [ libxv (2:1.0.5-1+squeeze1+build1) squeeze-lts; urgency=medium ]

  * Rebuild against libx11-dev fixed for CVE-2013-7439.

  [ openldap (2.4.23-7.3+deb6u1) squeeze-lts; urgency=high ]

  * debian/slapd.init.ldif: Disallow modifying one's own entry by default,
    except specific attributes. (CVE-2014-9713) (#761406)
  * debian/slapd.{config,templates}: On upgrade, if an access rule begins with
    "to * by self write", show a debconf note warning that it should be
    changed.
  * debian/slapd.README.debian: Add information about how to remove "to * by
    self write" from existing ACLs.
  * debian/po/*: Add translations of debconf warning.
  * debian/patches/ITS7723-fix-reference-counting.patch: Import upstream patch
    to fix a crash in the rwm overlay when a search is immediately followed by
    an unbind. (ITS#7723) (CVE-2013-4449) (#729367)
  * debian/patches/ITS8027-deref-reject-empty-attr-list.patch: Import upstream
    patch to fix a crash when a search includes the Deref control with an
    empty attribute list. (ITS#8027) (CVE-2015-1545) (#776988)
  * debian/patches/ITS7143-fix-attr_dup2-when-attrsOnly.patch: Import upstream
    patch to fix a crash when doing an attrsOnly search of a database
    configured with both the rwm and translucent overlays. (ITS#7143)
    (CVE-2012-1164) (#663644)

  [ openssl (0.9.8o-4squeeze21) squeeze-lts; urgency=medium ]

  * Fix CVE-2015-1791
  * Fix CVE-2015-1792
  * Fix CVE-2015-1790
  * Fix CVE-2015-1789
  * Fix CVE-2014-8176
  * CVE-2015-4000: Have minimum of 768 bit for DH

  [ tiff (3.9.4-5+squeeze12) squeeze-lts; urgency=high ]

  * Non-maintainer upload by the Squeeze LTS team
  * Fixes for most of CVE-2014-8127 (out-of-bounds reads; bugs #2484, #2485,
    #2486)
  * Fixes for CVE-2014-8128 (out-of-bounds writes; bugs #2489, #2492, #2493,
    #2495, #2499, #2501)
  * Fix for CVE-2014-8129 (out-of-bounds read and write in NeXT 2-bit Grey
    Scale Compression Algorithm decoder; bugs #2487, #2488)
  * Fix for CVE-2014-9330 (out-of-bounds read in bmp2tiff; bug #2494)
    (#773987)
  * Fix for CVE-2014-9655 (out-of-bounds reads in NeXT 2-bit Grey
    Scale Compression Algorithm decoder and YCbCr-RGB converters)

 -- Thijs Kinkhorst <thijs@debian.org>  Tue, 04 Aug 2015 10:36:11 +0200

ia32-libs (20150413) squeeze-lts; urgency=low

  * Packages updated

  [ cups (1.4.4-7+squeeze7) squeeze-lts; urgency=medium ]

  * Backport upstream patches to fix:
    - Buffer overflow in cupsRasterReadPixels (STR #4551), fixes CVE-2014-2679

  [ e2fsprogs (1.41.12-4+deb6u2) squeeze-lts; urgency=high ]

  * Non-maintainer upload by the Debian LTS team.
  * Fix CVE-2015-1572: incomplete fix for CVE-2015-0247.
    (#778948)

  [ e2fsprogs (1.41.12-4+deb6u1) squeeze-lts; urgency=low ]

  * Non-maintainer upload by the Debian LTS team.
  * libext2fs: Fix buffer overflow if s_first_meta_bg is too big
    as reported in CVE-2015-0247.
    Refer to upstream commit:
    https://git.kernel.org/cgit/fs/ext2/e2fsprogs.git/commit/?id=f66e6ce4

  [ freetype (2.4.2-2.1+squeeze5) squeeze-lts; urgency=medium ]

  * Non-maintainer upload by the Squeeze LTS team
  * Fix recent applicable CVEs (#777656):
    - [sfnt] Fix Savannah bug #43680. CVE-2014-9656
    - [truetype] Fix Savannah bug #43679. CVE-2014-9657
    - [sfnt] Fix Savannah bug #43672. CVE-2014-9658
    - [bdf] Fix Savannah bug #43660. CVE-2014-9660
    - [type42] Allow only embedded TrueType fonts. CVE-2014-9661
    - [sfnt] Fix Savannah bug #43656. CVE-2014-9663
    - [type1, type42] Fix Savannah bug #43655. CVE-2014-9664
    - Change some fields in `FT_Bitmap' to unsigned type. CVE-2014-9665
    - Make `FT_Bitmap_Convert' correctly handle negative `pitch' values.
      CVE-2014-9665-fixup
    - Fix uninitialized variable warning. CVE-2014-9665-fixup-2
    - [sfnt] Fix Savannah bug #43591. CVE-2014-9666
    - [sfnt] Fix Savannah bug #43590. CVE-2014-9667
    - [sfnt] Fix Savannah bug #43588. CVE-2014-9669
    - Fix Savannah bug #43548. CVE-2014-9670
    - Fix Savannah bug #43547. CVE-2014-9671
    - Fix Savannah bug #43540. CVE-2014-9672
    - Fix Savannah bug #43539. CVE-2014-9673
    - src/base/ftobjs.c (Mac_Read_POST_Resource): Avoid memory leak by
      a broken POST table in resource-fork. CVE-2014-9673-fixup
    - Fix Savannah bug #43538. CVE-2014-9674-part-1
    - src/base/ftobj.c (Mac_Read_POST_Resource): Additional overflow check
      in the summation of POST fragment lengths. CVE-2014-9674-part-2
    - src/base/ftobjs.c (Mac_Read_POST_Resource): Use unsigned long variables
      to read the lengths in POST fragments. CVE-2014-9674-fixup-1
    - src/base/ftobjs.c (Mac_Read_POST_Resource): Insert comments and fold
      too long tracing messages. CVS-2014-9674-fixup-2
    - Fix Savannah bug #43535. CVE-2014-9675
    - [bdf] Fix Savannah bug #41692. CVE-2014-9675-fixup-1

  [ gnutls26 (2.8.6-1+squeeze5) squeeze-lts; urgency=high ]

  * Non-maintainer upload by the Debian LTS Team.
  * Includes multiple security fixes:
    - CVE-2014-8155: missing date/time checks on CA certificates
    - CVE-2015-0282: GnuTLS does not verify the RSA PKCS #1 signature
      algorithm to match the signature algorithm in the certificate, leading to
      a potential downgrade to a disallowed algorithm without detecting it.
      (Backported patch prepared by the Red Hat security team.)
    - CVE-2015-0294: GnuTLS does not check whether the two signature
      algorithms match on certificate import.

  [ krb5 (1.8.3+dfsg-4squeeze9) squeeze-lts; urgency=high ]

  * Non-maintainer upload by the Squeeze LTS Team.
  * MITKRB5-SA-2015-001
    - CVE-2014-5352: gss_process_context_token() incorrectly frees context
    - CVE-2014-9421: kadmind doubly frees partial deserialization results
    - CVE-2014-9422: kadmind incorrectly validates server principal name
    - CVE-2014-9423: libgssrpc server applications leak uninitialized bytes

  [ libgcrypt11 (1.4.5-2+squeeze3) squeeze-lts; urgency=high ]

  * Non-maintainer upload by the Squeeze LTS Team.
  * Use ciphertext blinding for Elgamal decryption to counteract a
    side-channel attack as per CVE-2014-3591
  * Fix data-dependent timing variations in the modular exponentiation
    function that could be used to mount a side-channel attack as per
    CVE-2015-0837

  [ libssh2 (1.2.6-1+deb6u1) squeeze-lts; urgency=high ]

  * Non-maintainer upload by the Squeeze LTS Team.
  * Add CVE-2015-1782.patch.
    CVE-2015-1782: Using SSH_MSG_KEXINIT data unbounded.

  [ libtasn1-3 (2.7-1+squeeze+3) squeeze-lts; urgency=low ]

  * Non-maintainer upload by the Squeeze LTS Team.
  * Add CVE-2015-2806.patch patch.
    CVE-2015-2806: stack overflow in asn1_der_decoding.

  [ libxml2 (2.7.8.dfsg-2+squeeze11) squeeze-lts; urgency=high ]

  * Non-maintainer upload by the Squeeze LTS Team.
  * Do not fetch external parsed entities unless asked to do so. This
    supplements the patch for CVE-2014-0191
  * Fix regression introducedd by the patch fixing CVE-2014-3660
    (#768089)

  [ nss (3.12.8-1+squeeze11) squeeze-lts; urgency=medium ]

  * Non-maintainer upload by the Debian LTS team.
  * Fix CVE-2011-3389 by backporting the upstream patch:
    https://hg.mozilla.org/projects/nss/rev/7f7446fcc7ab
  * Fix CVE-2014-1569 by backporting the upstream patch:
    https://hg.mozilla.org/projects/nss/rev/a163e09dc4d5
    #773625

  [ openssl (0.9.8o-4squeeze20) squeeze-lts; urgency=medium ]

  * Fix CVE-2015-0286
  * Fix CVE-2015-0287
  * Fix CVE-2015-0289
  * Fix CVE-2015-0292
  * Fix CVE-2015-0293
  * Fix CVE-2015-0209
  * Fix CVE-2015-0288
  * Remove export ciphers from DEFAULT.

 -- Thijs Kinkhorst <thijs@debian.org>  Mon, 13 Apr 2015 11:39:57 +0200

ia32-libs (20150116) squeeze-lts; urgency=low

  * Packages updated

  [ curl (7.21.0-2.1+squeeze11) squeeze-lts; urgency=high ]

  * Non-maintainer upload.
  * Fix URL request injection as in CVE-2014-8150
    http://curl.haxx.se/docs/adv_20150108B.html

  [ curl (7.21.0-2.1+squeeze10) squeeze-lts; urgency=high ]

  * Non-maintainer upload by the Squeeze LTS Team.
  * Fix duphandle read out of bounds as per CVE-2014-3707
    http://curl.haxx.se/docs/adv_20141105.html

  [ curl (7.21.0-2.1+squeeze9) squeeze-lts; urgency=high ]

  * Non-maintainer upload by the Squeeze LTS Team.
  * Fix security issue:
    - Only use full host matches for hosts used as IP address
      as per CVE-2014-3613
  * This patch is applied to Wheezy but not really needed, so it is omitted
    here (needed for version > 7.38)
    - Reject incoming cookies set for TLDs as per CVE-2014-3620

  [ dbus (1.2.24-4+squeeze3) squeeze-lts; urgency=medium ]

  * Security upload by the Debian LTS team.
  * CVE-2014-3477: Backport patch from upstream to fix a denial of service
    (failure to obtain bus name) in newly-activated system services that not
    all users are allowed to access.
  * CVE-2014-3638: Backport patch from upstream to reduce maximum number of
    pending replies per connection to avoid algorithmic complexity DoS.
  * CVE-2014-3639: Backport patch from upstream to not accept() new
    connections when all unauthenticated connection slots are in use,
    so that malicious processes cannot prevent new connections to the
    system bus. Note that the patch that reduced the authentication delay
    to 5s has not been applied due to known regressions:
    https://bugs.freedesktop.org/show_bug.cgi?id=86431

  [ flac (1.2.1-2+deb6u1) squeeze-lts; urgency=high ]

  * Non-maintainer upload by the Squeeze LTS Team.
  * Fix CVE-2014-8962: heap-based buffer overflow in stream_decoder.c,
    allowing remote attackers to execute arbitrary code via a specially
    crafted .flac file.
  * Fix CVE-2014-9028: stack-based buffer overflow in stream_decoder.c,
    allowing remote attackers to execute arbitrary code via a specially
    crafted .flac file.

  [ libgcrypt11 (1.4.5-2+squeeze2) squeeze-lts; urgency=medium ]

  * Non-maintainer upload by the Debian LTS team.
  * Add 37_Replace-deliberate-division-by-zero-with-_gcry_divid.patch patch.
    Replace deliberate division by zero with _gcry_divide_by_zero.
  * Add 38_CVE-2014-5270.patch patch.
    CVE-2014-5270: side-channel attack on Elgamal encryption subkeys.
    Cryptanalysis attack as described by Genkin, Pipman and Tromer. See
    <http://www.cs.tau.ac.il/~tromer/handsoff/>
  * Both patches have been backported from the 1.5.0-5+deb7u2 wheezy
    security update.

  [ libtasn1-3 (2.7-1+squeeze+2) squeeze-lts; urgency=low ]

  * CVE-2014-3467 (the DECR_LEN changes were omitted, since too intrusive
                to backport for little impact)
  * CVE-2014-3468
  * CVE-2014-3469

  [ libxml2 (2.7.8.dfsg-2+squeeze10) squeeze-lts; urgency=high ]

  * Non-maintainer upload by the Squeeze LTS Team.
  * Fix wrongly applied patch for CVE-2014-0191 (#762864)
  * Add patch for CVE-2014-3660 (#765722)

  [ nss (3.12.8-1+squeeze10) squeeze-lts; urgency=low ]

  * Non-maintainer upload by the Squeeze LTS Team.
  * Fix CVE-2014-1544: improper removal of an NSSCertificate structure
    from a trust domain.

  [ nss (3.12.8-1+squeeze9) squeeze-lts; urgency=low ]

  * Non-maintainer upload by the Squeeze LTS Team.
  * Fix CVE-2014-1568: RSA signature verification bypass.

  [ openssl (0.9.8o-4squeeze19) squeeze-lts; urgency=medium ]

  * Fix CVE-2014-8275
  * Fix CVE-2014-3572
  * Fix CVE-2015-0204
  * Fix CVE-2014-3570
  * Fix CVE-2014-3571
  * Fix typo related to CVE-2015-0205

  [ openssl (0.9.8o-4squeeze18) squeeze-lts; urgency=medium ]

  * Fix CVE-2014-3567
  * Fix CVE-2014-3568
  * Add Fallback SCSV support to mitigate CVE-2014-3566
  * Fix CVE-2014-3569

 -- Thijs Kinkhorst <thijs@debian.org>  Fri, 16 Jan 2015 20:46:29 +0100

ia32-libs (20140911) squeeze-lts; urgency=low

  * Packages updated

  [ cups (1.4.4-7+squeeze6) squeeze-lts; urgency=medium ]

  * Backport upstream patches to fix:
    - insufficient checking when allowing files download from the webinterface
      (STR #4455), fixes CVE-2014-5029, CVE-2014-5030 and CVE-2014-5031
    - privilege escalation through the CUPS webinterface (STR #4450), fixes
      CVE-2014-3537.

  [ cups (1.4.4-7+squeeze5) oldstable; urgency=low ]

  * Import upstream patch to fix XSS in the CUPS webinterface (STR #4356),
    fixes CVE-2014-2856

  [ gnutls26 (2.8.6-1+squeeze4) squeeze-lts; urgency=medium ]

  * Fix CVE-2014-3466

  [ krb5 (1.8.3+dfsg-4squeeze8) squeeze-lts; urgency=medium ]

  * Non-maintainer upload by the Squeeze LTS Team.
  * Apply upstream patches for several issues:
    - CVE-2014-4341: denial of service due to improper GSSAPI message
      validation, Bug: #753624
    - CVE-2014-4342: denial of service due to improper GSSAPI message
      validation, Bug: #753625
    - CVE-2014-4343: double-free in SPNEGO initiator during renegotiation,
      #755520
    - CVE-2014-4344: NULL dereference in SPNEGO acceptor, Bug: #755521
    - CVE-2014-4345 [MITKRB5-SA-2014-001]: buffer overrun in kadmind with
      LDAP backend, Bug: #757416
  * put patches into debian/patches (0026-* .. 0029-*)

  [ libxml2 (2.7.8.dfsg-2+squeeze9) squeeze-lts; urgency=high ]

  * libxml2 could be made to consume resources if it processed
    a specially crafted file.
    (CVE-2014-0191)
    patch for parser.c copied from debian/patches/cve-2014-0191.patch
    for Wheezy

  [ lzo2 (2.03-2+deb6u1) squeeze-lts; urgency=medium ]

  * Non-maintainer upload by the Squeeze LTS Team.
  * Add CVE-2014-4607.patch from DSA-2995-1.
    CVE-2014-4607: lzo1x_decompress_safe() integer overflow allowing denial
    of service or code execution. (#752861)

  [ nspr (4.8.6-1+squeeze2) squeeze-lts; urgency=high ]

  * CVE-2014-1545

  [ nss (3.12.8-1+squeeze8) squeeze-lts; urgency=high ]

  * Non-maintainer upload by the Security Team.
  * Fix CVE-2014-1492: Incorrect IDNA domain name matching for wildcard
    certificates.
  * Fix CVE-2014-1491: Do not allow p-1 as a public DH value.
  * Fix CVE-2013-5606: Properly return a certificate validation error when
    using the verifylog mode.
  * Fix CVE-2013-1741: Runaway memset in certificate parsing on 64-bit
    computers leading to a crash by attempting to write 4Gb of nulls.

  [ openssl (0.9.8o-4squeeze17) squeeze-lts; urgency=medium ]

  * Fix for CVE-2014-3510
  * Fix for CVE-2014-3507
  * Fix for CVE-2014-3506
  * Fix for CVE-2014-3505
  * Fix for CVE-2014-3508

  [ openssl (0.9.8o-4squeeze16) squeeze-lts; urgency=medium ]

  * Update CVE-2014-0224 patch: Accept CCS after sending finished.
    (#751093)
  * Fix CVE-2012-4929 (CRiME) by disabling zlib compression by default.
    It can be enabled again by setting the environment variable
    OPENSSL_NO_DEFAULT_ZLIB.  (#728055)

  [ openssl (0.9.8o-4squeeze15) squeeze-lts; urgency=medium ]

  * Fix CVE-2014-0076.patch
  * Fix CVE-2014-0195.patch
  * Fix CVE-2014-0221.patch
  * Fix CVE-2014-3470.patch
  * Fix CVE-2014-0224.patch

  [ tiff (3.9.4-5+squeeze11) squeeze-lts; urgency=high ]

  * Fix for CVE-2013-4243 (validation for gif2tiff) from Red Hat.
    DSA-2965-1
    #742917

 -- Thijs Kinkhorst <thijs@debian.org>  Thu, 11 Sep 2014 21:16:18 +0200

ia32-libs (20140630) squeeze-proposed-updates; urgency=low

  * Packages updated

  [ cups (1.4.4-7+squeeze4) oldstable-security; urgency=high ]

  * Backport security fix from cups-filters 1.0.47:
    pdftoopvp: SECURITY FIX for CVE-2013-6474, CVE-2013-6475, and
    CVE-2013-6476: Introduction of gmallocn and gmallocn3 to protect against
    arbitrary code execution with the privileges of the "lp" user via
    malicious PDF files. Also restrict the directory from where OPVP drivers
    can get loaded (#741333)

  [ curl (7.21.0-2.1+squeeze8) squeeze-security; urgency=medium ]

  * Fix multiple security issues (#742728):
    - Fix connection re-use when using different log-in credentials
      as per CVE-2014-0138
      http://curl.haxx.se/docs/adv_20140326A.html
    - Reject IP address wildcard matches as per CVE-2014-0139
      http://curl.haxx.se/docs/adv_20140326B.html
  * Set urgency=high accordingly

  [ gnutls26 (2.8.6-1+squeeze3) oldstable-security; urgency=high ]

  * 22_gnutls-2.8.5-cve-2014-0092.patch by Nikos Mavrogiannopoulos: Fix
    certificate validation issue. CVE-2014-0092

 -- Thijs Kinkhorst <thijs@debian.org>  Mon, 30 Jun 2014 13:45:39 +0200

ia32-libs (20140131) squeeze-proposed-updates; urgency=low

  * Packages updated

  [ curl (7.21.0-2.1+squeeze7) squeeze-security; urgency=high ]

  * Fix re-use of wrong HTTP NTLM connection as per CVE-2014-0015
    http://curl.haxx.se/docs/adv_20140129.html
  * Set urgency=high accordingly

  [ curl (7.21.0-2.1+squeeze6) oldstable-security; urgency=low ]

  * Disable host verification too when using the --insecure option
    (#729965)

  [ curl (7.21.0-2.1+squeeze5) oldstable-security; urgency=high ]

  * Fix OpenSSL checking of a certificate CN or SAN name field when the
    digital signature verification is turned off as per CVE-2013-4545
    http://curl.haxx.se/docs/adv_20131115.html
  * Set urgency=high accordingly

  [ libxml2 (2.7.8.dfsg-2+squeeze8) oldstable-security; urgency=high ]

  * Non-maintainer upload by the Security Team.
  * Fix cve-2013-2877: out-of-bounds read when handling documents that end
    abruptly.

  [ nspr (4.8.6-1+squeeze1) squeeze-security; urgency=high ]

  * Non-maintainer upload by the Security Team.
  * Fix CVE-2013-5607: integer overflow on 64 bit systems

  [ nss (3.12.8-1+squeeze7) squeeze-security; urgency=high ]

  * Non-maintainer upload by the Security Team.
  * Add CVE-2013-5605.patch.
    CVE-2013-5605: Null_Cipher() does not respect maxOutputLen; allowing
    remote attackers to cause a denial of service or possibly have
    unspecified other impact via invalid handshake packets.

 -- Thijs Kinkhorst <thijs@debian.org>  Fri, 31 Jan 2014 09:19:46 +0100

ia32-libs (20131011) squeeze-proposed-updates; urgency=low

  * Packages updated

  [ nas (1.9.2-4squeeze1) oldstable-security; urgency=high ]

  * Fixes for various long-standing security issues found by Hamid
    Zamani <me@hamidx9.ir>. #720287
    + Validate the port offset of nasd to fix a potential buffer overflow
      (CVE-2013-4256)
    + Use better string functions to guard against heap overflows
      (CVE-2013-4257)
    + Sanity-check the TCP_DEVICE environment variable for safety.
  * Fix string handling in aulog.c:osLogMsg() to fix missing format string
    in call to syslog() (CVE-2013-4258).

 -- Thijs Kinkhorst <thijs@debian.org>  Fri, 11 Oct 2013 09:40:55 +0200

ia32-libs (20130924) squeeze-proposed-updates; urgency=low

  * Packages updated

  [ cups (1.4.4-7+squeeze3) stable; urgency=low ]

  [ Didier Raboud ]
  * Ship cups-files.conf's manpage in cups (#697543)
    - Update the configuration files split patch to also build the
      manpage;
    - Install the english manpage.
  * Generate translated cups-files.conf's manpage in the po4a
    infrastructure.
  * Minimally update French manpage translation

  [ Helge Kreutzmann ]
  * Update German manpage translation. (#697860)

  [ curl (7.21.0-2.1+squeeze4) oldstable-security; urgency=high ]

  * Fix URL decode buffer boundary flaw as per CVE-2013-2174
    http://curl.haxx.se/docs/adv_20130622.html
  * Set urgency=high accordingly

  [ curl (7.21.0-2.1+squeeze3) squeeze-security; urgency=high ]

  * Non-maintainer upload

  [ Alessandro Ghedini ]
  * Fix cookie domain tailmatch as per CVE-2013-1944
    http://curl.haxx.se/docs/adv_20130412.html
  * Set urgency=high accordingly

  [ Salvatore Bonaccorso ]
  * Add testcase for CVE-2013-1944

  [ dbus (1.2.24-4+squeeze2) stable; urgency=low ]

  * CVE-2012-3524: apply patches from upstream 1.6.6 to avoid arbitrary
    code execution in setuid/setgid binaries that incorrectly use libdbus
    without first sanitizing the environment variables inherited from
    their less-privileged caller (#689070).
    - As per upstream 1.6.8, do not check filesystem capabilities for now,
      only setuid/setgid, fixing regressions in certain configurations of
      gnome-keyring

  [ krb5 (1.8.3+dfsg-4squeeze7) oldstable-security; urgency=medium ]

  * Fix "cve-2002-2443: kpasswd udp ping-pong"  (#708267)

  [ libgcrypt11 (1.4.5-2+squeeze1) squeeze-security; urgency=high ]

  * Pull and unfuzzz code changes from 1.5.3 security fix release from
    upstream GIT:
    + [35_bug-in-mpi_powm-for-e-0.patch] mpi/mpi-pow.c (gcry_mpi_powm) - For
      a zero exponent, make sure that the result has been allocated.
    + [36_Mitigate-flush-reload-cache-attack-on-RSA.patch] Mitigate a
      flush+reload cache attack on RSA secret exponents.
      <http://eprint.iacr.org/2013/448>
    This fixes CVE-2013-4242.

  [ libx11 (2:1.3.3-4+squeeze1) squeeze-security; urgency=high ]

  * CVE-2013-1981: integer overflows calculating memory needs for replies
  * CVE-2013-1997: buffer overflows due to not validating length or offset
    values in replies
  * CVE-2013-2004: unbounded recursion parsing user-specified files
    (#145048)

  [ libxcb (1.6-1+squeeze1) oldstable-security; urgency=low ]

  * CVE-2013-2064

  [ libxcursor (1:1.1.10-2+squeeze1) oldstable-security; urgency=low ]

  * CVE-2013-2003

  [ libxext (2:1.1.2-1+squeeze1) oldstable-security; urgency=low ]

  * CVE-2013-1982

  [ libxfixes (1:4.0.5-1+squeeze1) oldstable-security; urgency=low ]

  * CVE-2013-1983

  [ libxi (2:1.3-8) oldstable-security; urgency=low ]

  * CVE-2013-1984 CVE-2013-1995 CVE-2013-1998

  [ libxinerama (2:1.1-3+squeeze1) oldstable-security; urgency=low ]

  * CVE-2013-1985

  [ libxml2 (2.7.8.dfsg-2+squeeze7) stable-security; urgency=high ]

  * Non-maintainer upload by the Security Team.
  * Fix cve-2013-0338 and cve-2013-0339: large memory consuption issues when
    performing string substition during entity expansion (#702260).

  [ libxp (1:1.0.0.xsf1-2+squeeze1) oldstable-security; urgency=low ]

  * CVE-2013-2062

  [ libxrandr (2:1.3.0-3+squeeze1) oldstable-security; urgency=low ]

  * CVE-2013-1986

  [ libxrender (1:0.9.6-1+squeeze1) oldstable-security; urgency=low ]

  * CVE-2013-1987

  [ libxslt (1.1.26-6+squeeze3) stable-security; urgency=high ]

  * Non-maintainer upload by the Security Team.
  * Add patches to fix denial of service vulnerability (CVE-2012-6139)
    (#703933)

  [ libxt (1:1.0.7-1+squeeze1) oldstable-security; urgency=low ]

  * CVE-2013-2002 CVE-2013-2005

  [ libxtst (2:1.1.0-3+squeeze1) oldstable-security; urgency=low ]

  * CVE-2013-2063

  [ libxv (2:1.0.5-1+squeeze1) oldstable-security; urgency=low ]

  * CVE-2013-1989 CVE-2013-2066

  [ libxxf86vm (1:1.1.0-2+squeeze1) squeeze-security; urgency=high ]

  * When Xcalloc() returns NULL, you don't need to Xfree() it
  * Improve error handling in XF86VidModeGetMonitor()
  * Unlock display before returning alloc error in XF86VidModeGetModeLine(),
    XF86VidModeGetAllModeLines(), XF86VidModeGetDotClocks()
  * memory corruption in XF86VidModeGetGammaRamp() [CVE-2013-2001]
  * avoid integer overflow in XF86VidModeGetModeLine

  [ mesa (7.7.1-6) oldstable-security; urgency=low ]

  * CVE-2013-1993

  [ openldap (2.4.23-7.3) stable; urgency=low ]

  * Non-maintainer upload targeted at stable
  * Dump the database in prerm if we're upgrading. #665199

  [ tiff (3.9.4-5+squeeze10) oldstable-security; urgency=high ]

  * Incorporated fixes to security issues CVE-2013-4231, CVE-2013-4232.
    (#719303)
  * Incorporated fix to CVE-2013-4244.

  [ tiff (3.9.4-5+squeeze9) oldstable-security; urgency=high ]

  * Non-maintainer upload by the Security Team.
  * Fix cve-2013-1960: heap-based buffer overlow in tiff2pdf
    (#706675).
  * Fix cve-2013-1961: stack-based buffer overflow in tiff2pdf
    (#706674).

 -- Thijs Kinkhorst <thijs@debian.org>  Tue, 24 Sep 2013 08:15:54 +0200

ia32-libs (20130215) stable; urgency=low

  * Packages updated

  [ cups (1.4.4-7+squeeze2) stable-security; urgency=high ]

  * Backport upstream configuration files split:
    - Add split-configuration-files-STR4223.dpatch
    - Install the new cups-files.conf
    Fixes: CVE-2012-5519 (#692791)
  * Make cupsd.conf a non-conffile, as it is managed by cups itself.
    - On new installs, set it up from cupsd.conf.default.
    - On upgrades, move it away in preinst and move it back in postinst.
    - On aborted upgrades, move the file back in place.
    - On purge, delete it too.
  * Document changes in cups.NEWS.

  [ libexif (0.6.19-1+squeeze1) stable-security; urgency=high ]

  * Non-maintainer upload by the Security Team.
  * Cherry pick changes for CVE-2012-2814, CVE-2012-2840, CVE-2012-2813,
    CVE-2012-2812, CVE-2012-2841, CVE-2012-2836, CVE-2012-2837.
    (backport patches for fix-CVE-2012-2814, fix-CVE-2012-2836,
     fix-CVE-2012-2837)

  [ libxml2 (2.7.8.dfsg-2+squeeze6) stable-security; urgency=high ]

  [ Daniel Veillard ]
  * Fix potential out of bound access
    CVE-2012-5134, #694521.

  [ libxslt (1.1.26-6+squeeze2) stable-security; urgency=high ]

  * Patch to fix three CVEs (#689422):
    - CVE-2012-2870 by Daniel Veillard and Chris Evans
    - CVE-2012-2871 by Daniel Veillard
    - CVE-2012-2893 by Chris Evans

  [ libxslt (1.1.26-6+squeeze1) stable; urgency=low ]

  [ Daniel Veillard ]
  * Fix generate-id() to not expose object addresses
    CVE-2011-1202, #617413.

  [ Abhishek Arya ]
  * Fix some case of pattern parsing errors
    CVE-2011-3970, #660650.

  [ Chris Evans ]
  * [PATCH] Fix crash with unexpected DTD nodes in XSLT.
    CVE-2012-2825, #679283.

  [ nss (3.12.8-1+squeeze6) stable-security; urgency=low ]

  * Explicitly distrust two intermediate CA certificates mis-issued by
    TURKTRUST.

  [ openssl (0.9.8o-4squeeze14) squeeze-security; urgency=low ]

  * Fix CVE-2013-0166 and CVE-2013-0169

  [ tiff (3.9.4-5+squeeze8) stable-security; urgency=high ]

  * Add fix for CVE-2012-5581, reimplementing DOTRANGE handling to make it
    safer.  Thanks to Red Hat security team for backporting the fix.

  [ tiff (3.9.4-5+squeeze7) stable-security; urgency=high ]

  * Add fix for CVE-2012-4564, a heap-buffer overflow.  Thanks Adrian La
    Duca for doing all the work to prepare this upload.  (#692345)

  [ tiff (3.9.4-5+squeeze6) stable-security; urgency=high ]

  * Add fix for CVE-2012-4447, a buffer overrun.  (#688944)
  * CVE-2012-2088 was actually included in previous version but not listed
    in the change log.

  [ tiff (3.9.4-5+squeeze5) stable-security; urgency=high ]

  * Added several additional security patches taken from the Ubuntu Natty
    (11.04) tiff package.  (#678140)

    CVE-2010-2482
    CVE-2010-2595
    CVE-2010-2597
    CVE-2010-2630
    CVE-2010-4665
    CVE-2012-2113
    CVE-2012-3401

 -- Thijs Kinkhorst <thijs@debian.org>  Fri, 15 Feb 2013 14:26:26 +0100

ia32-libs (20120926) stable; urgency=low

  * Packages updated

  [ curl (7.21.0-2.1+squeeze2) stable-security; urgency=low ]

  * Non-maintainer upload
  * Add --ssl-allow-beast and CURLOPT_SSL_OPTIONS (#658276)

  [ curl (7.21.0-2.1+squeeze1) stable-security; urgency=high ]

  * Non-maintainer upload
  * Fix URL sanitization vulnerability as per CVE-2012-0036
    http://curl.haxx.se/docs/adv_20120124.html
  * Fix SSL CBC IV vulnerability as per CVE-2011-3389
    http://curl.haxx.se/docs/adv_20120124B.html
  * Set urgency=high accordingly

  [ expat (2.0.1-7+squeeze1) stable-security; urgency=low ]

  * CVE-2012-0876 CVE-2012-1148

  [ freetype (2.4.2-2.1+squeeze4) stable-security; urgency=low ]

  * CVE-2012-11[33|34|36|42|44]

  [ gnutls26 (2.8.6-1+squeeze2) stable-security; urgency=high ]

  * Apply patch to fix crashes in record parsing (CVE-2012-1573)

  [ gnutls26 (2.8.6-1+squeeze1) stable; urgency=low ]

  * Pull fixes for buffer overflow in gnutls_session_get_data() from upstream
    git. (CVE-2011-4128: GNUTLS-SA-2011-2) #648441
    20_CVE-2011-4128.part1.diff 20_CVE-2011-4128.part2.diff

  [ krb5 (1.8.3+dfsg-4squeeze6) stable-security; urgency=high ]

  * MITKRB5-SA-2012-001 CVE-2012-1015: KDC frees uninitialized pointer

  [ krb5 (1.8.3+dfsg-4squeeze5) squeeze-security; urgency=high ]

  *     CVE-2011-1529: null pointer dereference in KDC LDAP back end,
    #629558
  *     CVE-2011-1528: assertion failure in multiple KDC back ends
    regarding account lockout

  [ libpng (1.2.44-1+squeeze4) stable-security; urgency=low ]

  * CVE-2011-3048

  [ libpng (1.2.44-1+squeeze3) stable-security; urgency=high ]

  * CVE-2011-3045

  [ libpng (1.2.44-1+squeeze2) stable-security; urgency=high ]

  * Fix integer overflow (chromium #112822)

  [ libtasn1-3 (2.7-1+squeeze+1) stable-security; urgency=low ]

  * ASN.1 length decoding vulnerability. CVE-2012-1569.

  [ libvorbis (1.3.1-1+squeeze1) stable-security; urgency=low ]

  * CVE-2012-0444

  [ libxi (2:1.3-7) squeeze; urgency=low ]

  * Cherry-pick patches from upstream:
    - Fix passive grabs
    - Fill in mods/group->effective in XIQueryPointer
    - Handle unknown device classes (#661021, #660411)

  [ libxml2 (2.7.8.dfsg-2+squeeze5) stable-security; urgency=low ]

  [ Daniel Veillard ]
  * Fix parser local buffers size problems
  * Fix entities local buffers size problems
  CVE-2012-2807, #679280.

  [ libxml2 (2.7.8.dfsg-2+squeeze4) stable-security; urgency=high ]

  * CVE-2011-3102

  [ libxml2 (2.7.8.dfsg-2+squeeze3) stable-security; urgency=high ]

  * Non-maintainer upload by the Security Team.
  * Apply upstream patch to add randomization to hashing with large
    dictionaries to mitigate hash DoS (CVE-2012-0841; #660846).

  [ libxml2 (2.7.8.dfsg-2+squeeze2) stable-security; urgency=high ]

  * Security update.
  * parser.c: Fix an allocation error when copying entities.
    CVE-2011-3919. #656377.
  * parser.c: Make sure parser returns when getting a Stop order.
    CVE-2011-3905.
  * encoding.c: Fix off by one error. CVE-2011-0216. 652352.
  * xpath.c: Fix for undefined namespaces. CVE-2011-2834.
  * xpath.c, xpointer.c, include/libxml/xpath.h:
    Hardening of XPath evaluation. CVE-2011-2821. 643648.

  [ nss (3.12.8-1+squeeze5) stable-security; urgency=low ]

  * Address CVE-2012-0441 (Insufficient length checking in QuickDER decoder)
  * debian/rules: Work around NSS not building on Linux 3.x kernels.

  [ openssl (0.9.8o-4squeeze13) squeeze-security; urgency=high ]

  * Non-maintainer upload by the Security Team.
  * Fix CVE-2012-2333: DoS via explicit IV in DTLS

  [ openssl (0.9.8o-4squeeze12) squeeze-security; urgency=high ]

  * Non-maintainer upload by the Security Team.
  * Fix CVE-2012-2131: incomplete fix of CVE-2012-2110

  [ openssl (0.9.8o-4squeeze11) squeeze-security; urgency=low ]

  * Really apply CVE-2012-2110

  [ openssl (0.9.8o-4squeeze10) squeeze-security; urgency=low ]

  * Fix CVE-2012-2110
  * update CVE-2012-0884 patch to include detecting symmetric crypto errors
    in PKCS7_decrypt

  [ openssl (0.9.8o-4squeeze9) squeeze-security; urgency=low ]

  * Fix CVE-2012-1165

  [ openssl (0.9.8o-4squeeze8) squeeze-security; urgency=low ]

  * Fix CVE-2012-0884
  * Updated patch for CVE-2011-4619

  [ openssl (0.9.8o-4squeeze7) squeeze-security; urgency=low ]

  * Re-upload with new version number.

  [ openssl (0.9.8o-4squeeze6) squeeze-security; urgency=low ]

  * Fix CVE-2012-0050

  [ openssl (0.9.8o-4squeeze5) squeeze-security; urgency=low ]

  * Fix CVE-2011-4108, CVE-2011-4109, CVE-2011-4576, CVE-2011-4619
    and CVE-2011-4577
  * Send alert instead of assertion failure for incorrectly formatted DTLS
    fragments.  (#645805)

  [ tiff (3.9.4-5+squeeze4) stable-security; urgency=high ]

  * CVE-2012-1173

 -- Thijs Kinkhorst <thijs@debian.org>  Wed, 26 Sep 2012 11:30:57 +0200

ia32-libs (20120102) stable; urgency=low

  * Packages updated

  [ cups (1.4.4-7+squeeze1) stable-security; urgency=high ]

  * Non-maintainer upload by the Security Team.
  * debian/patches:
    - str3867 added, fix an infinite loop / heap-based buffer overflow in the
      gif_read_lzw() function (CVE-2011-2896)
    - str3914 added, complete the fix for the previous issue (CVE-2011-3170).

  [ freetype (2.4.2-2.1+squeeze3) stable-security; urgency=low ]

  * Non-maintainer upload by the Security Team.
  * Upload prepared by Michael Gilbert!
  * Fix CVE-2011-3439: vulnerability in CID-keyed Type 1 fonts.

  [ freetype (2.4.2-2.1+squeeze2) stable-security; urgency=low ]

  * Non-maintainer upload by the Security Team
  * CVE-2011-3256

  [ krb5 (1.8.3+dfsg-4squeeze2) stable; urgency=low ]

  * Upstream ticket 6852: permit gss_set_allowable_enctypes to restirct
    acceptor enctypes. Required in order to permit newer than squeeze
    clients to talk to a squeeze nfs server without degrading security
    for non-nfs applications on the box, #622146

  [ mesa (7.7.1-5) squeeze; urgency=low ]

  * glx: suppress BadRequest from DRI2Connect (which is expected for non-local
    clients).

  [ nss (3.12.8-1+squeeze4) stable-security; urgency=low ]

  * Explicitly distrust malaysian Digicert Sdn. Bhd CA certificate.
  * Address CVE-2011-3640 (Untrusted search path vulnerability).
    #647614.

  [ openssl (0.9.8o-4squeeze4) squeeze-security; urgency=high ]

  * Non-maintainer upload by the Security Team.
  * Block Malaysian's Digicert Sdn. Bhd. certificates by marking them
    as revoked.

  [ openssl (0.9.8o-4squeeze3) squeeze; urgency=low ]

  * Non-maintainer upload by the Security Team.
  * Fix CVE-2011-3210: SSL memory handling for (EC)DH ciphersuites

  [ pam (1.1.1-6.1+squeeze1) stable-security; urgency=low ]

  * Non-maintainer upload by the Security Team
  * Fix CVE-2011-3148 and CVE-2011-3149

 -- Thijs Kinkhorst <thijs@debian.org>  Mon, 02 Jan 2012 20:24:00 +0000

ia32-libs (20111001) stable; urgency=low

  * Packages updated

  [ curl (7.21.0-2) stable-security; urgency=high ]

  * debian/patches/curl-gssapi-delegation: Fix for GSSAPI delegation
    vulnerability as detailed in CVE-2011-2192. More information and
    the patch at <http://curl.haxx.se/docs/adv_20110623.html>.
    (#631615)

  [ dbus (1.2.24-4+squeeze1) stable; urgency=low ]

  * Update Vcs-* control fields to reflect the move to git
  * Apply patch to fix CVE-2011-2200 (fd.o #38120), which is a local DoS for
    system services (#629938)

  [ e2fsprogs (1.41.12-4stable1) stable; urgency=high ]

  * Upload to proposed-updates
  * Fix "mke2fs -n" so it won't issue a discard and thus trash all
     the data on an SSD (oops!!!)

  [ e2fsprogs (1.41.12-4) unstable; urgency=high ]

  * Clear ext4 error fields in the superblock.  Otherwise users will see
    scary messages every 24 hours after a file system error is detected,
    even after e2fsck has fixed it, if they are using Linux 2.6.35 or later.
  * Fix usage message for logsave (#619788)

  [ e2fsprogs (1.41.12-3) unstable; urgency=high ]

  * Fix signed vs. unsigned char bug in getopt in e2fsprogs which
    afflicts systems with default unsigned char
  * Fix bug in e2fsck where it would fail to fix file systems
    where both the primary and backup block group descriptors are
    corrupted.  (Addresses Ubuntu Launchpad bug: #711799)
  * Fix package description: fsck has been moved to util-linux
    (#588726)
  * Fix badblocks so it the progress message correctly handles UTF-8
    characters for I18N systems (#583782, #587834)
  * Prevent e2fsck from accidentally scrambling a file system when
    checking a snapshot which has an external journal device (which has
    not been snapshotted).  (#587531)
  * Fix inode nlink accounting that would lead to very scary PROGRAMMING
    BUG errors.  (#555456)
  * Fix typos, spelling mistakes, spelling-out-the-obvious-to-clueless-
    sysadmins, etc. in man pages.  (#589345, #594004, #580236,
    #591083, #505719, #599786)

  [ freetype (2.4.2-2.1+squeeze1) stable-security; urgency=high ]

  * Non-maintainer upload by the Security Team.
  * CVE-2011-0226: Vulnerability in parsing Type 1 fonts

  [ krb5 (1.8.3+dfsg-4squeeze1) stable; urgency=low ]

  * Fix double free with pkinit on KDC, CVE-2011-0284, #618517
  * Updated Danish debconf translations, thanks  Joe Dalton, 
    #584282
  * KDC/LDAP DOS    (CVE-2010-4022, CVE-2011-0281, and CVE-2011-0282,
    #613487
  * Fix delegation of credentials against Windows servers; significant
    interoperability issue, #611906
  * Set nt-srv-inst on TGS names to work against W2K8R2 KDCs, 
    #616429
  * Don't fail authentication when PAC verification fails; support hmac-
    md5 checksums even for non-RC4 keys, #616728
  * Port fix to upstream ticket 6899: fix invalid free in kadmind change
    password case, #622681

  [ libpng (1.2.44-1+squeeze1) stable-security; urgency=high ]

  * Apply upstream patch to 1-byte uninitialized memory reference in
    png_format_buffer(). (#632786, CVE-2011-2501)
  * Apply upstream patch to buffer overwrite in png_rgb_to_gray.
    (#633871, CVE-2011-2690)
  * Apply upstream patch to crash in png_default_error due to use of
    NULL Pointer. (#633871, CVE-2011-2691)
  * Apply upstream patch to memory corruption when handling empty sCAL chunks.
    (#633871, CVE-2011-2692)

  [ libsndfile (1.0.21-3+squeeze1) stable-security; urgency=low ]

  * CVE-2011-2696

  [ nss (3.12.8-1+squeeze3) stable-security; urgency=low ]

  * mozilla/security/nss/lib/ckfw/builtins/certdata.*:
    Explicitely distrust various DigiNotar CAs:
    - DigiNotar Root CA
    - DigiNotar Services 1024 CA
    - DigiNotar Cyber CA
    - DigiNotar Cyber CA 2nd
    - DigiNotar PKIoverheid
    - DigiNotar PKIoverheid G2

  [ nss (3.12.8-1+squeeze2) stable-security; urgency=low ]

  * mozilla/security/nss/lib/ckfw/builtins/certdata.*:
    Remove DigiNotar Root CA.

  [ openldap (2.4.23-7.2) stable; urgency=low ]

  * Non-maintainer upload targeted at stable.
  * Fix "dpkg-reconfigure slapd". #596343

  [ openldap (2.4.23-7.1) stable; urgency=low ]

  * Non-maintainer upload targeted at stable.
  * Picked the following patches from various sources:

  [ Matthijs Möhlmann ]
  * Update patch service-operational-before-detach (#616164, #598361)

  [ Ubuntu Security Team / Jamie Strandboge ]
  * SECURITY UPDATE: fix successful anonymous bind via chain overlay when
    using forwarded authentication failures
    - debian/patches/CVE-2011-1024
    - CVE-2011-1024
  * SECURITY UPDATE: verify password when authenticating to rootdn and using ndb
    backend. Note: Debian is not compiled with --enable-ndb by default
    - debian/patches/CVE-2011-1025
    - CVE-2011-1025
  * SECURITY UPDATE: fix DoS when processing unauthenticated modrdn requests
    and requestDN is empty
    - debian/patches/CVE-2011-1081
    - CVE-2011-1081
    - LP: #742104, 617606

  [ openssl (0.9.8o-4squeeze2) squeeze-security; urgency=high ]

  * Non-maintainer upload by the Security Team.
  * Block DigiNotar certificates
  * Fix CVE-2011-1945: timing attacks against ECDHE_ECDSA makes
    it easier to determine private keys.

  [ tiff (3.9.4-5+squeeze3) stable-security; urgency=high ]

  * Redo CVE-2011-0192 to fix regression. (#630042)

 -- Thijs Kinkhorst <thijs@debian.org>  Sat, 01 Oct 2011 16:33:04 +0200

ia32-libs (20110609) stable; urgency=low

  * Packages updated

  [ libxml2 (2.7.8.dfsg-2+squeeze1) stable-security; urgency=low ]

  * xpath.c: Fix some potential problems on reallocation failures.
    #628537.

  [ nss (3.12.8-1+squeeze1) stable-security; urgency=low ]

  * debian/rules: Fallback to DEB_BUILD_ARCH when dpkg-architecture does't
    support DEB_BUILD_ARCH_BITS.
  * debian/control: Lower build depends on dpkg-dev to (>= 1.13.19), which
    was the value before starting to use DEB_BUILD_ARCH_BITS.
  * mozilla/security/nss/lib/ckfw/builtins/certdata.*: Mark fraudulent
    Comodo certificates as untrusted.

  [ pulseaudio (0.9.21-3+squeeze1) stable; urgency=low ]

  * Team upload.
  * Fix pacmd hanging in poll() when reading from stdin very early.
    Patch extracted from upstream by Alexander Wuerstlein <arw@arw.name>
   (#574589)

  [ tiff (3.9.4-5+squeeze2) stable-security; urgency=high ]

  * CVE-2009-5022: Buffer overflow in OJPEG support. (#624287)

  [ tiff (3.9.4-5+squeeze1) stable-security; urgency=high ]

  * CVE-2011-0192: Buffer overflow in Fax4Decode
  * CVE-2011-1167: Buffer overflow with thunder encoded files

 -- Thijs Kinkhorst <thijs@debian.org>  Thu, 09 Jun 2011 22:01:50 +0200

ia32-libs (20110310) stable; urgency=low

  * Packages updated
  * Add fix for duplicate sources due to security updates.
  * Welcome Thijs Kinkhorst to the team.

  [ avahi (0.6.27-2+squeeze1) stable-security; urgency=high ]

  * debian/patches/03_read_null_udp_packets.patch
    - Read NULL UDP packets else we end up in an infinite loop using 100% CPU
      and DoS of Avahi. (#614785, Fixes: CVE-2011-1002)
  * Urgency high for the security fix.

  [ openssl (0.9.8o-4squeeze1) stable-security; urgency=low ]

  * Fix OCSP stapling parse error (CVE-2011-0014)

  [ util-linux (2.17.2-9) unstable; urgency=low ]

  * Ack NMU from Christian Perrier <bubulle@debian.org>
    - Fix encoding for Danish and Slovak debconf translations

  [Adriano Rafael Gomes]

  * Brazilian Portuguese debconf templates translation.  #610489

  [ util-linux (2.17.2-8) unstable; urgency=low ]

  * fix mangled characters in debconf translations

  [ util-linux (2.17.2-7) unstable; urgency=low ]

  * dh_installdebconf is needed in binary-arch, not so much in -indep.
    Based on report from Adam D. Barratt <adam@adam-barratt.org.uk>.
    #566072

  [ util-linux (2.17.2-6) unstable; urgency=low ]

  [Bjørn Steensrud]

  * nb translations.  #608325

  [Américo Monteiro]

  * Portuguese debconf translations. #608233

  [Vincenzo Campanella]

  * Italian translations.  #608307

  [Yuri Kozlov]

  * russian debconf translations.  #608302

  [Martin Ågren]

  * Swedish debconf translations.  #608483

  [Joe Dalton]

  * Danish translations.  #608330

  [Christian Perrier]

  * French debconf translations.  #608464

  [Martin Eberhard Schauer]

  * German debconf translations.  #608463

  [Camaleón]

  * Spanish debconf translations.  #608518

  [Thorsten Glaser]

  * hwclock: [m68k] unbreak FTBFS with recent (>= 2.4.18?) kernels.
    #578168

  [Slavko]

  * Slovak transtions.  #608305

  [Michal Simunek]

  * Czech debconf translations.  #608495

 -- Thijs Kinkhorst <thijs@debian.org>  Thu, 10 Mar 2011 21:53:33 +0100

ia32-libs (20110117) unstable; urgency=low

  * Do not disable secure APT when downloading packages (closes: #610089)
  * Add security repository next to the regular Debian mirror.

  * Packages updated:

  [ cyrus-sasl2 (2.1.23.dfsg1-7) unstable; urgency=low ]

  [ Luca Capello ]
  * Fix for (#601977), the idea coming from Gaudenz Steinlin
    <gaudenz@debian.org>:
    + debian/control:
      - cyrus-sasl2-dbg Depends: on one of the two GSSAPI dbg packages.
      - new cyrus-sasl2-mit-dbg package which Conflicts: with
        cyrus-sasl2-heimdal-dbg.
      - cyrus-sasl2-heimdal-dbg now Conflicts: with cyrus-sasl2-mit-dbg.
    + debian/cyrus-sasl2-heimdal-dbg.preinst:
      - remove, useless.
    + debian/cyrus-sasl2-heimdal-dbg.postrm:
      - remove, useless.
    + debian/cyrus-sasl2-mit-dbg.dirs:
      - create /usr/lib/debug/usr/lib/sasl2/.
    + debian/rules:
      - mv MIT libgssapiv2.so.2.0.23 into cyrus-sasl2-mit-dbg.

  [ Roberto C. Sanchez ]
  * Thanks to Luca Capello for providing the patch.

  [ dbus (1.2.24-4) unstable; urgency=high ]

  * debian/patches/12-CVE-2010-4352-reject-deeply-nested-variants.patch
    - Fixes CVE-2010-4352: sending messages with excessively-nested variants
      can crash the bus. The existing restriction to 64-levels of nesting
      previously only applied to the static type signature; now it also
      applies to dynamic nesting using variants.
      Patch cherry-picked from upstream Git.
  * Urgency high for the security fix.

  [ isdnutils (1:3.9.20060704+dfsg.2-4.1) testing-proposed-updates; urgency=low ]

  * Non-maintainer upload.
  * debian/{ipppd,isdnvboxserver,isdnvboxserver}.postinst: Call MAKEDEV in
    /dev not via search path (#604219, #604211, #597926, #604216).
    Thanks to Alexander Reichle-Schmehl for the patch.

  [ krb5 (1.8.3+dfsg-4) unstable; urgency=medium ]

  * Ignore PACs without a server signature generated by OS X Open
    Directory rather than failing authentication, #604925

  [ krb5 (1.8.3+dfsg-3) unstable; urgency=emergency ]

  * MITKRB5-SA-2010-007
        * CVE-2010-1324: An unauthenticated attacker can inject arbitrary
        content into an existing GSS connection that appears to be integrity
        protected from the legitimate peer under some circumstances
      * GSS applications may accept a PAC produced by an attacker as if it
        were signed by a KDC
      * CVE-2010-1323: attackers have a 1/256 chance of being able to
        produce krb_safe messages that appear to be from legitimate remote
        sources. Other than use in KDC database copies this may not be a
        huge issue only because no one actually uses krb_safe
        messages. Similarly, an attacker can force clients to display
        challenge/response values of the attacker's choice.
      * CVE-2010-4020: An attacker may be able to generate what is
        accepted as a ad-signedpath or ad-kdc-issued checksum with 1/256
        probability
  * New   Vietnamese debconf translations, Thanks Clytie Siddall,
    #601533
  * Update standards version to 3.9.1 (no changes required

  [ libasyncns (0.3-1.1) unstable; urgency=low ]

  * Non-maintainer upload.
  * libasyncns/asyncns.c: Fix data alignment issue on armel, backported from
    upstream. (#566139)

  [ libx11 (2:1.3.3-4) unstable; urgency=low ]

  * Cherry-pick patches from upstream, 1.3-branch:
    - man: Fix typo in Makefile
    - Bug 27465 - Rewritten fi_FI.UTF-8 Compose file
    - Fix typo in new fi_FI.UTF-8 that was reported by "make check"
    - man: Redirect users from XKeycodeToKeysym to XkbKeycodeToKeysym #25732
    - man: Fix return value specification of XkbKeyActionEntry
    - man: Return value of XkbGetState is Status and not Bool
    - man: Add missing geometry component flag
    - man: Correct the XkbAllAccessXEventsMask mask name
    - Fix manual typos.
    - Allow X11 users to compose anarchism
    - Clarify requirements in XRestackWindows man page
    - Fix typo that made configure always report "none" for man page suffix
    - Define FILE_MAN_DIR_SUFFIX so XCompose shadow page has correct path
    - Compose.man: default user compose file is .XCompose, not .Xcompose
    - Make Compose-comma map to Ogonek for A and E in UTF-8 locales.
    - Make Compose-comma map to ogonek for I and U in UTF-8 locales.
    - NLS: Add o/ Compose sequence
    - nls: Switch one of the interrobang sequences to gnaborretni
    - Bug 29773: aliases for nb_NO.utf8 and nn_NO.utf8

  [ libxi (2:1.3-6) unstable; urgency=medium ]

  * WireToEvent: Set display member of all events as well (cherry-pick from
    upstream).

  [ libxml2 (2.7.8.dfsg-2) unstable; urgency=low ]

  * xpath.c: Fix a double-freeing error in XPath processing code.
    (CVE-2010-4494). #607922.

  [ openldap (2.4.23-7) unstable; urgency=low ]

  * Updated vietnamese translation, thanks Clytie Siddall
    (#601537, #598575)
  * Updated portuguese translation, thanks Traduz (#599760)
  * Updated danish translation, thanks Joe Dalton (#599835)

  [ openssl (0.9.8o-4) unstable; urgency=low ]

  * Fix CVE-2010-4180 (#529221)

  [ sane-backends (1.0.21-9) unstable; urgency=low ]

  * debian/patches/fix_epson2_cancel.patch:
    + Added; fix handling of scanner errors by sending a cancel command
      (#597922).

  [ sane-backends (1.0.21-8) unstable; urgency=low ]

  * debian/patches/fix_epson2_commands.patch:
    + Added; fix list of supported commands for levels D1 and D2
      (#582066).

  [ util-linux (2.17.2-5) unstable; urgency=low ]

  * Merge in all those NMUs that were never pushed to me in bugs.

  [ util-linux (2.17.2-4) unstable; urgency=low ]

  [Miklos Szeredi]

  * mount: don't canonicalize "spec" with --no-canonicalize option.
    #593336

  [Karel Zak]

  * fdisk: fix freespace boundaries calculation on SGI disklabel.
    #510130

  [LaMont Jones]

  * Deliver agetty as both agetty and getty, preferring agetty.
    #117596
  * Declare source format (1.0)
  * use debconf (iff installed) to warn about noauto fileysstems with non-zero
    pass numbers.  #566072
  * update lintian-overrides, actually install them in the deb

 -- Thijs Kinkhorst <thijs@debian.org>  Mon, 17 Jan 2011 15:47:37 +0000

ia32-libs (20101129) unstable; urgency=high

  [ Goswin von Brederlow ]
  * Add Conflicts: ia32-libs-workaround-499043 to avoid file overwrite
    errors. (Closes: #605218)

  * Packages updated

  [ libxi (2:1.3-5) unstable; urgency=low ]

  * Cherry-picked fixes from upstream:
    - man: fix types for XGetSelectedExtensionEvents
    - Initialize extension with the right number of events (obsoletes our
      quilt patch)
    - Don't unlock the Display twice
    - Fix usage of uninitialized value
    - Fix memory leak in XIGetSelectedEvents
    - Always unlock display correctly
    - man: improve readability of XAllowDeviceEvents
    - man: fix typo in XIQueryDevice doc (#598964)
    - Fix typo when converting raw events from the wire
    - man: XGetDeviceProperty(3) has no parameter 'pending'

  [ sane-backends (1.0.21-7) unstable; urgency=low ]

  * debian/patches/genesys_disable_raw_data_log.patch:
    + Added; disable raw data logging. Raw data logging was enabled
      upstream at some point before 1.0.21 most probably as an oversight
      when committing new code. When enabled, a raw.pnm file is left
      behind in the cwd when using the genesys backend (602995).

  * debconf translations:
    + Properly install vi.po, mistakenly put in po/ instead of
      debian/po in 1.0.21-6.

  [ sane-backends (1.0.21-6) unstable; urgency=low ]

  * debian/patches/saned_exit_avahi_process.patch:
    + Added; exit Avahi process on error/loop termination.
  * debian/patches/xerox_mfp_new_ids.patch:
    + Added; add USB IDs for supported machines in xerox_mfp (#601748).
  * debian/patches/scsi_perfection_2450.patch:
    + Added; add SCSI IDs for the Perfection 2450 via FireWire
      (#601810).
  * debian/patches/scsi_scanjet_4c.patch:
    + Added; add SCSI IDs for the ScanJet 4c (#601656).

  * debconf translations:
    + vi.po: courtesy of Clytie Siddall (#601530).

 -- Goswin von Brederlow <goswin-v-b@web.de>  Mon, 29 Nov 2010 22:43:35 +0100

ia32-libs (20101125) unstable; urgency=high

  * Packages updated

  [ cups (1.4.4-7) unstable; urgency=low ]

  [ Till Kamppeter ]
  * debian/local/filters/pdf-filters/pdftopdf/parseargs.c,
    debian/local/filters/pdf-filters/pdftopdf/parseargs.cxx,
    debian/local/filters/pdf-filters/pdftopdf/parseargs.h,
    debian/local/filters/pdf-filters/pdftopdf/Makefile: Made pdftopdf
    building with Poppler 0.15.x. Thanks to Koji Otani for this patch.
  * debian/control: Added dependency on "cups-ppdc" package to the "cups"
    package, so that the PPDs of the drivers which come with CUPS get built
    (LP: #485383).

  [ Martin Pitt ]
  * ubuntu-upstart.dpatch: Wait until daemon is ready, to avoid race
    conditions with init scripts which expect cups tools to work right after
    restarting it. (LP: #647369)
  * ubuntu-upstart.dpatch: If D-BUS is not available, start on runlevels 2 to
    5, so that this also works in server environments. (LP: #650893)
  * debian/local/apparmor-profile: Allow access to /usr/local/lib/cups/**.
    (LP: #160092)
  * debian/local/apparmor-profile: Allow reading /usr/local/**, in case
    third-party printer drivers need auxiliary files.
  * debian/local/apparmor-profile: Allow reading /var/run/**. (LP: #659961)
  * ubuntu-upstart.dpatch: Time out after 5 seconds when the local socket
    doesn't get created. Apparently a lot of users disable it in cupsd.conf.
    (LP: #672438)
  * debian/local/filters/pdf-filters/addtocups: Link pdftoijs with $(CXX),
    since it's a C++ program. Fixes FTBFS with gcc 4.5.
  * debian/local/filters/pdf-filters/pdftopdf/Makefile: Explicitly pdftopdf
    with -lz. gcc 4.5 does not automatically link to transitive library
    dependencies any more.
  * drop_unnecessary_dependencies.dpatch: Drop hunk for reduced krb5/gssapi
    linkage. With gcc 4.5, we now need -lkrb5.

  [ Marc Deslauriers ]
  * Add CVE-2010-2941.dpatch: Fix denial of service and possible code execution
    via invalid free. Skip over and reserve unused tags in cups/ipp.{c,h}.
    [CVE-2010-2941]

  [ cups (1.4.4-6) unstable; urgency=low ]

  * debian/cups.preinst: Go back to using lsb-release, since dpkg-vendor is
    not installed by default (it's in dpkg-dev). Bump the version guard to
    this version, to reattempt the migration. (LP: #645328)

  [ cups (1.4.4-5) unstable; urgency=low ]

  [ Martin Pitt ]
  * ubuntu-upstart.dpatch: Drop the dependency "on starting smbd", it causes
    samba to hang on package upgrades or manual restarts. There doesn't seem
    to be a good way to express this dependency right now. (LP: #639768)
    Instead, send a SIGHUP to smbd if it is running, which causes it to reload
    printers.

  [ Till Kamppeter ]
  * pstops-based-workflow-only-for-printing-ps-on-a-ps-printer.dpatch:
    Let CUPS use the former PostScript-based filter chain only if the input
    file is PostScript and the printer is a PostScript printer with
    manufacturer-supplied PPD file. This avoids ugly PS->PDF->PS conversions
    which are bad for the performance and sometimes cause issues
    (#593338, requested by Ricoh).

  [ cups (1.4.4-4) unstable; urgency=low ]

  [ Till Kamppeter ]
  * default-ripcache-size-auto.dpatch: Replaced patch for letting CUPS default
    RIP_MAX_CACHE to 1/4 of the system's RAM by a patch defaulting
    RIP_MAX_CACHE to "auto". See LP: #628030.
  * debian/patches/cups-snmp-oids-device-id-hp-ricoh.dpatch: Let the "snmp"
    backend also use the manufacturer-specific MIBs of HP and Ricoh to
    obtain the device IDs of network-connected printers. This way we get more
    reliable information about make and model and in addition the supported
    page description languages, which allow to identify whether an optional
    PostScript add-on is installed or for an unsupported printer which
    generic PPD is the best choice (requested by Ricoh, thanks to Tim Waugh
    from Red Hat to create the patch).

  [ Martin Pitt ]
  * debian/control: Drop perl-modules dependency. The only script that uses
    perl is oopstops, which uses IO::Handle, and this is in perl-base.
  * debian/control, debian/rules, ubuntu-*.dpatch: Replace lsb_release call
    with dpkg-vendor, and drop lsb-release build dependency.
  * Upstartify for Ubuntu:
    - Add ubuntu-upstart.dpatch: Add debian/cups.upstart script, which now
      causes Samba to wait for cups to start. Don't have it in debian/ by
      default, since dh_installinit unconditionally prefers it over .init.
    - debian/rules: Call dh_installinit with --upstart-only when building on
      Ubuntu.
    - debian/cups.preinst: Remove old init script on upgrades when running on
      Ubuntu.
  * debian/cups.preinst: Remove some obsolete transitional code.
  * debian/cups.init.d, debian/cups.postinst: Move custom PPD directory setup
    from init script into postinst. No need to do that on every boot.

  [ freetype (2.4.2-2.1) unstable; urgency=medium ]

  * Non-maintainer upload by the Security Team.
  * Fix CVE-2010-3855 and CVE-2010-3814 (#602221)

  [ freetype (2.4.2-2) unstable; urgency=low ]

  * debian/patches-ft2demos/f2tdemos-grkey.patch: update to fix another
    problem when building under gcc-4.5 that was overlooked in the previous
    version of the patch.  LP: #624740.

  [ libgphoto2 (2.4.6-3) unstable; urgency=low ]

  * Merge one more patch by Martin Pitt (thanks!): move HAL FDI
    creation from debian/libgphoto2-2.postinst to debian/rules.
    This avoids problems with half-configured libraries during
    upgrade/installation (LP: #352271, #531979)
  * Remove old conffiles. We can't use dpkg-maintscript-helper,
    because they were created at install-time and thus not marked
    as conffiles. (#461397, #511129)
  * Move from /etc/udev/rules.d/ to /lib/udev/rules.d should now
    be complete (#586668)

  [ libgphoto2 (2.4.6-2) unstable; urgency=low ]

  * Merge Ubuntu patches, by Martin Pitt (thanks!):
    - Update Build-Depends: Move from libltdl3-dev to libltdl-dev
      (#531974).
    - Create modern udev rules at build-time instead of at install-time
      thanks to a patch sent (and now merged) upstream. Drop a lot of
      code from libgphoto2-2.postinst accordingly, while adding the
      generation code to debian/rules. Also bump the versioned dependency
      on udev from 0.113-1 to 0.136 (#531978).
  * Added myself to Uploaders

  [ nas (1.9.2-4) unstable; urgency=low ]

  * Updated Danish Debconf translation. Thanks to Joe Dalton.
    #601131

  [ openssl (0.9.8o-3) unstable; urgency=high ]

  * Fix TLS extension parsing race condition (CVE-2010-3864) (#603709)
  * Re-add the engines.  They were missing since 0.9.8m-1.
    Patch by Joerg Schneider. (#603693)
  * Not all architectures were build using -g (#570702)
  * Add powerpcspe support (#579805)
  * Add armhf support (#596881)
  * Update translations:
    - Brazilian Portuguese (#592154)
    - Danish (#599459)
    - Vietnamese (#601536)
    - Arabic (#596166)
  * Generate the proper stamp file so that everything doesn't get build twice.

 -- Goswin von Brederlow <goswin-v-b@web.de>  Thu, 25 Nov 2010 20:22:05 +0100

ia32-libs (20101117) unstable; urgency=low

  * Drop ia32-libs-dev from ia64. No 32bit compiler there
    (Closes: #603679, #540027).
  * Make ia32-libs-dev priority extra (sync with ftp-master overrides).
  * Add lintian  override for executable stack in libSDL-1.2.

  * Packages updated

  [ esound (0.2.41-8) unstable; urgency=low ]

  [ Emilio Pozuelo Monfort ]
  * debian/patches/03_hurd.patch:
    - Add header.

  [ Josselin Mouette ]
  * Drop type-handling usage. #587862.
  * Bump standards version accordingly.
  * Only suggest esound-clients. #599662.
  * 04_audsp_crash.patch: patch from Samuel Thibault to fix a crasher in
    audsp. #601295.

  [ libxml2 (2.7.8.dfsg-1) unstable; urgency=low ]

  * New upstream release.
  * configure.in: Applied upstream fix to reactivate symbol versioning script.

 -- Goswin von Brederlow <goswin-v-b@web.de>  Wed, 17 Nov 2010 11:28:19 +0100

ia32-libs (20101110) unstable; urgency=low

  [ Goswin von Brederlow ]
  * Mangle .pc files.
  * Packages updated

  [ isdnutils (1:3.9.20060704+dfsg.2-4) unstable; urgency=low ]

  * QA upload
  * Add va_list.patch to debian/patches/series (#600037).

  [ isdnutils (1:3.9.20060704+dfsg.2-3) unstable; urgency=low ]

  * QA upload
  * Rebuild including the architecture-indepdendent binaries

  [ isdnutils (1:3.9.20060704+dfsg.2-2) unstable; urgency=low ]

  * QA upload
  * Fix short diff context in ippd-ms-chap.patch which caused lenny's
    patch command (and dpkg-source) to reject it

  [ isdnutils (1:3.9.20060704+dfsg.2-1) unstable; urgency=low ]

  * QA upload
  * Restore ipppd, replacing the GPL-licenced code (#599627)

  [ krb5 (1.8.3+dfsg-2) unstable; urgency=high ]

  * MITKRB5-SA-2010-006 [CVE-2010-1322]: null pointer dereference in
    kdc_authdata.c leading to KDC crash, #599237
  * Fix two memory leaks in krb5_get_init_creds path; one of these memory
    leaks is quite common for any application such as PAM or kinit that
    gets initial credentials, thanks Bastian Blank, #598032
  * Install doc/CHANGES only in krb5-doc, not in all packages, saves
    several megabytes on most Debian systems, #599562

  [ libice (2:1.0.6-2) unstable; urgency=low ]

  [ Julien Cristau ]
  * Rename the build directory to not include DEB_BUILD_GNU_TYPE for no
    good reason.  Thanks, Colin Watson!
  * Remove myself from Uploaders

  [ Cyril Brulebois ]
  * Cherry-pick from upstream:
    + 0001-Set-the-close-on-exec-flag-for-listening-sockets.patch:
      Stop leaking listening sockets by setting the close on exec flag on
      them. Thanks to Kalle Olavi Niemitalo (#538248).
      [From upstream 1967c04c0]
  * Add myself to Uploaders.

  [ libsdl1.2 (1.2.14-6.1) unstable; urgency=medium ]

  * Non-maintainer upload.
  * Disable altivec on powerpc.  Debian's powerpc port supports systems
    without it, and libsdl's build system only pretends to do runtime
    detection (#572420).

  [ nspr (4.8.6-1) unstable; urgency=low ]

  * New upstream release.
  * debian/patches/*: Refresh patches.
  * debian/patches/90_Move_PR_STATIC_ASSERT_from_prlog.h_to_prtypes.h.patch:
    Removed, as applied upstream.
  * debian/libnspr4-0d.symbols: Add new symbol.
  * debian/rules:
    - Bump shlibs.
    - Let nspr use its own optimization options.
    - Use the --enable-debug-symbols configure option instead of forcing -g
      into compiler flags.
  * debian/control: Bump Standards-Version to 3.9.1.0.

  [ nss (3.12.8-1) unstable; urgency=low ]

  * New upstream release.
  * debian/patches/*: Refresh patches.
  * debian/patches/series:
    + lower-dhe-priority.patch: Upstream patch from bz#583337 to lower DHE
      priority. #592315.

  [ nss (3.12.8~b2-1) experimental; urgency=low ]

  * New upstream snapshot, picked from NSS_3_12_8_BETA2 cvs tag.
  * debian/patches/*: Refresh patches.

  [ nss (3.12.7-1) unstable; urgency=low ]

  * New upstream release.
  * debian/patches/*: Refresh patches.
  * debian/control:
    - Bump Standards-Version to 3.9.1.0.
    - Build depend on libnspr4-dev >= 4.8.6.
  * debian/libnss3-1d.symbols: Simplify symbols file and add new symbols.
  * debian/rules: Bump shlibs.

  [ pam (1.1.1-6.1) unstable; urgency=low ]

  * Non-maintainer upload.
  * Fix pending l10n issues. Debconf translations:
    - Czech (Miroslav Kure).  #598329
    - Slovak (Ivan Masár).  #600164
    - Japanese (Kenshi Muto).  #600247
    - Finnish (Esko Arajärvi).  #600641

  [ sane-backends (1.0.21-5) unstable; urgency=low ]

  * debconf translations:
    + cs.po: courtesy of Miroslav Kure (#598338).
    + zh_CN.po: courtesy of YunQiang Su (#599590, #599591).
    + da.po: courtesy of Joe Dalton (#599642).
    + eu.po: courtesy of Iñaki Larrañaga Murgoitio (#599810).
    + es.po: courtesy of Camaleón (#600342).
    + fi.po: courtesy of Esko Arajärvi (#600514).

  [ sqlite3 (3.7.3-1) unstable; urgency=high ]

  * New upstream release (#591298), high urgency due to fixing a RC
    performance regression.
  * Updated manpage (#598318).

  [ sysfsutils (2.1.0+repack-1) unstable; urgency=low ]

  * Drop tarball.mk and tar-in-tar packaging and use upstream tarball as
    orig.tar.gz now. This style is obsolete, we have much better tools now.
  * Switch to dh compat 7.
  * Add bzr-builddeb configuration (merge mode).
  * debian/control: Add Vcs-Bzr:.
  * Switch to 3.0 (quilt) source format, drop simple-patchsys.mk.
  * debian/control: Add missing ${misc:Depends}.
  * debian/control: Bump Standards-Version to 3.9.1.
  * debian/sysfsutils.init: Start after cpufrequtils, to make sure that a
    governor is selected and set up. Thanks Mario Holbe! (#590143)

  [ tiff (3.9.4-5) unstable; urgency=high ]

  * Incorporated fix to CVE-2010-3087, a potential denial of service
    exploitable with a specially crafted TIFF file.  (#600188)

  [ util-linux (2.17.2-3.3) unstable; urgency=low ]

  * Non-maintainer upload.
  * Report correct disk size on GNU/kFreeBSD.  Thanks Tuco.
    (#592292)

 -- Goswin von Brederlow <goswin-v-b@web.de>  Wed, 10 Nov 2010 01:17:55 +0100

ia32-libs (20101012) unstable; urgency=low

  * Packages updated

  [ acl (2.2.49-4) unstable; urgency=low ]

  * Migrate to having binaries in sbindir (#590240)

  [ krb5 (1.8.3+dfsg-1) unstable; urgency=low ]

  * New Upstream release; only change is version bump from beta1 to final
  * Bring back a libkrb53 oldlibs package. Note that this is technically a
    policy violation because it doesn't provide libdes425.so.3 or
    libkrb4.so.2 and thus provides a different ABI. However, some
    packages, such as postgres8.4 require the lenny version to be present
    for the squeeze transition, so we cannot force the removal of
    libkrb53's reverse dependencies. We can conflict or break with lenny
    packages that will not work with this libkrb53, but we may break
    out-of-archive packages without notice. Absent someone coming up with
    a patch to the modern libk5crypto-3 that allows it to work with the
    lenny libkrb53 (a weekend's worth of work proved this would be quite
    difficult), this is the best solution we've come up with, #596678

  [ krb5 (1.8.3+dfsg~beta1-2) unstable; urgency=low ]

  * Remove documentation that has moved to the krb5-appl package and is
    not shipped upstream from Debian diff

  [ libdrm (2.4.21-1~squeeze3) unstable; urgency=low ]

  * Update kernel drm headers.

  [ libdrm (2.4.21-1~squeeze2) unstable; urgency=low ]

  [ Sven Joachim ]
  * Restore 04_fix_nouveau_bo_new_tile_segfault.diff, actually only half
    applied upstream.

  [ libdrm (2.4.21-1~squeeze1) unstable; urgency=low ]

  * Revert nouveau ABI update.
  * Don't build libkms and vmwgfx.
  * Drop 04_fix_nouveau_bo_new_tile_segfault.diff, applied upstream.

  [ libdrm (2.4.21-1) experimental; urgency=low ]

  [ Christopher James Halse Rogers ]
  * debian/rules:
    - Add libkms to build
    - Build vmwgfx experimental API.  The drm module is available in the 2.6.34
      kernel so we might as well build the userspace bits.
  * debian/control:
    - Add libkms1, libkms1-dbg packages on linux
  * debian/patches/02_build_libkms_against_in_tree_drm:
    - Link libkms against libdrm as it uses symbols from libdrm.

  [ Robert Hooker ]
  * New upstream release.
  * Refresh 02_build_libkms_against_in_tree_drm.
  * Update libdrm-intel1.symbols, libdrm-radeon1.symbols and shlibs.

  [ Julien Cristau ]
  * Update the copyright file to hopefully include all licenses variations and
    copyright statements from the source tree.
  * Mark new libdrm_radeon symbols private.  They shouldn't actually be
    exported.
  * Same with libkms.  Also don't set a minimum version to 2.4.20, since we
    didn't ship it before anyway.

  [ libdrm (2.4.20-3) experimental; urgency=low ]

  [ Sven Joachim ]
  * Update libdrm-nouveau1 to the ABI of Linux 2.6.34.
    - Drop 03_revert_abi_change.diff.
    - Bump libdrm-nouveau shlibs and symbols versions to 2.4.20-3~
      to ensure that packages built against this version are not used
      with an older libdrm-nouveau1 version.
    - Add versioned Breaks against xserver-xorg-video-nouveau to force
      an upgrade of that package and prevent X segfaults.
  * Include full SONAME in libdrm-nouveau1.install.
  * Update xsfbs to 81fc271788605b52e85c2d11635a0371fb44605e0.

  [ libdrm (2.4.20-2) experimental; urgency=low ]

  * Upload again, faking a new upstream version, since a screw-up on
    ftpmaster side trashed all files from experimental.

  [ libdrm (2.4.20-1) experimental; urgency=low ]

  * New upstream release.
    + Cherry-pick upstream fixes 107ccd92 and 332739e3.
  * Update libdrm-intel1.symbols, libdrm-radeon1.symbols and shlibs.
  * Disable libkms for now.

  [ libedit (2.11-20080614-2) unstable; urgency=high ]

  * libedit2.shlibs: Fix minimal dependency version
    Patch by Agustin Martin
    523260

  [ tiff (3.9.4-4) unstable; urgency=high ]

  * Incorporated fix to CVE-2010-2483, "fix crash on OOB reads in
    putcontig8bitYCbCr11tile".  (#595064)

  [ util-linux (2.17.2-3.2) unstable; urgency=low ]

  * Non-maintainer upload.
  * Revert the switch from slang2 to ncurses5.  There is no udeb for ncurses,
    so that change broke cfdisk-udeb (#593374, reopens: #581631).

 -- Frederik Schüler <fs@debian.org>  Tue, 12 Oct 2010 12:38:09 +0200

ia32-libs (20100927) unstable; urgency=low

  [ Goswin von Brederlow ]
  * Remove transitional package libglu1-xorg (+xorg source).

  * Packages updated

  [ isdnutils (1:3.9.20060704+dfsg.1-3) unstable; urgency=low ]

  * QA upload.
  * Replace tcl8.3-dev Build Dependency with tcl-dev (#590651).

  [ openldap (2.4.23-6) unstable; urgency=high ]

  * Check for an empty directory to prevent an rm -f /*. (#597704)

 -- Goswin von Brederlow <goswin-v-b@web.de>  Mon, 27 Sep 2010 21:17:54 +0200

ia32-libs (20100919) unstable; urgency=high

  [ Goswin von Brederlow ]
  * Make dependency on lib32bz2-1.0 [amd64] only.
  * Add gcc-3.3 1:3.3.6ds1-20 for libstdc++5 (Closes:  #597306)

  * Packages updated

  [ openldap (2.4.23-5) unstable; urgency=high ]

  [ Steve Langasek ]
  * High-urgency upload for RC bugfix.
  * debian/slapd.scripts-common: fix gratuitous (and wrong) use of grep in
    get_suffix(), which causes us to incorrectly parse any slapd.conf that
    uses tabs instead of spaces.  #595672.
  * debian/slapd.init, debian/slapd.scripts-common: when $SLAPD_CONF is not
    set in /etc/default/slapd, we should always set a default value, giving
    precedence to slapd.d and falling back to slapd.conf.  Users who don't
    want to use an existing slapd.d should point at slapd.conf explicitly.
    #594714, #596343.
  * debian/slapd.init: 'invoke-rc.d slapd stop' should not fail due to the
    absence of a slapd configuration; we should still exit 0 so that the
    package can be removed gracefully.  #596100.
  * drop build-conflicts with libssl-dev; we explicitly pass
    --with-tls=gnutls to configure, so there's no risk of a misbuild here.
  * debian/slapd.default: now that we have a sensible default behavior in
    both slapd.init and the maintainer scripts, leave SLAPD_CONF empty to
    save pain later.
  * debian/slapd.scripts-common: ... and do the same in
    migrate_to_slapd_d_style, we just need to comment out the user's
    previous entry instead of blowing it away.
  * debian/slapd.scripts-common: call get_suffix in a way that lets us
    separate responses by newlines, to properly handle the case when a
    DN has embedded spaces.  Introduces a few more stupid fd tricks to work
    around possible problems with debconf.  #595466.
  * debian/slapd.scripts-common: when parsing the names of includes, handle
    double-quotes and escape characters as described in slapd.conf(5).
    #595784.
  * debian/slapd.scripts-common, debian/slapd.postinst: on upgrade from
    versions <= 2.4.23-4, explicitly grant access to cn=Subschema, which
    otherwise is blocked by our added olcAccess settings.  #596326.
  * debian/slapd.init.ldif: set the acl in the default LDIF for new installs,
    too.
  * Likewise, grant access to dn.exact="" so that base dn autodiscovery
    works as intended.  #596049.
  * debian/slapd.init.ldif: synchronize our behavior on new installs with
    that on upgrades, avoiding the non-standard cn=localroot,cn=config.
  * debian/slapd.scripts-common: don't run the migration code if slapd.d
    already exists.  #593965.

  [ Matthijs Mohlmann ]
  * Remove upgrade_supported_from_backend, implemented patch from
    Peter Marschall <peter@adpm.de> to automatically detect if an upgrade is
    supported. (#594712)

  [ Peter Marschall ]
  * debian/slapd.init: correctly set the slapd.conf argument even when
    SLAPD_PIDFILE is non-empty in /etc/default/slapd.  #593880.
  * debian/slapd.scripts-common: pass -g to slapadd/slapcat, so that
    subordinate databases aren't incorrectly included in the dump/restore of
    the parent database.  #594821.

  [ pam (1.1.1-6) unstable; urgency=low ]

  * Updated debconf translations:
    - Swedish, thanks to Martin Bagge <brother@bsnet.se> (#575875)

  [ pam (1.1.1-5) unstable; urgency=low ]

  * debian/rules: pass getconf LFS_CFLAGS so that we get a 64-bit rlimit
    interface.  #579402.
  * Update debian/source.lintian-overrides to clean up some spurious
    warnings.
  * Bump Standards-Version to 3.9.1.
  * Add lintian overrides for a few more spurious warnings.
  * debian/patches-applied/no_PATH_MAX_on_hurd: define PATH_MAX for
    compatibility when it's not already set.  #552043.
  * debian/local/pam-auth-update: Don't try to pass embedded newlines to
    debconf; backslash-escape them instead and use CAPB escape.
  * debian/local/pam-auth-update: sort additional module options before
    writing them out, so that we don't wind up with a different config file
    on every invocation.  Thanks to Jim Paris <jim@jtan.com> for the patch.
    #594123.

  [ sane-backends (1.0.21-4) unstable; urgency=low ]

  * debconf translations:
    + it.po: courtesy of Luca Monducci (#593722).

  [ xorg (1:7.5+7) unstable; urgency=low ]

  [ Julien Cristau ]
  * Nuke x11-common's Conflicts.  This was needed for upgrades from the
    monolith, which aren't relevant anymore.
  * Also drop Pre-Depends on debconf.  The debconf interaction in
    x11-common.preinst was removed in 1:7.4+2.
  * Drop versioned build-dep on dpkg 1.7.0.  Even woody had that..
  * Drop x11-common Depends on debianutils 1.13.  That was also in woody.
  * Add xserver-xorg-video-geode to -all on i386 (#567909).

  [ Cyril Brulebois ]
  * Add myself to Uploaders.
  * Update Debian po files by running debconf-updatepo (through
    debian/rules clean).

 -- Goswin von Brederlow <goswin-v-b@web.de>  Sun, 19 Sep 2010 19:53:02 +0200

ia32-libs (20100914) unstable; urgency=low

  [ Goswin von Brederlow ]
  * Depend on lib32bz2-1.0 instead of Conflicts/Replaces. Lib is no longer
    in ia32-libs, use native package or ia32-libs-core (Closes: #596727).
  * Add libdbus-1-dev, unixodbc-dev, libopenal1, libopenal-dev, libedit2,
    libmpg123-0, libmpg123-dev, libvorbisfile3, libbsd0.
    (Closes: #559438, #559440, #575206, #527521, #578256).
  * Conflict ia32-libs-libidn11, ia32-libs-libssh2, ia32-libs-libnspr4,
    ia32-libs-libnss3, ia32-libs-libcurl3 from debian-multimedia.org.
    (Closes: #596058)
  * Update README.Debian (Closes: #542931).
  * Shorten and line wrap debian/control entries (Closes: #593238).

  * Packages updated

  [ libusb (2:0.1.12-16) unstable; urgency=low ]

  * Add debian/patches/07_altsetting_alloc.patch based on a patch from
    Pawel Kot to fix crashes with some USB devices, due to calls to
    free() with uninitialized pointers.
  * Upgraded policy compliance to 3.9.0 (no changes).

  [ libxmu (2:1.0.5-2) unstable; urgency=high ]

  [ Julien Cristau ]
  * Rename the build directory to not include DEB_BUILD_GNU_TYPE for no
    good reason.  Thanks, Colin Watson!
  * Remove myself from Uploaders
  * Don't pass both -s and -Nfoo/-pfoo to dh_strip.  This resulted in an empty
    libxmuu1-dbg (#594500).  Thanks to Luca Falavigna for the report.

  [ Cyril Brulebois ]
  * Add myself to Uploaders.
  * Bump urgency to “high” for the RC bugfix. Thanks to Jakub Wilk as well
    for the report.

 -- Frederik Schüler <fs@debian.org>  Tue, 14 Sep 2010 14:46:37 +0200

ia32-libs (20100908) unstable; urgency=low

  [ Goswin von Brederlow ]
  * Packages updated

  [ cyrus-sasl2 (2.1.23.dfsg1-6) unstable; urgency=low ]

  * Acknowlge NMU (thanks to Ben Hutchings)
  * Merge cyrus-sasl2 and cyrus-sasl2-heimdal source packages (#568358)
    + Build against new heimdal-multidev (#591147)
  * Properly detect presence of Heimdal (#590912); thanks tremendously
    to Russ Allbery for the patch

  [ cyrus-sasl2 (2.1.23.dfsg1-5.1) unstable; urgency=low ]

  * Non-maintainer upload.
  * Remove incorrect conflict between cyrus-sasl2-dbg and
    cyrus-sasl2-heimdal-dbg (#590759); the conflicting file
    is now diverted by the latter

  [ libxslt (1.1.26-6) unstable; urgency=low ]

  * debian/python-libxslt1-dbg.preinst: Add preinst snippet to remove
    /usr/share/doc/python-libxslt1-dbg symlink on Ubuntu. This is an
    Ubuntu-only fix, but allows Ubuntu to just use the Debian package
    without further modifications.
    #587910

 -- Goswin von Brederlow <goswin-v-b@web.de>  Wed, 08 Sep 2010 10:47:17 +0200

ia32-libs (20100905) UNRELEASED; urgency=low

  [ Philipp Kern ]
  * Remove udev scripts installed by sane.
  * Include libnss3-1d, libnspr4-0d, libcurl3, libssh2-1, odbcinst1debian2
    and libidn11. (Closes: #499043)

  [ Goswin von Brederlow ]
  * Include packages changelogs on updates.
  * Include libsqlite3-0, libavahi-client3, libavahi-common3, libdb4.8,
    libsysfs2, libts-0.0-0, libjpeg8.
  * Add -dev packages for ia32-libs-dev.
  * Move libcairo2 and libwmf0.2-7 to ia32-libs-gtk.
  * Add Vcs-Browser and Vcs-Git to debian/control.
  * Fix *.la files.
  * Fix spelling errors in generated entries.
  * Drop diversion of ldd (moved to ia32-libs-core).

  * Packages updated

  [ acl (2.2.49-3) unstable; urgency=low ]

  * Add upstream patches
    03-re-stat_file_after_chown.patch
    04-print_useful_error_from_read_acl_comments.patch
    05-restore_crash_on_malformed_input.patch
    06-fix_potential_null_pointer_dereference.patch
    09-prevent_setfacl_--restore_from_SIGSEGV.patch

  [ acl (2.2.49-2) unstable; urgency=low ]

  * Debian source format is 3.0 (quilt)
    Add 01-Makefile.patch
  * Fix CVE-2009-4411
    Refer to https://savannah.nongnu.org/bugs/?28131
    Add 02-499076-physical-walk.patch
    Patch by Markus Steinborn
    499076
  * Fix debhelper-but-no-misc-depends
  * Fix out-of-date-standards-version
  * Fix no-upstream-changelog

  [ acl (2.2.49-1) unstable; urgency=low ]

  * New upstream release

  [ acl (2.2.48-1) unstable; urgency=low ]

  * New upstream release
  * Fix out-of-date-standards-version
  * Update homepage in debian/control
  * Add Vcs-Git and Vcs-Browser to debian/control
  * Update download page in debian/copyright
  * Update debian/watch
  * Add automake as a build-dependency

  [ alsa-lib (1.0.23-1) unstable; urgency=low ]

  * New upstream release.

  [ Elimar Riesebieter ]
  * Add powerpcspe to the list of supported architectures. Hint by Sebastian
    Andrzej Siewior. (#583615)
  * Introduced DEP-3 patch headers.
  * Patch Dont_leak_timer_fd_on_pcm_slave_close.patch applied from upstream.
    Removed.

  [ Jordi Mallach ]
  * Remove lpia from the list of supported architectures, as it's not used
    by Ubuntu anymore.

  [ alsa-lib (1.0.22-2) unstable; urgency=low ]

  [ Jordi Mallach ]
  * Bump Standards-Version to 3.8.4, with no changes required.

  [ Elimar Riesebieter]
  * Readded -DUSE_VERSIONED_SYMBOLS only to the bibuild CFLAGS.
    (#570703)

  [ alsa-lib (1.0.22-1) unstable; urgency=low ]

  * New upstream release. (#549531)

  [ Jordi Mallach ]
  * Remove lintian overrides file; it only contains an obsolete entry.

  [ Daniel T Chen ]
  * debian/control: Add sparc64 to Architecture field for libasound2{,-dev}
    using patch from Aurelien Jarno. Thanks! (#560405)
  * debian/patches/Dont_leak_timer_fd_on_pcm_slave_close.patch: Properly
    free timer fd when closing pcm slaves. Backported from upstream master
    HEAD (LP: #451893) (#568101)

  [ Elimar Riesebieter]
  * Switched to source version 3.0.
  * As we are defining CFLAGS in rules -D_GNU_SOURCE added as suposed in
    original Makefile.
  * Removed -DUSE_VERSIONED_SYMBOLS from CFLAGS. It is used in the build system
    now.
  * Removed lintian file installation from rules.

  [ alsa-lib (1.0.21a-1) unstable; urgency=low ]

  [ Elimar Riesebieter ]
  * New upstream release.

  [ alsa-lib (1.0.21-1) unstable; urgency=low ]

  * New upstream release.
    + libasound2: Division by zero in pcm_rate.c when period_size->min == 0.
      Patch from John Lindgren applied upstream. Thanks! (#539454)

  [ Elimar Riesebieter ]
  * Enable AM_MAINTAINER_MODE in a way where it actually has effect.
    Thanks Lionel Elie Mamane. (#505088)
  * libasound2-dev: Don't install unneeded .la files. Bump shlibs to >> 1.0.20.
  * Added README.sources.
  * Updated changelog.ALSA and patches.

  [ Jordi Mallach ]
  * Revert .la removal after discussion with the Release Team. Instead,
    clear dependency_libs until all the depending packages have dropped the
    reverse dependency.

  [ alsa-lib (1.0.20-4) unstable; urgency=low ]

  [ Elimar Riesebieter ]
  * Conflicts: libc6-i386 (<= 2.9-18) to lib32asound2 and lib32asound2-dev as
    suggested by Aurelien Jarno. (#538835)

  [ Jordi Mallach ]
  * Update Standards-Version to 3.8.3. No changes needed.

  [ attr (1:2.4.44-2) unstable; urgency=low ]

  * Source format is 3.0 (quilt)
  * Add upstream patches
    02-fix_memory_leak_in_attr_copy_action.patch
    03-pull_in_string.h.patch
    05-eliminate_a_memory_leak.patch
    06-eliminate_a_double_free.patch
    07-fix_thinko_in_restore.patch
  * Fix debhelper-but-no-misc-depends
  * Fix out-of-date-standards-version

  [ attr (1:2.4.44-1) unstable; urgency=low ]

  * New upstream release
  * Fix out-of-date-standards-version
  * Fix copyright-refers-to-versionless-license-file
  * Update homepage in debian/control
  * Add Vcs-Git and Vcs-Browser to debian/control
  * Update download page in debian/copyright
  * Update debian/watch
  * Add automake as a build-dependency

  [ audiofile (0.2.6-8) unstable; urgency=low ]

  * Added patches:
    + [10_float_size_calculation_fix] New.
      Fix incorrect calculation of WAV sizes due to rounding errors.
      Patch thanks to Thomas Eschenbacher. #443888
  * debian/compat, debian/rules: No longer set debhelper compat level from
    rules file.
  * debian/control: Move dbg package to section debug, priority extra.
  * debian/control: Replace Source-Version substitutions with
    binary:Version.
  * debian/control: Complies with version 3.8.3 of Debian policy.
  * debian/README.source: Refer to dpatch documentation.

  [ audiofile (0.2.6-7.1) unstable; urgency=medium ]

  * Non-maintainer upload by the Security Team.
  * CVE-2008-5824: Fix buffer overflow when decompressing MS ADPCM .wav files
    (#510205).

  [ bzip2 (1.0.5-4) unstable; urgency=low ]

  [Jorge Ernesto Guevara Cuenca]
  * New co-maintainer. Jorge Ernesto Guevara Cuenca
    <jguevara@debiancolombia.org>
  * Add -h and --help options to the manual page (517257)

  [Santiago Ruano Rincón]
  * Move DEBIAN/md5sums to a macro and rewrite to be more robust using find |
    xargs and to drop the broken chmod calls. Thank to Loïc Minier from
    Ubuntu. (#565393)

  [ coreutils (8.5-1) unstable; urgency=low ]

  * New upstream version
  * kfbsd patch to work around fstat bug (from jwilk) (#573940)
  * temporarily killing tests on mipsel due to longstanding gcc bug #519006

  [ coreutils (8.4-2) unstable; urgency=low ]

  * Fix kfbsd build test problems (#569020)

  [ coreutils (8.4-1) unstable; urgency=low ]

  * New upstream version
    - fixes "Bad file descriptor" message from cp & touch (#563754)
    - tail -F won't abort when file is moved (#561481, #561854)
    - mktemp man page describes template (#548316)
  * temporarily disable tests/misc/ls-time to work around some spurious
    build failures (on btrfs)

  [ coreutils (8.1-1) unstable; urgency=low ]

  * New upstream version
    - adds nproc(1)

  [ coreutils (8.0-1) unstable; urgency=low ]

  * New upstream version
    * touch accepts leap seconds (#510347)
    * ln adds -L and -P
    * rm -rf should be faster
  * remove usr/share/info/dir in build rules (#546016)
  * replaces: timeout (#552509)

  [ coreutils (7.5-6) unstable; urgency=low ]

  * remove usr/share/info/dir.gz in build rules (#546016)
  * [83] make sure tail -f flushes initial output before waiting
    (#545422)

  [ coreutils (7.5-5) unstable; urgency=low ]

  * update standards version to 3.8.3.0 (no changes)
  * [82] fix "function not implemented" in cp -a of symlink on older
    linux kernels (#545306)

  [ coreutils (7.5-4) unstable; urgency=low ]

  * [81] fix tail -f - with inotify (#545422)

  [ coreutils (7.5-3) unstable; urgency=low ]

  * [61] update who --ips to support more ipv6 ranges (#508924)

  [ coreutils (7.5-2) unstable; urgency=low ]

  * [79] fix ls-misc build test problem if files are created world-writable
    (#544965)
  * [80] fix tail/wait build test problem on kfreebsd (#545009)
  * add -mieee to sh4 build flags (#544977)

  [ coreutils (7.5-1) unstable; urgency=low ]

  * new upstream version
    - fix ls -1 output error (#539476)
    - new program "stdbuf"
    - chroot adds --userspec and --groups
    - cp adds --reflink
    - sort adds --human-numeric-sort
    - tail --follow uses inotify
  * update package description (#535458)
  * tweak section and priority for mktemp package
  * conflict with package "timeout". I think coreutils timeout is just
    different enough that it shouldn't replace that package.

  [ cups (1.4.4-3) unstable; urgency=low ]

  [ Jamie Strandboge ]
  * debian/cups.post{inst,rm}: update for local include file
  * debian/local/apparmor-profile: add local include file

  [ Martin Pitt ]
  * debian/rules: Stop building with --enable-threads, since currenu GnuTLS
    does not work with threads. This brings back the lost SSL/TLS support.
    (#588234, #591509)
  * debian/libcups2.symbols: Readd _http{Read,Write}GNUTLS@Base symbols to
    ensure that autogenerated shlibs dependencies for libcups get tight
    enough.
  * manpage-translations.dpatch: Update German manpage translations, thanks
    Helge Kreutzmann! (#588028)
  * debian/rules: Set DPKG_GENSYMBOLS_CHECK_LEVEL to 4 to point out outdated
    .symbols files more strongly.
  * debian/libcups2.symbols, debian/libcupsimage2.symbols: Subsume private
    optional symbols into regexps.

  [ cups (1.4.4-2) unstable; urgency=low ]

  [ Till Kamppeter ]
  * debian/local/filters/pdf-filters/filter/fontembed/bitset.h,
    debian/local/filters/pdf-filters/filter/fontembed/sfnt.c,
    debian/local/filters/pdf-filters/filter/texttopdf.c: Fixed bug with
    subsetting certain composite chars (LP: #605479).
  * debian/local/acroread.conf, debian/local/pdftops.conf, debian/cups.install:
    Removed /etc/cups/acroread.conf and /etc/cups/pdftops.conf. These two files
    were used by the alternative pdftops filter from Helge Blischke. As we
    switched back to the original pdftops filter these files are not needed any
    more (LP: #605564).
  * debian/local/filters/cpdftocps: The PostScript level from the PPD file
    was not used, but always the default value "2" instead. This made Xerox
    color laser printers crash on some files. Thanks to Roel van Os for the
    patch (LP: #600972).

  [ Martin Pitt ]
  * debian/control: Reintroduce the libcupsys2{-dev} Provides:, since some
    third-party printer drivers still depend on them. (LP: #433311)
  * debian/control: Have libcups2 break older cups versions. (#588643)

  [ cups (1.4.4-1) unstable; urgency=medium ]

  [ Till Kamppeter ]
  * debian/cups.init.d: When loading kernel modules for the parallel port
    load also the "parport_pc" module (LP: #369850).
  * debian/filters/pstopdf: Fixed the problem of the UseCIEColor warning of
    Ghostscript correctly. The file format converter should not do any kind
    of color correction but simply pass the colors through (LP: #578181).
  * debian/patches/cups-deviced-allow-device-ids-with-newline.dpatch: Some
    printers have broken device IDs with newline characters inside. These
    break the cups-deviced printer discovery mechanism and so the printers
    get ignored. This patch allows newline characters in device IDs
    (LP: #468701).

  [ Martin Pitt ]
  * New upstream bug fix/security release. Therefore "medium" urgency.
    - CUPS could overwrite files as root in directories owned or writable by
      non-root users. [STR #3510, CVE-2010-2431]
    - The web interface now includes additional CSRF protection.
      [STR #3498, CVE-2010-0540]
    - The texttops filter did not check the results of allocations.
      [STR #3516, CVE-2010-0542]
    - The web admin interface could disclose the contents of memory.
      [STR #3577, CVE-2010-1748]
  * Drop select_use_after_free.dpatch: Applied upstream.
  * do-not-broadcast-with-hostnames.dpatch: Update to apply to new version.
  * debian/libcups2.symbols, debian/libcupscgi1.symbols: Update for new
    version.
  * Add support-gzipped-charmaps.dpatch: Support gzipped charset → UTF8 maps;
    they compress very well and take a lot of space.
  * debian/rules: Compress /usr/share/cups/charmaps/*.txt in cups-common.
  * debian/local/filters/pdf-filters/*: Re-enable call of setErrorFunction() on
    armel, now that poppler on arm has been fixed (see #575262)
  * debian/cups.postinst: Drop some obsolete transition code.
  * debian/cups.postinst: Some versions of cups-pdf (and perhaps other
    packages) changed the permissions of /usr/lib/cups/backend. Fix that
    during upgrade. (#582942)
  * debian/control: Drop all the transitional cupsys* packages and the
    remaining provides/conflicts/replaces on them. All packages in sid are now
    transitioned to the new package names, and Lenny already had them.

  [ cups (1.4.3-1) unstable; urgency=low ]

  [ Till Kamppeter ]
  * debian/filters/pstopdf: Use "-dUseCIEColor" for the Ghostscript call in the
    pstopdf filter, to eliminate the warning "Set UseCIEColor for
    UseDeviceIndependentColor to work properly.".

  [ Martin Pitt ]
  * New upstream bug fix release. See http://www.cups.org/articles.php?L594
    for details.
  * Drop CVE-2010-0393.dpatch, upstream now.
  * Update usb-backend-both-usblp-and-libusb.dpatch for new version.
  * select_use_after_free.dpatch: Add additional fix by Tim Waugh and Vincent
    Danen for CVE-2010-0302, and update tag header. (#572940)

  [ cups (1.4.2-10) unstable; urgency=low ]

  [ Till Kamppeter ]
  * debian/local/filters/pdf-filters/pdftopdf/P2PDoc.cxx: Output of the
    pdftopdf filter was not completely complying with the Adobe specs for PDF.
    Thanks to Duncan Lock for finding and reporting the bug and Johann Felix
    Soden for creating the patch to fix it (LP: #544636).

  [ Martin Pitt ]
  * Add no-conffile-timestamp.dpatch: Disable time stamps in conffiles, to
    avoid ever-changing files in /etc. Thanks Joey Hess!
    (Rejected upstream, STR#3067; #549673)
  * CVE-2010-0393.dpatch: Replace with patch from upstream, and tag
    header. (#572940)
  * debian/local/filters/pdf-filters/*: Disable call of setErrorFunction() on
    armel for now, since armel's libpoppler is broken. This works around
    #575262, so that cups can finally go into testing again (which is more
    than overdue).

  [ cups (1.4.2-9.1) unstable; urgency=high ]

  * Non-maintainer upload by the Security Team.
  * Fix loading of localized message string from arbitrary files
    through exporting the LOCALEDIR environment variable when lppasswd
    has a setuid bit set (CVE-2010-0393).

  [ cups (1.4.2-9) unstable; urgency=low ]

  * debian/control: Build depend on virtual libjpeg-dev package only.
    (#570381)
  * debian/cups.init.d: Fix syntax error which caused coldplug_usb_printers()
    to needlessly run udev-configure-printer for all USB devices.
  * Bump Standards-Version to 3.8.4 (no changes necesssary).
  * debian/libcupscgi1.symbols: Add new symbol from 1.4.2.
  * debian/cups.init.d: Add missing $remote_fs dependency.

  [ cups (1.4.2-8) unstable; urgency=low ]

  [ Till Kamppeter ]
  * dynamic-default-ripcache-size.dpatch: Fixed the copy of thr new function
    cupsdDefaultRIPCacheSize() which goes into the cupsfilter utility. It did
    not return its result and made cupsfilter segfaulting independent of the
    input (LP: #442283).

  [ Martin Pitt ]
  * debian/control: Update libjpeg62-dev build/binary dependency to
    libjpeg8-dev | libjpeg-dev. (#569230)
  * Acknowledge Bdale Garbee's NMU to work around bad pdftotext behaviour due
    to a bug in ttf-freefont. This has been worked around in texttopdf itself
    in the previous upload (see LP #447961). (#519643)

  [ cups (1.4.2-7) unstable; urgency=low ]

  [ Till Kamppeter ]
  * debian/local/filters/pdf-filters/filter/texttopdf.c: Workaround for
    bug in ttf-freefont which messed up the output of the texttopdf filter.
    Thanks to Hin-Tak Leung and Steve White to find this solution (LP: #447961).
  * debian/local/filters/pdf-filters/pdftopdf/P2PDoc.cxx,
    debian/local/filters/pdf-filters/pdftopdf/P2PGfx.cxx,
    debian/local/filters/pdf-filters/pdftopdf/P2PGfx.h,
    debian/local/filters/pdf-filters/pdftopdf/P2PObject.h,
    debian/local/filters/pdf-filters/pdftopdf/P2POutput.cxx: Upstream
    fix from Koji Otani for the following: (1) Fixed some memory leak;
    (2) pdftopdf now delays fetching a referenced object until when it is
    written to the output. This fixes memory hogging with N-up output
    (N pages per sheet). The fix is mainly done by (2). This fixes
    LP: #508731.

  [ Martin Pitt ]
  * manpage-translations.dpatch: Update to German manpage translations, thanks
    Helge Kreutzmann! (#502908)
  * debian/cups.postinst: Do not symlink snakeoil SSL certificate if
    server.{crt,key} already exist as broken symlinks. Thanks Andreas
    Büsching! (#554579)

  [ cups (1.4.2-6) unstable; urgency=medium ]

  [ Till Kamppeter ]
  * Urgency medium, this only fixes a highly visible crash.
  * debian/local/filters/pdf-filters/pdftopdf/P2PGfx.cxx: Fixed segfault of
    the pdftopdf filter when the input PDF file has ICC-profile-based color
    space inline images. Thanks to Koji Otani for the fix. Fixes:
    LP: #407344, LP: #466119, LP: #467919, LP: #475330, LP: #488752.

  [ Martin Pitt ]
  * debian/rules: Have a failed test suite fail the build on Ubuntu again,
    buildds were fixed. (LP: #447919)

  [ cups (1.4.2-5) unstable; urgency=low ]

  * debian/local/filters/pdf-filters/addtocups,
    debian/local/filters/pdf-filters/config-scripts/cups-pdf-filters.m4,
    debian/local/filters/pdf-filters/pdftoopvp/Makefile,
    debian/local/filters/pdf-filters/pdftoopvp/OPVPOutputDev.cxx,
    debian/local/filters/pdf-filters/pdftopdf/P2PGfx.cxx,
    debian/local/filters/pdf-filters/pdftopdf/P2PPattern.cxx: Synced
    the PDF CUPS filters with upstream. This introduces a change by Koji Otani
    to also support Poppler 0.12.2 and newer with a change in its API/ABI.
    This version compiles with both the new and the old Poppler, but it
    runs only with the Poppler with which it got compiled. This allows to
    build this package with both Ubuntu which ships the unchanged upstream
    version of Poppler 0.12.2 and Debian where the ABI changes got reverted
    by a Debian-only patch.

  [ cups (1.4.2-4) unstable; urgency=high ]

  * High urgency, since this fixes a security issue and should not block the
    already messy poppler transition any further.
  * pdftopdf, pdftoopvp: Revert patch to build against new upstream 0.12.2
    poppler ABI, since it was reverted in poppler's -2 package. Tighten build
    dependency and conflict to any libpoppler5 < 0.12.2-2 now.
    (#558906, #559038, #559094)
  * Add select_use_after_free.dpatch: Fix use-after-free segfault, causing a
    remote DoS. (STR #3200, CVE-2009-3553, #557740)

  [ cups (1.4.2-3) unstable; urgency=low ]

  * pdftopdf, pdftoopvp: Patch to build with poppler 0.12.2, which broke ABI
    without bumping SONAME or even just shlibs :-(. Thanks to Jonathan Guthrie
    for the patch! (#558755)

  [ cups (1.4.2-2) unstable; urgency=low ]

  * debian/control, debian/rules: Drop dpkg-substvars hack for poppler-utils
    dependency, since 0.12 is in Debian now. Bump poppler-utils dependency.
  * debian/rules: Don't fail the build on test suite failure on Ubuntu, since
    its buildds currently can't resolve their own hostname. (See LP#447919)
  * poppler is now built on all architectures, so cups will build on amd64,
    too. (#556359)

  [ cups (1.4.2-1) unstable; urgency=low ]

  [ Till Kamppeter ]
  * debian/patches/log-debug-history-nearly-unlimited.dpatch: Made automatic
    debug logging of failed jobs (without need of "LogLevel debug") practically
    unlimited by raising the default limit from 200 to 99999 lines.
  * debian/local/filters/pdf-filters/pdftopdf/pdftopdf.cxx: pdftopdf did
    note collate for printers when they have "Collate" and
    "cupsManualCopies:True" in the PPD. Thanks to Koji Otani from BBR Japan
    for the fix.
  * debian/local/filters/cpdftocps: Fixed turning off duplex via command line
    (http://bugs.linux-foundation.org/show_bug.cgi?id=397).
  * debian/patches/usb-backend-both-usblp-and-libusb.dpatch: Fixed a bug
    of modifying the URI of the current print queue when comparing it with
    discovered URIs. Made the USB backend also compatible with URIS generated
    by old versions of CUPS, without serial number or with "serial=?"
    (LP: #450513).
  * debian/cups.init.d: Make cold-plugging of USB printers also correctly
    work if the usblp kernel module is loaded.

  [ Martin Pitt ]
  * New upstream security/bug fix release:
    - The CUPS web interface was vulnerable to several XSS and HTTP
      header/body attacks via attribute injection (STR #3367, STR #3401,
      CVE-2009-2820; #555666)
  * Drop maintain-default-option-settings.dpatch, applied upstream.
  * Update patches to new upstream version.
  * debian/control: Drop trademark stuff from package descriptions. No other
    package does that, and it's uninteresting here. The current ones with
    "easysw" were out of date, too. (#552781)
  * Now that poppler 0.12 is in Debian, drop
    disable-pdftoopvp-with-old-poppler.dpatch and bump libpoppler-dev build
    dependency.
  * poppler now ships fofi include files, which fixes the build.
    (#552818, #552223); rebuilding against new poppler ABI fixes
    uninstallability (#552456)

  [ cups (1.4.1-5) unstable; urgency=low ]

  [ Till Kamppeter ]
  * debian/patches/do-not-broadcast-with-hostnames.dpatch: Do not use host
    names for broadcasting print queues and managing print queues broadcasted
    from other servers by default. Many networks do not have valid host names
    for all machines (LP: #449586).
  * debian/cups.postinst: Clear cache for upgrade to CUPS 1.4.x (LP: #420490).
  * usb-backend-both-usblp-and-libusb.dpatch: Removed some lines which were
    temporarily inserted for debugging.

  [ Martin Pitt ]
  * usb-backend-both-usblp-and-libusb.dpatch: Add upstream link.
  * Drop: disable-pie-mipsen.dpatch: Didn't help to fix the mipsen segfault.
  * debian/cups.postinst: Simplify structure and avoid calling invoke-rc.d in
    Till's change above.
  * Add ppdc-dynamic-linking.dpatch: Dynamically link ppdc, to work around
    segfault on mipsen. Thanks to Sune Vuorela! (#548246)

  [ Tormod Volden ]
  * debian/cups.init.d: honour blacklist when loading ppdev and lp kernel
    modules (LP: #424795)

  [ cups (1.4.1-4) unstable; urgency=low ]

  [ Till Kamppeter ]
  * debian/patches/usb-backend-both-usblp-and-libusb.dpatch: Make the USB
    backend supporting both printer access via libusb and via the usblp kernel
    module. Make it also printing via libusb if the URI for the queue was
    generated via usblp and vice versa. This should solve most USB printing
    problems which occured on the transition to CUPS 1.4.x (LP: #420015,
    LP: #436495; #546558, #545288, #545453).

  [ Martin Pitt ]
  * debian/rules: Make the USB backend run as root again, udev rules do not
    cover all printers. (LP: #420015)
  * Drop debian/blacklist-cups.conf, and remove it on upgrade. With Till's fix
    from above this is not necessary any more.

  [ cups (1.4.1-3) unstable; urgency=low ]

  * Add disable-pie-mipsen.dpatch: Disable PIE on mipsen, its binutils
    segfaults with it. (#548246)

  [ cups (1.4.1-2) unstable; urgency=low ]

  [ Till Kamppeter ]
  * debian/local/filters/cpdftocps: Double-sided printing did not work on
    PostScript printers when the "sides" command line option for "lp"/"lpr"
    was used (LP: #411392).
  * debian/patches/maintain-default-option-settings.dpatch: For options with
    an underscore (or any other allowed non-alphanumeric character) in their
    names the default settings were not conserved when the PPD got replaced
    ("lpadmin -p ... -m ...", system-config-printer, automatic PPD update
    for existing print queues). Fixes LP: #432902 and CUPS STR #3340.

  [ Martin Pitt ]
  * debian/cups.init.d: Don't actually re-trigger udev events for printer
    coldplugging, since according to Scott James Remnant this slows down boot
    and kills kittens. Instead, just call it with --dry-run and manually call
    udev-configure-printer.
  * debian/cups.init.d: Only run udevadm if udev and the callout are actually
    available. Drop udev dependency to a suggests. This unbreaks cups on
    platforms which do not have udev, such as kfreebsd. (#546922)
  * debian/cups.init.d: Drop "cupsctl RIPCache" setting. It changes our
    conffile (causing dpkg prompts on upgrade), and overwrites the admin's
    setting without warning.
  * Add dynamic-default-ripcache-size.dpatch: Replace above functionality by
    setting the internal default value of RIPCache to MemTotal/4, if not given
    in the configuration file.
  * debian/rules: Do not let the usb backend run as root in Ubuntu any more,
    since that has a recent enough udev. Still keep it for Debian.
  * debian/cups-ppdc.install: Update path for Martin-Éric's section change of
    drv manpage.

  [ Martin-Éric Racine ]
  * Add manual-section-for-drv.dpatch: Fix incorrect man section 7 -> 1 as
    reported by Lintian.

  [ cups (1.4.1-1) unstable; urgency=low ]

  [ Till Kamppeter ]
  * debian/cups.postinst: Fixed "lpstat -r" check for the auto update of
    PPDs of existing queues. "lpstat -r" exits always with status 0, we must
    check the actual output.
  * debian/cups.postinst: Updated PPD auto update, so that it works with the
    new CUPS sample driver PPDs which are dynamically generated now.

  [ Martin Pitt ]
  * New upstream bug fix release.
  * Drop patches accepted  upstream:
    - ppdc-locale-formatting.dpatch
    - usb-backend-infinite-loop-on-end-of-job.dpatch
    - dns-sd-check-typo.dpatch
  * debian/cups.preinst: Add cleanup of obsolete symlinks in /usr/share/ppd/.
    Drop cleanup from debian/cups.prerm. (#545298)
  * debian/control: Add udev dependency, since the init script calls udevadm.
    (LP: #429880)
  * debian/cups.postinst, debian/cups.init.d: Call client tools with
    "-h /var/run/cups/cups.sock" instead of "-h localhost", just in case the
    server isn't configured to listen on a TCP port.
  * dnssd-avahi.dpatch: Update to latest Fedora version, which fixes the dnssd
    backend so that it only reports devices once avahi resolution has
    completed.  This makes it report Device IDs.

  [ cups (1.4.0-5) unstable; urgency=low ]

  * Drop shlibs files and add symbols files for all libraries, to avoid too
    weak dependencies. (#545244)
  * debian/control: Tighten dependencies between server, client, and -common
    versions.

  [ cups (1.4.0-4) unstable; urgency=low ]

  Upload 1.4 to unstable.

  [ Till Kamppeter ]
  * debian/patches/usb-backend-infinite-loop-on-end-of-job.dpatch: Fixed the
    patch so that the usb backend really terminates after a job (LP: #420797).
  * debian/local/apparmor-profile: cupsd needs also to be allowed to read
    the /dev/bus/usb/ directory, given with the "/" in the end. This should
    finally fix LP: #420015.

  [ Martin Pitt ]
  * debian/control: Drop the transitional cupsys packages.
  * printer-filtering.dpatch: Fix sometimes overzealous filtering, thanks to
    Stéphane Graber!
  * debian/rules: Drop autoconf call on build again, we have a proper upstream
    release.
  * debian/cups.postinst, debian/cups.init.d: Call lpstat, lpadmin, and
    cupsctl with "-h localhost" to avoid querying network printers set up in
    /etc/cups/client.conf, and asking for passwords. Thanks to Martin-Éric
    Racine for tracking this down and the solution! (#543468)
  * debian/control: Bump Standards-Version to 3.8.3 (no changes).
  * debian/cups.postinst: Use signal names instead of numbers for trap.
    Quiesces a lintian bashism warning.
  * Add debian/README.source.
  * debian/local/filters/pdf-filters/filter/fontembed/Makefile: Build
    libfontembed with -fPIC to also work on HPPA. (#543973)
  * debian/local/filters/pdf-filters/pdftoopvp/Makefile: Don't install font
    configuration file as executable.
  * debian/cups.lintian-overrides: Update for currently installed backends.
  * debian/control: Re-add transitional cupsys packages (except the
    libraries), they are still needed for upgrades from Ubuntu 8.04. Add the
    "You can safely remove after upgrade" note to their description.

  [ cups (1.4.0-3) experimental; urgency=low ]

  [ Till Kamppeter ]
  * debian/patches/usb-backend-infinite-loop-on-end-of-job.dpatch: Fixed
    upstream bug of the new libusb-based CUPS "usb" backend falling into
    an infinite loop after completing the job, blocking the next job
    (LP: #420797).

  [ Martin Pitt ]
  * debian/local/filters/pdf-filters/pdftopdf/P2PDoc.cxx: Update for poppler
    0.11.3 API, thanks to Koji Otani <sho@bbr.jp>!
  * disable-pdftoopvp-with-old-poppler.dpatch: Revert above change when
    building with poppler 0.10.x.

  [ cups (1.4.0-2) experimental; urgency=low ]

  * Add debian/blacklist-cups.conf: Blacklist the usblp module, it's obsolete.
    CUPS uses libusb directly now. (LP: #420015, part 1)
  * debian/local/apparmor-profile: Allow cupsd to access /dev/bus/usb/.
    (LP: #420015, part 2)
  * debian/rules: Make the usb backend run as root, since /dev/bus/usb/* are
    root:root, and cups does not use the usblp kernel module any more.
    (LP: #420015, part 3)
  * disable-pdftoopvp-with-old-poppler.dpatch: Update.

  [ cups (1.4.0-1) experimental; urgency=low ]

  [ Martin Pitt ]
  * Final 1.4.0 release.
  * Add ppdc-locale-formatting.dpatch: Fix locale handling in ppdc to avoid
    broken PPD files in non-English locales. (STR#3300)

  [ Till Kamppeter ]
  * debian/control: Let the cups package only suggest cups-ppdc and not
    recommend it, as cups-ppdc is only interesting for developers.

  [ cups (1.4.0~svn8773-1) experimental; urgency=low ]

  * New upstream prerelease snapshot.
    [ Changes listed explicitly here as they are not yet available on
      www.cups.org ]
    1. accept and reject; the accept and reject commands have been
       officially renamed to cupsaccept and cupsreject. The old names are
       still supported via symlinks.
    2. cupsdisable and cupsenable; the cupsdisable command now supports a
       --hold option to stop printing after the current job and the
       cupsenable command now supports a --release option to release
       pending jobs for printing.
    3. cupsfilter; the cupsfilter program now supports filtering of
       already-queued print job files and can also run printer-specific
       filters specified in the PPD file.
    4. cupstestdsc; the cupstestdsc utility has been improved to better
       detect problems with PostScript print files.
    5. cupstestppd; the cupstestppd utility has been improved to test new
       PPD keywords and better detect impossible constraints.
    6. lpadmin; the lpadmin command now supports options to hold and
       release new jobs on a printer or all printers.
    7. lpoptions; the lpoptions command now describes custom options and
       their parameters.
    8. lppasswd; the lppasswd program is no longer installed setuid by
       default.
    9. lpstat; the lpstat command now supports a -H option to show the
       current default server and no longer slows down when a printer is
       specified.
   10. Look-n-feel; the web interface has been given a new look.
   11. PHP support; the "php-cgi" program is used, when available, to
       process PHP pages in the CUPS web interface.
   12. Printer configuration; improvements have been made to the add and
       modify printer pages.
   13. Printer options; the Set Default Options page now provides a
       "query" button that queries the default and installed options from
       the printer.
   14. Printer sharing; the "share printer" and "unshare printer" buttons
       are now only shown when printer sharing is enabled in the
       scheduler.
   15. Security; the web interface has been updated to support
       authentication for printing of test pages and RSS subscription
       operations.
   16. Server settings; the Administration page now provides access to
       common "advanced" server settings.
   17. Bonjour (DNS-SD) printing support; a new mdns backend provides
       Bonjour-based printer discovery and the ipp, lpd, and socket
       backends now support Bonjour address resolution.
   18. Bonjour (DNS-SD) perforance tuning; the scheduler now only uses a
       single file descriptor for printer sharing. It previously used one
       per printer.
   19. Bonjour (DNS-SD) web interface registry; when remote access is
       enabled, the scheduler can register the web interface for easier
       access.
   20. LPD client support; the cups-lpd mini-daemon now provides the
       document-name for print jobs and supports specification of a CUPS
       server.
   21. PWG Port Monitor MIB; the snmp backend now supports the PWG Port
       Monitor MIB to better choose the device URI to use.
   22. SNMP-based monitoring; the ipp, lpd, and socket backends now report
       supply levels and printer status using SNMP queries.
   23. IPP/2.x support; CUPS now conforms to the draft IPP/2.0 and IPP/2.1
       specifications.
   24. CUPS-Add-Modify-Printer operation; the scheduler now supports
       setting the printer-state-reasons attribute using this operation.
   25. CUPS-Get-Document operation; the scheduler now supports a "get
       document" operation to download files from a print job.
   26. Device location; the scheduler and backend discovery interface now
       support a device-location attribute.
   27. Hold-New-Jobs and Release-Held-New-Jobs operations; the scheduler
       now supports the Hold-New-Jobs and Release-Held-New-Jobs
       operations.
   28. Access control; the scheduler now supports multiple addresses in
       Allow and Deny lines. It also now returns a HTTP 403 (forbidden)
       status when a user authenticates successfully but is not allowed to
       perform an operation.
   29. Access logging; the scheduler now supports an AccessLogLevel
       directive to control what is logged in the access_log file.
   30. Configuration files; the default cupsd.conf file now provides an
       "authenticated" policy for easy authenticated sharing of printers.
   31. Default LogLevel; the default LogLevel is now "warn" instead of
       "info".
   32. Automatic debug logging; the scheduler now records up to the last N
       (default 200) debug messages for failed print jobs.
   33. Default paper size; the scheduler now supports a DefaultPaperSize
       directive to override the default paper size defined by the locale
       or libpaper configuration.
   34. Encryption support; the scheduler now supports a SSLOptions
       directive to optionally support Windows clients in "FIPS" mode. It
       also now loads both the server and CA certificates (if present)
       from the ServerCertificate file.
   35. Error logging; the scheduler now logs unsuccessful operations as
       errors in the error_log file.
   36. Error policies; the scheduler now supports a retry-current-job
       error policy that retries the current job immediately.
   37. Fatal error handling; the scheduler now supports a FatalErrors
       directive to control which startup errors should be considered
       fatal.
   38. Filter command-line; the scheduer now passes the
       job-originating-host-name attribute as a CUPS option to filters and
       backends.
   39. Filter environment; the scheduler now includes CUPS_JOBTYPE,
       PRINTER_INFO, and PRINTER_LOCATION variables in the environment
       passed to filters and backends.
   40. Job progress; the scheduler now supports a job-media-progress
       attribute to track the printing progress of each page.
   41. MIME database; MIME types now support a priority attribute to
       override the default (alphabetical) rules of precedence.
   42. Page logging; the scheduler now supports a PageLogFormat directive
       to control the format of the page_log file.
   43. PAM support; the scheduler now sets more PAM attributes to better
       support third-party authentication schemes.
   44. PDF job ticket support; the scheduler now supports cupsJobTicket
       comments at the beginning of PDF print jobs.
   45. Performance tuning; the scheduler now coalesces configuration and
       state file changes to reduce the amount of disk activity and caches
       printer attributes to further reduce startup time.
   46. Printcap support; the scheduler no longer clears the printcap file
       when shutting down, and can now create XML "plist" printcap files
       as well.
   47. RSS subscriptions; the scheduler now starts the notifier for RSS
       subscriptions after creation so the feed is available immediately.
   48. Sandbox support; the scheduler now runs child processes using
       restrictive policies on Mac OS X for improved security and job
       isolation.
   49. Test option; the scheduler now supports a test mode via the "-t"
       option.
   50. Device discovery; the cups-deviced helper now runs backends in
       parallel for faster discovery and streams the results of discovery
       as the backends provide them.
   51. Driver development kit; the CUPS DDK is now a standard part of
       CUPS.
   52. Driver information file support; the cups-driverd helper program
       now directly supports PPD compiler driver information files.
   53. Dynamic PPD support; drivers can now set PPD keywords dynamically
       using PPD: messages.
   54. Generic PostScript command filter; a new CUPS command file filter
       for PostScript printers provides auto-configuration, self-test
       page, and status and supply level reporting functions.
   55. New printer drivers; new generic PostScript and PCL drivers provide
       improved support for laser printers, the CUPS DDK drivers offer
       support for many HP DesignJet printers, and new label drivers offer
       support for Seiko and Tharo label printers.
   56. PJL support; the cupsPJLDisplay PPD attribute controls the PJL
       commands used to display the current user and job on the printer.
   57. PPD compiler improvements; the PPD compiler now supports Mac OS X
       .strings files, OID query strings, conditional directives, long
       file names, and a test mode. It also fixes many other bugs from the
       CUPS DDK 1.2.3 release.
   58. USB printer support; the usb backend now uses libusb when available
       to allow it to better work with third-party scanning and printing
       solutions.
   59. Banner filter; the bundled banner ("job-sheets") pages are now
       generated using a new banner filter provides easier customization
       and better support for UTF-8 text.
   60. Image filters; the standard image filters now support image files
       larger than 2GB.
   61. PDF filter; the pdftops filter has been replaced with a wrapper
       program that runs the Xpdf, poppler, or Ghostscript PDF to
       PostScript utilities.
   62. Backend API; a new cupsBackendReport function is provided to report
       a device from a backend and handles any needed quoting of the
       make-and-model, info, device-id, and location strings.
   63. Device discovery; the new cupsGetDevices function streams
       discovered devices to an application-provided callback function.
   64. IPP API; the IPP read and write functions no longer use a large
       stack-based buffer when reading and writing IPP attributes.
   65. PPD support; several new functions are provided: cupsGetPPD3,
       cupsResolveConflicts, ppdInstallableConflict, ppdLocalizeAttr,
       ppdLocalizeMarkerName and ppdPageSizeLimits.
   66. Side-Channel API; new cupsSideChannelSNMPGet and
       cupsSideChannelSNMPWalk functions allow printer drivers to do SNMP
       queries via the standard network backends.
   67. Streaming API; a new streaming request API provides asynchronous
       job creation and request submission.
  * debian/patches/freebsd.dpatch,
    debian/patches/manpage-typos.dpatch,
    debian/patches/search_mime_files_in_usr_share.dpatch,
    debian/patches/cupsaccept.dpatch,
    debian/patches/gnutls-pkgconfig.dpatch: Removed backport patches of upstream
    features.
  * debian/patches/testsuite-increase-wait-timeout.dpatch: Removed, fixed
    upstream.
  * debian/patches/removecvstag.dpatch,
    debian/patches/pidfile.dpatch,
    debian/patches/ppd-poll-with-client-conf.dpatch,
    debian/patches/quiesce-bonjour-warning.dpatch,
    debian/patches/rootbackends-worldreadable.dpatch,
    debian/patches/drop_unnecessary_dependencies.dpatch,
    debian/patches/reactivate_recommended_driver.dpatch,
    debian/patches/default_log_settings.dpatch,
    debian/patches/confdirperms.dpatch,
    debian/patches/printer-filtering.dpatch,
    debian/patches/ubuntu-disable-browsing.dpatch: Regenerated.
  * debian/local/backends/dnssd, debian/control, debian/cups.install,
    debian/rules: "dnssd" backend removed, DNS-SD discovery backend is now
    provided upstream.
  * debian/patches/dns-sd-check-typo.dpatch: Fixed typo in upstream code to
    check for the availability of dns_sd.h.
  * debian/patches/dnssd-avahi.dpatch: Added avahi support for the "dnssd" CUPS
    backend (patch from Fedora). CUPS' DNS-SD support does not build with the
    libdns_sd of avahi.
  * debian/patches/show-compile-command-lines.dpatch: Show compiler command
    lines in the output of the "make" process.
  * debian/control: Added libusb-dev to the build dependencies, the new USB
    printer backend uses libusb and not any more the usblp kernel module.
  * debian/control: Added libavahi-common-dev and libavahi-client-dev to
    the build dependencies, for the avahi patch for the DNS-SD support.
  * debian/control: Added new packages for the new shared libraries and also
    cups-ppdc for the PPD manipulation utilities of the former CUPS DDk. Added
    transitional package for CUPS DDK. Added Conflicts:/Replaces: as cupsddk
    is replaced by cups-ppdc and the files of cupsddk-drivers go into the
    main cups package.
  * debian/rules: Added "--enable-libusb" to the ./configure command line.
  * debian/rules: Added "--enable-avahi" to the ./configure command line.
  * debian/rules: Call autoconf, as we have an SVN snapshot currently.
  * debian/rules: Updated individual file installation and adaptation steps
    for the new CUPS version.
  * debian/libcups2-dev.install: Added new header file versioning.h.
  * debian/libcupscgi1-dev.install, debian/libcupscgi1.install,
    debian/libcupsdriver1-dev.install, debian/libcupsdriver1.install,
    debian/libcupsmime1-dev.install, debian/libcupsmime1.install,
    debian/libcupsppdc1-dev.install, debian/libcupsppdc1.install: Added install
    file lists for newly added libraries.
  * debian/cups-ppdc.install: File list for new cups-ppdc package. This package
    holds the PPD file manipulation tools which were in CUPS DDK formerly.
  * debian/cups-common.install, debian/cups.install: Updated for new CUPS
    version.
  * debian/cups.install, debian/cups-client.install, debian/cups-ppdc.install:
    Commented out lines for missing translated man pages.
  * debian/cups.postinst: Do not create the /usr/share/ppd/1-local-admin
    and /usr/share/ppd/2-third-party links. They are not needed with current
    CUPS and they also break the test procedure during package build.
  * debian/libcups2.postinst, debian/libcupsimage2.postinst: Removed no-op
    maintainer scripts.
  * debian/local/filters/pdf-filters/addtocups,
    debian/local/filters/pdf-filters/config-scripts/cups-pdf-filters.m4,
    debian/local/filters/pdf-filters/filter/texttopdf.c: Let ./configure
    script check the CUPS version so that in texttopdf.c a missing variable
    can get defined if CUPS is 1.4.x or newer.
  * debian/local/filters/pdf-filters/pdftoopvp/Makefile,
    debian/local/filters/pdf-filters/pdftopdf/Makefile: Added missing
    "unittests", "install-data", "install-headers", "install-libs",
    "install-exec", "libs", "apihelp", and "framedhelp" targets to the
    Makefiles of the PDF filters.

  [ Martin Pitt ]
  * debian/cups.install, debian/local/filters/pdf-filters/addtocups: Enable
    pdftoopvp filter.
  * Add disable-pdftoopvp-with-old-poppler.dpatch: Disable pdftoopvp if we
    build against a poppler older than 0.11, since pdftoopvp needs that new
    API. (This uses pkg-config --atleast-version in the dpatch script header.)
  * ubuntu-disable-browsing.dpatch: Restore Ubuntu check.
  * dnssd-avahi.dpatch: Add upstream bug link.
  * dnssd-avahi.dpatch: Do not error out of the dnssd backend if system D-Bus
    is not running. This unbreaks the test suite when running in a build
    environment.

  [ cups (1.3.11-2) unstable; urgency=low ]

  [ Till Kamppeter ]
  * debian/cups.init.d: Trigger udev event for all USB printers right after
    starting the CUPS daemon to run the udev callouts for the printers. This
    allows automatic print queue setup and re-enabling print queues also if
    the printer is cold-plugged (connected before CUPS and/or udev got
    started).
  * debian/cups.init.d: Set CUPS RIP cache to 1/4 of the total RAM when CUPS
    is started. This way CUPS Raster drivers get enough memory for reliable
    and quick operation even if large paper sizes with high resolutions are
    printed.
  * debian/local/filters/pdf-filters/pdftoopvp/OPVPOutputDev.cxx,
    debian/local/filters/pdf-filters/pdftoopvp/OPVPOutputDev.h,
    debian/local/filters/pdf-filters/pdftoopvp/pdftoopvp.cxx,
    debian/local/filters/pdf-filters/pdftoopvp/opvp/opvp.h,
    debian/local/filters/pdf-filters/pdftoopvp/opvp/opvp_0_2_0.h: Adapted
    pdftoopvp filter to the new API of Poppler 0.11.2. Thanks to upstream
    author Koji Otani for the patch.
  * debian/rules: Explicitly create empty file pdftoopvp/Dependencies after
    applying the PDF filters add-on as the build servers seem to not copy
    empty files.
  * debian/patches/default_log_warn.dpatch,
    debian/patches/default_log_settings.dpatch: Renamed patch for cupsd.conf
    logging settings and added "MaxLogSize 0" so that CUPS does not do its
    own log rotation, as our log rotation is much better.
  * debian/cups-bsd.postinst, debian/cups.postinst: Moved handling of
    /etc/printcap symlink from the post-install script of the cups-bsd
    package to the cups package. Should assure that the symlink gets
    also set on initial system installation (LP: #415825).
  * debian/local/filters/cpdftocps: Updated filter to not use the pdftops
    filter of CUPS, as from version 1.3.11 on CUPS' pdftops filter integrates
    the call of pstops, and in the PDF workflow this would duplicate the
    application of page management options, like N-up, even/odd pages, and
    even the number of copies for some printers (LP: #412709).

  [ Jamie Strandboge ]
  * debian/cups.postinst: reload individual cups profile, not all of apparmor
    (LP: #412745)

  [ Martin Pitt ]
  * debian/local/apparmor-profile: Allow cups-pdf to run /bin/cp.
  * debian/control: Drop smbclient to Suggests. (#542464)

  [ cyrus-sasl2 (2.1.23.dfsg1-5) unstable; urgency=low ]

  * Finish switch to db4.8 by changing db4.7-util dependency to db4.8-util
    (#562895)

  [ cyrus-sasl2 (2.1.23.dfsg1-4) unstable; urgency=low ]

  [ Fabian Fagerholm ]
  * debian/control, debian/sasl2-bin.postinst,
    debian/patches/0017_db4.8.dpatch: Bump libdb version to 4.8.
    (#556609)
  * debian/rules, debian/sasl2-bin.postinst, debian/sasl2-bin.saslauthd.init:
    No longer explicitly run stop init script on shutdown and reboot.
    (#560748)
  * debian/sasl2-bin.postinst: Don't attempt sasldb upgrade if the database
    file does not exist. (#521852)
  * debian/sasl2-bin.saslauthd.init: Fix return code comparisons.
    (#525424)
  * debian/control: Change upstream home page, this seems to be the active
    page and the old one contains less useful information.

  [ cyrus-sasl2 (2.1.23.dfsg1-3) unstable; urgency=low ]

  * Acknowledge NMU (Thanks to Christian Perrier)
  * Change package priority important -> standard, because of override
    disparity email

  [ cyrus-sasl2 (2.1.23.dfsg1-2.1) unstable; urgency=low ]

  * Non-maintainer upload.
  * Fix pending l10n issues. Debconf translations:
    - French (Odile Bénassy).  #518593

  [ cyrus-sasl2 (2.1.23.dfsg1-2) unstable; urgency=high ]

  [ Fabian Fagerholm ]
  * debian/control: Change Vcs-* fields to point to trunk.
  * debian/rules: Remove build-indep-stamp and build-arch-stamp when cleaning
    up (from Ubuntu) (#516538).
  * debian/patches/0014_avoid_pic_overwrite.dpatch: Also apply to
    lib/Makefile.am. Thanks to Amadeu A. Barbosa Jr. (#502910)

  [ Roberto C. Sanchez ]
  * Acknowledge NMU (thanks to Andreas Barth)
  * Document the sync mechanism between cyrus-sasl2 and cyrus-sasl2-heimdal.
    Urgency 'high' since current package is uninstallable.
  * Bump Standards-Version to 3.8.3 (no changes)

  [ cyrus-sasl2 (2.1.23.dfsg1-1.1) unstable; urgency=medium ]

  * Build-Depend also on mysqlclient-dev. #542904
  * Conflict cyrus-sasl2-heimdal-dbg as both packages provide the file
    /usr/lib/debug/usr/lib/sasl2/libgssapiv2.so.2.0.23 #530781

  [ dbus (1.2.24-3) unstable; urgency=medium ]

  * Add patch from upstream to fix segfaults when reloaded on kFreeBSD
    (#589662)
  * Work around FTBFS if dh-buildinfo is installed (#590594)

  [ dbus (1.2.24-2) unstable; urgency=low ]

  [ Simon McVittie ]
  * Merge from experimental
    - add separate debugging symbols (dbus-1-dbg)

  [ Michael Biebl ]
  * Switch to source format 3.0 (quilt)
    - Add debian/source/format.
    - Drop Build-Depends on quilt.
    - Remove /usr/share/cdbs/1/rules/patchsys-quilt.mk from debian/rules.
    - Remove debian/README.source.
  * debian/control
    - Bump Standards-Version to 3.9.0.
    - Use architecture wildcard linux-any for libselinux1-dev Build-Depends.
    - Use Breaks instead of Conflicts as recommended by the new policy.
    - Remove old Conflicts which is no longer relevant.
  * debian/dbus.init
    - Simplify check in start_it_up() by using the existing status action.
    - Stop restarting dependent services. It was an ugly hack anyway and if
      people want to restart dbus, they need take care of that themselves.
      (#540693, #530395)
  * debian/dbus.postinst
    - Stop restarting dbus system bus on upgrades as it breaks too many
      applications and is not supported by upstream in a sensible way.
      Instead trigger a reboot-required message using update-notifier.
      (#530000, #573386)

  [ dbus (1.2.24-1+exp1) experimental; urgency=low ]

   * Add separate debugging symbols (#550517)

  [ dbus (1.2.24-1) unstable; urgency=low ]

  * New upstream release.
    - Correctly get pointer data from DBusString when creating a syslog
      message. (#574697)
  * debian/dbus-Xsession
    - Use new "has_option" function from x11-common instead of grepping the
      option file, to avoid calling an external program. (#570480)
      Thanks to Martin Pitt for the patch.
  * debian/control
    - Add Breaks: x11-common (<< 1:7.5+4) to dbus-x11 to ensure we have a
      recent enough version with "has_option" support.
  * debian/dbus.init
    - Update LSB header: Remove runlevel 1 from Default-Stop and let killprocs
      do the job for us.
  * debian/rules
    - Update DEB_DH_INSTALLINIT_ARGS accordingly.
  * debian/dbus.postinst
    - Remove old stop symlinks from runlevel 1 on upgrades.

  [ dbus (1.2.22-1) unstable; urgency=low ]

  * New upstream release.
  * debian/patches/11_kfreebsd_kqueue_build_fix.patch
    - Removed, merged upstream.
  * debian/control
    - Drop Provides: dbus-1-utils, there is no more package depending on it.

  [ dbus (1.2.20-2) unstable; urgency=low ]

  * debian/patches/11_kfreebsd_kqueue_build_fix.patch
    - Fix kqueue implementation on GNU/kFreeBSD. (#568338)
      Thanks to Cyril Brulebois for the patch.

  [ dbus (1.2.20-1) unstable; urgency=low ]

  * New upstream release.
  * debian/control
    - Drop Build-Depends on docbook-utils, apparently no longer necessary.
    - Bump Standards-Version to 3.8.4.
  * debian/rules
    - Explicitly disable audit support so we don't accidentally pick up a
      libaudit shlib dependency.
    - Drop our workaround for the broken binutils and re-enable -pie on mips.
      (#533460)
    - Improve the way we create the symlink from /usr/lib/ → /lib by using
      readlink.
  * Remove patches:
    - debian/patches/02_dbus_monitor_no_sigint_handler.patch (fixed upstream)
    - debian/patches/20_kbsd_cmsgcred.patch (merged upstream)
    - debian/patches/30_rt-as-needed.patch (merged upstream)
  * debian/README.source
    - Add reference to the quilt patch management system documentation.

  [ directfb (1.2.10.0-4) unstable; urgency=low ]

  * Drop libmpeg3-dev build-dependency/dependency. (#507527)
  * Conflict on armel architecture only. (#584617)
  * Bump Standards-Version to 3.9.0 (no changes needed).

  [ directfb (1.2.10.0-3) unstable; urgency=low ]

  * Add missing Conflicts against libdirectfb-1.2-0 on armel architecture.
    (#576835)

  [ directfb (1.2.10.0-2) unstable; urgency=low ]

  * Keep wilcard usage to install libdirectfb. Fix kfreebsd FTBFS.

  [ directfb (1.2.10.0-1) unstable; urgency=low ]

  * Rename binary packages caused by a soname change.
  * Fix some lintian warnings.

  [ directfb (1.2.10really1.2.8-1) unstable; urgency=medium ]

  * Restore directfb 1.2.8 as 1.2.10really1.2.8 to avoid more breakage during
    libjpeg transition. (#569815)

  [ directfb (1.2.10-1) unstable; urgency=low ]

  * New upstream release.

  [ directfb (1.2.9-1) unstable; urgency=low ]

  * New upstream release.
  * Switch to dpkg-source 3.0 (quilt) format.
  * Update debian/control:
    - Remove quilt build dependency.
    - Update (build-)dependency on libjpeg62-dev to libjpeg-dev.
      (#569232)
    - Bump Standards-Version to 3.8.4 (no changes needed).
    - Fix typo in package description: "These packages". (#557502)
  * Update debian/rules:
    - Enable parallel build (pass --parallel option to dh).

  [ directfb (1.2.8-5) unstable; urgency=low ]

  * Apply patch from Samuel Thibault to fix FTBFS on non-linux ports.
    (#550889)
  * Bump Standards-Version from 3.8.0 to 3.8.2 (no changes needed).

  [ directfb (1.2.8-4) unstable; urgency=low ]

  * Add missing c64x.h include for armel.

  [ directfb (1.2.8-3) unstable; urgency=low ]

  * Add missing libdavinci_c64x library. Fix armel build.

  [ directfb (1.2.8-2) unstable; urgency=low ]

  * Use per-architecture install files. (#541662, #541705)

  [ directfb (1.2.8-1) unstable; urgency=low ]

  * New upstream release.
  * Update debian/patches/70_linux_fusion.patch to linux-fusion 8.1.1.
  * Add debian/patches:
    - 01_default_cflags.patch
      Upstream clear default CFLAGS and force -O3.
      Use default CFLAGS on Debian.
    - 02_fix_sh772x_build.patch
      Fix FTBFS on Renesas SH (sh4) because libjpeg doesn't link against sh772x
      driver. Thanks to Nobuhiro Iwamatsu. (#536314)
  * Bump debian/compat to 7.
  * Update debian/control:
    - Bump debhelper and quilt build dependencies version.
    - Add avr32 into architectures list for libsysfs-dev build dependency.
      (#528416)
    - Add sh4 into architecture list for libsysfs-dev build dependency.
      (#536315)
    - Bump Standards-Version from 3.8.0 to 3.8.2 (no changes needed).
    - Add missing ${misc:Depends}. Thanks to lintian.
    - Add debug packages: libdirectfb-1.2-0-dbg, libdirectfb-bin-dbg and
      libdirectfb-extra-dbg. (#532620)
  * Fix debian/directfb-config.1 file. Thanks to lintian.
  * Rename debian/docs to debian/libdirectfb-1.2-0.docs file.
  * Update *.install files: more verbose.
  * Replace debian/libdirectfb-extra.files by debian/libdirectfb-extra.install
    file.
  * Convert debian/rules to dh usage.
  * Add debian/source.lintian-overrides to override lintian error about avr32
    architecture.

  [ e2fsprogs (1.41.12-2) unstable; urgency=high ]

  * Allow tune2fs to set uninit_bg without requiring an fsck
  * Fix test in e2fsck to correctly check for EOFBLOCKS files
  * Fix dependencies for libuuid and libblkid (#583551)

  [ e2fsprogs (1.41.12-1) unstable; urgency=low ]

  * New upstream release
  * mke2fs now gives the correct error message if the external journal
    is device is not found
  * The resize2fs program will refuse to print the minimum size needed
    for a file system if it is not clean.
  * E2fsck now tests for extents that begin at physical block 0 and
    rejects them as invalid.
  * Fixed a bug in e2fsck which could cause it to crash when trying to
    remove an invalid extent and the block bitmaps hadn't yet been loaded.
  * E2fsck will now completely skip time-based checks if the system
    clock looks insane or if the broken_system_clock option is set
    in /etc/e2fsck.conf.  (#549861, #540152)
  * Fixed a bug in e2fsck which caused e2fsck to complain about i_blocks
    with a 4T file created using posix_fallocate()
  * E2fsck will now correctly mark a sparse journal as invalid and will
    delete and recreate the journal to address the problem.
  * Fixed e2fsck not to ask permission from the user to abort if it's
    going to abort regardless of what the user is going to say...
  * E2fsck can now continue even if it fails to recreate the resize inode
  * E2fsck will now avoid removing directory entries for inods found in
    the unused region of the inode table until after it restarts the fs
    check to avoid removing valid data.
  * E2fsck will now longer try to set the block group checksums if it
    is interrupted.
  * Mke2fs will check both the physical and logical blocksizes of a
    device to better support 4k sector drives.
  * Mke2fs will accept the valid (but rarely useful) flex_bg size of 1
  * E2fsck will check for cases where the EOFBLOCKS_FL is set whe nit is
    not needed, and offer to clear it.
  * The com_err library will now only output a CR character if the
    stderr is connected to a tty in raw mode.
  * Update Czech, Chinese, Dutch, French, Germany, Indonesian, Polish,
    and Vietnamese translations (from the Translation Project)
  * Add an fsck.ext4 symlink in the e2fsprogs-udeb package (#571247)
  * Fix makefile dependency so dpkg-buildpackage -j2 works (#563487)

  [ e2fsprogs (1.41.11-1) unstable; urgency=medium ]

  * New upstream release
  * Add Heimdal function com_right_r() to libcom_err (#558910)
  * Allow e2fsck to run even if the physical device has more than 2**32 blocks
  * Debugfs's "logdump -b <blk>" now properly shows the allocation status
    of the block <blk>.  (#564084)
  * Make e2fsck's "the filesystem is mounted" message is now more scary
    to hopefully dissuade users from thinking, "surely that message
    doesn't apply to *me*"  :-(
  * e2fsck -n will now always open the file system read-only.   We now
    disallow certain combination of options which previously were manual
    exceptions; this is bad because it causes users to think they are
    smarter than they really are.   So "-n -c", "-n -l", "-n -L", and
    "-n -D" are no longer supported.
  * If the partition is badly aligned, have mke2fs just print a warning
    message and continue.  Previously mke2fs would ask to confirm, and
    this broke distro installation scripts.
  * Fix a bug in libext2fs caused the creation of very large journals
    for ext4 to be _very_ slow.
  * E2fsck now understands the EOFBLOCKS_FL flag which will be used in
    2.6.34 kernels to make e2fsck not complain about blocks deliberately
    fallocated() beyond an inode's i_size.
  * Fix a bug in e2fsck which could cause e2fsck -D to corrupt
    non-indexed directories.  (#572453)
  * debian/rules: can be compiled statically with stack protector now.
    (#573923)
  * Update debian policy compliance to 3.8.4

  [ e2fsprogs (1.41.10-1) unstable; urgency=low ]

  * New upstream release
  * Fix resize2fs bug which causes it to access invalid memory
  * Add libss support for libreadline.so.6
  * Fix e2fsck's check for extent-mapped directory with an incorrect file type
  * Add new e2fsck.conf configuration option:
    default/broken_system_clock for system with broken CMOS hardware
    clocks.  (#559776)
  * Fix flex_bg inode table placement algorithm used by mke2fs for
    certain specific file system sizes
  * Add source lintian overrids for weak-library-dev-dependency
  * Fix FTBFS problem caused by texi2html changing (again) its output
    location.  (#552934)
  * Make e2fsck to avoid rehashing directories which can fit in a
    single directory block.
  * Fix how e2fsck fixes sparse directories which are extent-mapped.
  * Fix some big-endian bugs in e2fsck and libext2fs
  * Teach e2fsck to detect and fix sparse extent-mapped directories
  * Fix filefrag from core dumping on file systems with 8k block sizes
  * E2fsck was depending on i_size to be correct to detect and fix
    certain directory problems before actually fixing the
    directory's i_size.  This caused certain rare corruptions to
    require two runs of e2fsck to address.
  * Update Czech, Indonesian, Polish and Vietnamese translations
    (from the Translation Project)
  * Fix e2fsck to find and correct duplicate directory entries in
    non-indexed directories.
  * Add support for calling BLKDISCARD to mke2fs.
  * Enhance libext2fs so it works around bug in Linux version 2.6.19
    and earlier where the /proc/swaps file was missing the header on
    the first line.
  * Fix resize2fs so it works correctly on file systems with external journals
  * Fix libss so that it does not seg fault when using a readline
    library which does not supply a readline_shutdown() function.
  * Add a pre-depends for util-linux-ng (#551795)
  * Update and clarify various man pages.
  * Corrected dumpe2fs's usage message
  * Teach libext2fs to ignore the high 32 bits of the i_blocks field
    when huge_file file system feature is set, but the inode does not
    have the HUGE_FILE_FL flag set.
  * Change e2fsck to accept superblock times to be fudged by up to 24
    hours by default.  Most distributions have fixed their init scripts,
    but apparently now they have buggy virtualization scripts.  :-(  I
    give up, too many buggy user space set ups out there.  (#557636)
  * Fix e2fsck to correctly print > 32-bit i_blocks numbers in problem reports
  * Improve e2fsck so it prints "Illegal indirect block" instead of
    "Illegal block #-1"
  * Teach mke2fs to get device topology information from blkid and use
    it to populate the superblock stride and stripe sizes and warn if
    the block device is misaligned
  * Fix a file descriptor leak in debugfs when sourcing a command file
  * Fix a file descriptor leak in fsck
  * Round up the bitmap size to prevent spurious segmentation faults on
    BSD platforms.
  * Fix resize2fs to correctly calculate the minimum size needed, when
    flex_bg is enabled, to prevent resize2fs -M from failing.
  * Dumpe2fs now displays more information about the contents of the journal
  * Make sure the libblkid1 and libblkid1-dbg packags have changelogs
  * On low memory systems, e2fsck can print some very scary looking
    error messages.  Clean up them up to avoid user panic.  (#509529)
  * Enhance blkid to support .ko.gz files in the modules.dep parser
  * Fix tune2fs -j for mounted exted-enabled file systems
  * Use the feature name "extent" instead of "extents" in mke2fs.conf.
    Both work, but the latter is what is documented in the man page.
    (#540111)

  [ e2fsprogs (1.41.9-1) unstable; urgency=low ]

  * New upstream release
  * Fix tune2fs -I to work correctly in the face of bad blocks and
    filesystems formatted for RAID arrays, and ENOSPC errors
  * Require the user to only answer one question instead of multiple
    ones for multiple bad block group checksums, or when an inode
    table needs to be moved.
  * Fix e2fsck to handle moving inode tables in FLEX_BG filesystems more
    gracefully by looking in the entire flex_bg for space, instead of
    just in the block group; if that doesn't work, try looking for
    space in the entire filesystem.
  * Fix the filefrag code to avoid printing the extent header if it
    needs to fallback to using the FIBMAP ioctl.
  * Fix filefrag to print the correct number of extents for zero-length
    files when using FIBMAP.  (#540376)
  * Add a filefrag -B option to make it easier to debug the FIBMAP
    support.
  * Allow e2fsprogs programs to allocate from uninitalized block groups.
  * Add a new program, e2freefrag, which displays information about the
    free space fragmentation in an ext2/3/4 filesystem.
  * E2fsck will now print much fuller information when the last mount
    time or last written time is in the future, since most people can't
    seem to believe their distribution has buggy init scripts, or they
    have a failed CMOS/RTS clock battery.
  * Update French, Polish, Czech, and Sweedish translation from the
    Translation Project.
  * Enhance debugfs's 'stat' command to print basic extent information
    for extent-mapped inodes, and add a new command, 'dump_extents'
    which prints detailed information about an inode's extent tree.

  [ eglibc (2.11.2-2) unstable; urgency=medium ]

  [ Aurelien Jarno ]
  * control.in/libc: update the Conflicts on binutils to (<< 2.20.1-1)
    and add a Conflicts on binutils-gold (<< 2.20.1-11). #585937.
  * Replace patches/alpha/local-longjmp-chk.diff by upstream version
    patches/alpha/cvs-longjmp-chk.diff.
  * Add patches/any/cvs-redirect-throw.diff to fix some header files
    with regard to C++.
  * Add patches/any/cvs-flush-cache-textrels.diff to fix random crashes
    on ARM, if the executable or shared library has TEXTREL.
  * Add patches/any/cvs-__block.diff from upstream to not conflict with
    clang.
  * script.in/nohwcap.sh: consider all packages not in status "n" (not
    installed) and not in status "c" (conf-files) as installed.  
    bug#586241.

  [ Samuel Thibault ]
  * patches/hurd-i386/local-pthread_posix-option.diff: Avoid letting glibc try
    to install its own headers for libpthread.

  [ Carlos O'Donell]
  * Add patches/hppa/cvs-vfork.diff to fix stack frame creating during
    vfork in multithreaded environments.

  [ eglibc (2.11.2-1) unstable; urgency=low ]

  * New upstream stable release:
    - Remove debian/patches/amd64/submitted-cpuid.diff (merged).
    - Remove debian/patches/sh4/cvs-register_dump.diff (merged).

  [ Samuel Thibault ]
  * Add patches/hurd-i386/local-mkdir_root.diff to fix busybox' mkdir -p.

  [ Aurelien Jarno ]
  * Danish debconf translation update from Joe Hansen.  #585548.
  * Add patches/localedata/submitted-translit-colon.diff to add
    transliteration support for ₡ sign.  #585727.
  * control.in/libc: add a Breaks: on locales (<< 2.11), locales-all
    (<< 2.11).  bug#585737.
  * Add patches/any/submitted-group_member.diff to fix an off-by-one error
    in group_member().  bug#570047.
  * Update local/manpages/getconf.1.  bug#576691.

  [ eglibc (2.11.1-3) unstable; urgency=low ]

  [ Samuel Thibault ]
  * Add patches/hurd-i386/cvs-linkat.diff to fix new coreutils' ln.
  * Add patches/hurd-i386/submitted-ttyname.diff to fix io/tst-ttyname_r,
    marked as such in testsuite-checking/expected-results-i486-gnu-libc.
  * Restore patches/hurd-i386/submitted-getnprocs.diff which got lost during
    the 2.11 merge.

  [ Aurelien Jarno ]
  * Add patches/i386/local-cpuid-level2.diff to not trigger an abort
    when an i586 Intel CPU is running the i686 library, as valgrind does.
    bug#584748.
  * mips testsuite: allow failure of tst-tls3 as it is not a regression.
  * Add patches/any/submitted-string2-strcmp.diff to fix warnings in the
    testsuite on armel.
  * Add patches/alpha/submitted-syscall.diff from Mike Hommey to add support
    for 6th argument system calls on alpha.  bug#583911.
  * Temporarily add patches/i386/local-pthread_cond_wait.diff to use the C
    version of pthread_cond_wait() which uses cleanup functions to reacquire
    the mutex on cancellation (instead of unwinding for the assembly
    version).  bug#551903.

  [ eglibc (2.11.1-2) unstable; urgency=low ]

  [ Aurelien Jarno]
  * nscd.init: don't use and absolute path to call start-stop-daemon, the
    PATH variable already take care of that.
  * check-execstack.out is a new test, therefore not a regression. Mark it
    as failing in expected-results-powerpc64-linux-gnu-ppc64.
  * Update tst-ttyname_r.out error value in expected-results-i486-gnu-libc
    as part of the test is now passing.
  * Add patches/mips/cvs-mips-atomic_h.diff to fix atomic issues on MIPS.
  * Add patches/amd64/submitted-cpuid.diff to fix properly check CPU
    family and model.
  * sysdeps/i386.mk, control.in/main: switch i386 to gcc-4.4.  
    bug#583858.

  [ eglibc (2.11.1-1) unstable; urgency=low ]

  [ Clint Adams ]
  * New upstream release:
    - Fixes a house of mind attack.  bug#568488.
    - Add the fallocate64() syscall.  bug#568924.
    - Add RES_USE_DNSSEC support.  bug#569592.
    - Don't abort in getifaddrs.  bug#582383.
    - Update debian/patches/all/local-pthread-manpages.diff
    - Remove debian/patches/alpha/submitted-getsysstats.diff (merged)
    - Remove debian/patches/alpha/submitted-includes.diff (merged)
    - Remove debian/patches/alpha/submitted-lowlevellock.diff (merged)
    - Remove debian/patches/alpha/submitted-procfs_h.diff (merged)
    - Remove debian/patches/any/cvs-broken-dns.diff (merged)
    - Remove debian/patches/any/cvs-getutmpx-compat.diff (merged)
    - Remove debian/patches/any/cvs-ksm.diff (merged)
    - Remove debian/patches/any/cvs-malloc_info-output.diff (merged)
    - Remove debian/patches/any/cvs-nis-not-configured.diff (merged)
    - Remove debian/patches/any/cvs-nptl-init.diff (merged)
    - Remove debian/patches/any/cvs-resolv-edns0.diff (merged)
    - Remove debian/patches/any/cvs-resolv-init.diff (merged)
    - Remove debian/patches/any/cvs-resolv-uninitialized.diff (merged)
    - Remove debian/patches/any/cvs-resolv-v6mapped.diff (merged)
    - Remove debian/patches/any/cvs-sched_h.diff (merged)
    - Remove debian/patches/any/local-dynamic-resolvconf.diff (merged)
    - Update debian/patches/any/local-libgcc-compat-main.diff
    - Remove debian/patches/any/submitted-confname.h.diff (merged)
    - Remove debian/patches/any/submitted-getent-gshadow.diff (merged)
    - Remove debian/patches/any/submitted-getaddrinfo-nodata.diff (merged)
    - Remove debian/patches/any/submitted-gethostbyname3.diff (merged)
    - Update debian/patches/any/submitted-missing-etc-hosts.diff.
    - Remove debian/patches/arm/cvs-setjmp-longjmp-fpu.diff (merged)
    - Update debian/patches/hppa/cvs-nptl-compat.diff.
    - Update debian/patches/hppa/local-stack-grows-up.diff from
      Carlos O'Donell.
    - Remove debian/patches/hppa/submitted-pie.diff (merged)
    - Remove debian/patches/hppa/submitted-sock_nonblock.diff (merged)
    - Update debian/patches/hurd-i386/cvs-setsid.diff.
    - Remove debian/patches/hurd-i386/cvs-termios-IXANY.patch (merged)
    - Remove debian/patches/hurd-i386/submitted-getnprocs.diff (merged)
    - Update debian/patches/hurd-i386/submitted-readlinkat.diff
    - Remove debian/patches/ia64/cvs-memchr.diff (merged)
    - Remove debian/patches/ia64/submitted-memchr.diff (merged)
    - Remove debian/patches/ia64/submitted-siginfo.diff (merged)
    - Update debian/patches/kfreebsd/local-readdir_r.diff.
    - Remove debian/patches/locale/cvs-C-first_weekday.diff (merged)
    - Update debian/patches/localedata/first_weekday.diff
    - Update debian/patches/localedata/tailor-iso14651_t1.diff
    - Remove debian/patches/mips/local-lazy-eval.diff (obsolete)
    - Remove debian/patches/s390/submitted-siginfo.diff (merged)
    - testsuite-checking/expected-results-ia64-linux-gnu-libc: update
    - Update testsuite-checking/expected-results-sparc-linux-gnu-libc
    - Update testsuite-checking/expected-results-sparcv9b-linux-gnu-sparcv9b

  * Add debian/patches/alpha/local-fcntl_h.diff.
  * Add debian/patches/ia64/local-dlfptr.diff and
    debian/patches/hppa/local-dlfptr.diff from Carlos O'Donnell.
  * Add debian/patches/localedata/locale-hsb_DE.diff

  [ Aurelien Jarno ]
  * Enable multi-arch.
  * kfreebsd/local-sysdeps.diff: update to revision 3039 (from glibc-bsd).
  * Add debian/patches/alpha/local-longjmp-chk.diff and
    debian/patches/alpha/cvs-timer_settime.diff to fix FTBFS on alpha, and
    debian/patches/alpha/local-lowlevellock.diff to fix the testsuite.
  * Add debian/patches/mips/local-lowlevellock.diff to fix the testsuite
    on mips.
  * Re-enable the testsuite on mips/mipsel build daemons.
  * Add debian/patches/arm/local-atomic.diff and
    debian/patches/arm/local-lowlevellock.diff to fix the testsuite on arm.
  * Add debian/patches/hppa/local-longjmp-chk.diff to fix FTBFS on hppa.
  * Add debian/patches/hppa/local-lowlevellock.diff to fix the testsuite
    on hppa.
  * Add debian/patches/s390/cvs-makecontext.diff from upstream to fix
    makecontext() on s390.
  * Replace debian/patches/submitted/cvs-stat-issock.diff by the upstream patch
    debian/patches/any/cvs-stat-issock.diff.
  * Explictely call /sbin/start-stop-daemon in nscd.init.  bug#575404.
  * Add debian/patches/any/cvs-getaddrinfo.diff from upstream to not abort
    the getaddrinfo loop on the first successful.
  * Add debian/patches/any/cvs-umount-nofollow.diff from upstream to define
    UMOUNT_NOFOLLOW.
  * Add debian/patches/any/cvs-glob.diff from upstream to fix glob() with empty
    pattern.
  * Add debian/patches/submitted-tst-audit6-avx.diff to skip AVX tests if if
    AVX is not available.
  * Allow failures of the testsuite on HPPA until bugs are fixed:
    - tstdiomisc.out (due to bug #582787 on gcc-4.4)
    - tst-fork1.out (due to bug #561203 on linux-2.6)
  * Add debian/patches/sh4/cvs-register_dump.diff from upstream to fix
    iov[] size register-dump.h.
  * Add debian/patches/hurd-i386/submitted-regex_internal.diff to fix FTBFS on
    hurd-i386.

  [ Samuel Thibault ]
  * debian/patches/hurd-i386/submitted-rtld_lock_recursive.diff: New patch to
    fix elf/ build on hurd-i386.
  * debian/patches/hurd-i386/local-longjmp_chk.diff: New patch to fix
    debug/____longjmp_chk.S build on hurd-i386.
  * Update debian/patches/hurd-i386/local-pthread.diff.
  * Update debian/testsuite-checking/expected-results-i486-gnu-libc.

  [ Petr Salinger]
  * define __rtld_lock_initialize also in linuxthreads <bits/libc-lock.h>
    variant (enhance local-linuxthreads-weak.diff).
  * allow failure of tst-longjmp_chk.out on GNU/kFreeBSD
  * Add kfreebsd/local-dosavesse.diff, which does not work,
    so rather use also added kfreebsd/local-nosavesse.diff

  [ eglibc (2.10.2-9) unstable; urgency=low ]

  [ Aurelien Jarno ]
  * Add powerpcspe port support. #579778.

  [ Petr Salinger ]
  * kfreebsd/local-sysdeps.diff: update to revision 3038 (from glibc-bsd).
    #581545.

  [ Aurelien Jarno ]
  * debian/control.in/libc: don't make libc0.1/0.3/6/6.1 depends on
    ${misc:Depends} as suggested by lintian, as it is turned out into a
    debconf depends.  #581835.
  * debian/debhelper.in/nscd.init: stop supporting the reload argument.
    #578870.
  * debian/script.in/nsscheck.sh: correctly detect stopped and running
    services. #573247, #575868.
  * debian/patches/mips/submitted-rld_map.diff: don't segfault for MIPS
    binaries with RLD_MAP set to 0. #579917.
  * Add debian/source/format and debian/source/lintian-overrides files.

  [ eglibc (2.10.2-8) unstable; urgency=low ]

  [ Petr Salinger ]
  * kfreebsd/local-sysdeps.diff: update to revision 3036 (from glibc-bsd).

  [ Clint Adams ]
  * Spanish debconf translation update from Omar Campagne Polaino.
    #579351.
  * Add patches/arm/cvs-setjmp-longjmp-fpu.diff.  #580529
    ("setjmp/longjmp broken on ARM w/ FPU").

  [ eglibc (2.10.2-7) unstable; urgency=low ]

  [ Samuel Thibault ]
  * patches/hurd-i386/local-pthread.diff: Refresh patch.
  * Update debian/testsuite-checking/expected-results-i486-gnu-libc.
  * patches/hurd-i386/cvs-setsid.diff: Update to git version.
  * patches/hurd-i386/local-locarchive.diff: New patch to fix installation of
    locales-all.
  * patches/hurd-i386/cvs-remove.diff: New upstream patch to fix remove()
    on directory on non-Linux ports.

  [ Aurelien Jarno ]
  * debian/control.in/*: add ${misc:Depends} to all binary packages.
  * debian/*symbols*: simplify symbol files by using the new #PACKAGE#
    feature.
  * Bump to Standards-Version 3.8.4.
  * Update patches/alpha/submitted-sock_nonblock.diff to also fix
    SOCK_CLOEXEC.  #569646.
  * Update patches/hppa/submitted-sock_nonblock.diff to also fix
    SOCK_CLOEXEC.
  * Add patches/any/submitted-stat-issock.diff to define the S_ISSOCK
    macro starting with POSIX 2001.  #569517.
  * scripts.in/nsscheck.sh: remove non-breaking space.  #569701.
  * rules.d/debhelper.mk: remove obsolete comment.  #570946.
  * Replace patches/sparc/local-sparcv9-memchr.diff by
    patches/sparc/cvs-sparcv9-memchr.diff.
  * Add patches/sparc/submitted-msgrcv.diff to fix msgrcv() on sparc64,
    and with it fakeroot.
  * Add patches/any/submitted-nptl-invalid-td.patch to also catch
    uninitialized thread descriptors in INVALID_TD_P macro.  
    #571639.
  * Fix lang_ab field in es_CR locales.  #571755.

  [ Petr Salinger]
  * kfreebsd/local-sysdeps.diff: update to revision 3034 (from glibc-bsd).
  * any/local-linuxthreads-stacksize.diff: New patch to restrict
    max stack size in threads

  [ Clint Adams ]
  * Add any/local-gai-rfc1918-scope-global.patch.  #468801.

  [ eglibc (2.10.2-6) unstable; urgency=low ]

  [ Aurelien Jarno ]
  * kfreebsd/local-sysdeps.diff: update to revision 2957 (from glibc-bsd).
  * Don't run the testsuite in parallel, as it sometimes causes some failures
    in some tests.
  * Add patches/any/cvs-malloc_info-init.diff to fix malloc_info() with no
    malloc() done.  #562679.
  * Add patches/sh4/submitted-set_fpscr.diff to add __set_fpscr() prototype.
    #565369.
  * debian/rules.d/build.mk: Add --with-pkgversion and --with-bugurl
    arguments.
  * Add patches/ia64/submitted-memchr.diff to fix memchr() overshoot on ia64.
    #563882
  * Add patches/any/submitted-leading-zero-stack-guard.diff and
    patches/any/submitted-stack-guard-quick-randomization.diff from Ubuntu and
    Fedora to improve stack randomisation.  #568488.
  * Update es_CR locale from Marcelo Magallon.  #567351.
  * debian/script.in/nsscheck.sh: Only restart services that are currently
    running.  #528755.
  * Move locales and locales-all to section localization.  #568753.

  [ Samuel Thibault ]
  * patches/hurd-i386/local-pthread.diff: New hurd-only patch to provide
    LIBPTHREAD_SO and disable nscd.
  * patches/hurd-i386/local-pthread_posix-option.diff: Tell glibc Makefiles that
    we have a libpthread.
  * testsuite-checking/expected-results-i486-linux-gnu-libc: Update results.
  * patches/hurd-i386/submitted-posix_opt.h.diff: Update.
  * patches/hurd-i386/submitted-sysvshm.diff: Resync.
  * patches/hurd-i386/submitted-net.diff: New patch to factorize net/ files
    between Linux and Hurd.
  * patches/hurd-i386/submitted-getnprocs.diff: New patch to add get_nprocs()
    and such weak aliases.

  [ eglibc (2.10.2-5) unstable; urgency=low ]

  [ Petr Salinger]
  * Update kfreebsd/local-no-SOCK_NONBLOCK.diff to cvs-resolv-* changes.
    Move it into any/local-no-SOCK_NONBLOCK.diff, as it is used also on hurd.
    #564008.

  [ Samuel Thibault ]
  * patches/hurd-i386/submitted-posix_opt.h.diff: New patch to update standard
    macros in posix_opt.h.
  * patches/hurd-i386/local-pthread_posix-option.diff: Refresh and update
    standard macros in posix_opt.h.
  * patches/hurd-i386/submitted-sysvshm.diff: Add standard macro _XOPEN_SHM in
    posix_opt.h.
  * patches/hurd-i386/local-tls-support.diff: Use kern_return_t instead of
    error_t to avoid a dependency on a GNU-specific type.
  * patches/hurd-i386/submitted-getcwd.diff: renamed to cvs-getcwd.diff since
    merged upstream.
  * patches/hurd-i386/submitted-setsid.diff: renamed to cvs-setsid.diff since
    merged upstream.

  [ Aurelien Jarno ]
  * Fix sparc64 build.

  [ eglibc (2.10.2-4) unstable; urgency=low ]

  [ Samuel Thibault ]
  * testsuite-checking/expected-results-i486-linux-gnu-libc: Add
    tst-atime.out failure.

  [ Aurelien Jarno ]
  * Also build a libc6-sparcv9b package on sparc64.
  * Disable debian/patches/any/cvs-futimens.diff. Addresses: #563726,
    #563754.
  * Add debian/patches/localedata/locale-et_EE.diff to change weekday
    and workday to Monday.  #563636.
  * Add debian/patches/any/cvs-resolv-init.diff to fix mixing IPv4 and
    IPv6 name server in resolv.conf.
  * Add debian/patches/any/cvs-resolv-uninitialized.diff to fix an
    uninitialized variable in resolv code.
  * Add debian/patches/any/cvs-resolv-bindv6only.diff to not use
    IPV4-mapped addresses in the resolver code.  #563552.
  * Add debian/patches/any/cvs-resolv-edns0.diff to handle overly large
    answer buffers in resolver.
  * Add debian/patches/any/cvs-resolv-v6mapped.diff to fix lookup failure
    with IPv6 mapping enabled and big answers.  #558984.
  * Add debian/patches/any/submitted-nis-shadow.diff to remove encrypted
    passwords from passwd entries, and add them in shadow entries.
    #560333.

  [ Petr Salinger]
  * kfreebsd/local-sysdeps.diff: update to revision 2907 (from glibc-bsd).

  [ eglibc (2.10.2-3) unstable; urgency=low ]

  [ Aurelien Jarno ]
  * Update from the latest SVN, branch eglibc-2_11:
    - Remove any/cvs-malloc-check.diff (merged upstream).
  * debhelper.in/libc.postinst: also restart incron on upgrade.  
    #557801.
  * debhelper.in/libc.postinst: restart the services instead of stopping
    them and then starting them again.  #211784.
  * Use gcc/g++-4.4 on hppa, hurd-i386, mips and mipsel.
  * Mention EGLIBC in packages description.  #559121.
  * Add support for sparc64 architecture.
  * debian/sysdeps/mips.mk, debian/sysdeps/mipsel.mk: remove hack to support
    buildds kernels now that they have been upgraded.
  * debian/control.in/main: add a Homepage: pseudo header.  #561034.
  * debian/local/manpages/gai.conf.5: fix a typo.  #560144.
  * Replace debian/any/submitted-nis-not-configured.diff by upstream patch
    debian/any/cvs-nis-not-configured.diff.
  * Add debian/patches/any/local-ntp-update.diff to partially update the NTP
    API, backported from upstream.  #559482.
  * Add debian/patches/any/cvs-malloc_info-output.diff from upstream to fix
    malloc_info() output.  #562678.
  * Add debian/patches/any/cvs-futimens.diff from upstream to correctly handle
    AT_FDCWD in futimens().

  [ Samuel Thibault ]
  * testsuite-checking/expected-results-i486-linux-gnu-libc: Add hurd-i386
    testsuite results.
  * sysdeps/hurd.mk: Enable testsuite.
  * patches/hurd-i386/submitted-getcwd.diff: Add patch to fix duplicate port
    deallocation.
  * patches/hurd-i386/submitted-setsid.diff: Add patch to fix bogus port
    deallocation.

  [ Petr Salinger]
  * kfreebsd/local-sysdeps.diff: update to revision 2904 (from glibc-bsd).

  [ eglibc (2.10.2-2) unstable; urgency=low ]

  [ Carlos O'Donell]
  * debian/patches/hppa/cvs-nptl-compat.diff: new version to fix
    pthread structures alignment on hppa.

  [ Aurelien Jarno ]
  * debian/control: bump libc-bin breaks on libc0.1/0.3/6/6.1 to (<< 2.10).
    #556945.
  * patches/localedata/submitted-pt_BR.diff: new patch to fix the thousand
    separator on pt_BR locale.  #474479.
  * debhelper.in/locales.postinst: if an selected entry is present more than
    once, only uncomment the first one.  #529368.
  * patches/any/submitted-gethostbyname3.diff: return an error if the
    nameserver timeouts.  #499781.

  [ eglibc (2.10.2-1) unstable; urgency=low ]

  [ Aurelien Jarno ]
  * New upstream minor release.
    - fix build timeout on SH4.  #552407.
    - disabled patches/svn-updates.diff.
    - remove patches/powerpc/cvs-readahead.diff (merged).
    - remove patches/any/submitted-libgcc_s.so.diff (merged).
    - remove patches/any/cvs-preadv-pwritev.diff (merged).
    - remove patches/any/cvs-getaddrinfo-nss-notfound.diff (merged).
  * patches/ia64/cvs-memchr.diff: new patch from upstream replacing
    patches/ia64/submitted-memchr.diff.
  * patches/any/cvs-malloc-check.diff: new patch from upstream to fix bugs
    with MALLOC_CHECK.  #557158.
  * patches/any/cvs-ksm.diff: add support to KSM, define MADV_MERGEABLE and
    MADV_UNMERGEABLE. #556631.
  * Replace patches/locale/fix-C-first_weekday.diff by upstream version
    patches/locale/cvs-C-first_weekday.diff.  #556884.
  * rules.d/debhelper.mk: don't use --strip-unneeded when stripping .o
    objects.  #556951.
  * patches/any/submitted-bits-fcntl_h-at.diff: new patch to move AT_*
    constants from <fcntl.h> to <bits/fcntl.h>. #555303.
  * Replace patches/any/submitted-sched_h.2.diff by upstream version
    patches/any/cvs-sched_h.diff.
  * Use gcc/g++-4.4 on sparc.
  * patches/any/submitted-nis-not-configured.diff: fix getaddrinfo() if
    NIS is not configured. Fixes CVE-2010-0015.  #556600.
  * patches/any/submitted-getaddrinfo-nodata.diff: new patch from Michael
    Stone to fix getaddrinfo() if a plugin returns TRY_AGAIN or NO_DATA.
    #557596.

  [ Carlos O'Donell]
  * patches/hppa/local-stack-grows-up.diff: new version.

  [ Petr Salinger]
  * kfreebsd/local-sysdeps.diff: update to revision 2859 (from glibc-bsd).
    #557248.

  [ eglibc (2.10.1-7) unstable; urgency=low ]

  [ Aurelien Jarno ]
  * patches/all/local-ldd.diff: new patch to handle the case where ld.so is
    not executable (wrong architecture), and always trace dynamic library
    dependencies through the dynamic linker.  #502189,
    #552518, #499016.
  * Strip *.o files manually (dh_strip does not do it) to prevent
    leakage of the build directory (has been lost in a merge).
  * script.in/nsscheck.sh: fix call to invoke-rc.d.  #555463.
  * patches/ia64/submitted-memchr.diff: fix memchr() when data is shorter
    than software pipeline.
  * Bump to Standards-Version 3.8.3.
  * Re-enable PIE on mips and build-depends on binutils (>= 2.20-3).
  * Build-depends on g++-4.4 (>= 4.4.2-2) and use gcc-4.4 on armel.
  * libc-bin-dev: recommends manpages-dev.  #485608.
  * Generate /usr/lib{,32,64}/gconv/gconv-modules.cache at build time
    instead of during package installation. #548042.
  * debhelper.in/locales-all.prerm: remove /usr/lib/locale on removal, to
    make puiparts happy.

  [ Carlos O'Donell]
  * patches/hppa/local-stack-grows-up.diff: fix pthread stack related
    functions when the stack grows up.  #553722.

  [ eglibc (2.10.1-6) unstable; urgency=high ]

  [ Aurelien Jarno ]
  * Don't ask to stop gdm before an upgrade, but run reload in the postint
    #553362.
  * patches/powerpc/cvs-readahead.diff: fix readahead on PowerPC.
  * patches/any/cvs-preadv-pwritev.diff: fix preadv, pwritev and fallocate
    for-D_FILE_OFFSET_BITS=64.  #554608.
  * patches/any/submitted-sched_h.2.diff: allow const argument to CPU_ISSET()
    #554901.
  * kfreebsd/local-sysdeps.diff: update to revision 2819 (from glibc-bsd).
  * patches/any/submitted-etc-resolv.conf.diff: also handle case when the file
    is present, but a nameserver entry is missing.  #552010.

  [ eglibc (2.10.1-5) unstable; urgency=low ]

  [ Samuel Thibault ]
  * patches/hurd-i386/local-disable-ioctls.diff: New patch to disable some
    non-working ioctls.
  * patches/hurd-i386/local-pthread_types.diff: Fix path typo.

  [ Aurelien Jarno ]
  * Move xz-utils to Build-Depends from Build-Depends-Indep.

  [ eglibc (2.10.1-4) unstable; urgency=low ]

  [ Aurelien Jarno ]
  * patches/any/submitted-localedef-mmap.diff: new patch to cope with
    different mmap alignment restrictions between MMAP_SHARED and
    MMAP_PRIVATE. On SPARC64, MMAP_SHARED implies a 16kB alignment (L1
    D-Cache size), while MMAP_PRIVATE implies a 8kB alignment (page
    size).  #552233.
  * patches/any/submitted-confname.h.diff: new patch to fix build of
    bits/confname.h with -pedantic-errors.  #552819.
  * kfreebsd/local-sysdeps.diff: update to revision 2817 (from glibc-bsd).
    Fixes <netinet/icmp6.h>.  #552138.
  * Disable PIE on MIPS/MIPSEL.
  * Replace patches/s390/submitted-getutmpx.diff by upstream version
    (patches/any/cvs-getutmpx-compat.diff).
  * Don't include debian/ and stamp-dir/ in eglibc source tarball.  
    #553053.
  * Switch to the more common xz format from lzma for eglibc-source
    tarball.

  [ eglibc (2.10.1-3) unstable; urgency=low ]

  [ Samuel Thibault ]
  * patches/hurd-i386/local-bigmem.diff: Fix patch.

  [ Aurelien Jarno ]
  * patches/s390/submitted-getutmpx.diff: new patch to fix getutmpx() on
    s390.  #544838.
  * patches/any/submitted-missing-etc-resolv.conf.diff: new patch to fix
    name resolution with empty or missing /etc/resolv.conf.  
    #552453.
  * debian/sysdeps/i386.mk: build with gcc-4.3 on i386.  #551903.

  [ eglibc (2.10.1-2) unstable; urgency=low ]

  [ Petr Salinger ]
  * kfreebsd/local-sysdeps.diff: update to revision 2806 (from glibc-bsd).
  * Drop kfreebsd/local-sysdeps-2.10.diff (merged in local-sysdeps.diff).

  [ Samuel Thibault ]
  * patches/hurd-i386/local-bigmem.diff: New patch to fix dl.so crash when
    running on GNU Mach with VM_MAX_ADDRESS < 0xc0000000.

  [ Aurelien Jarno ]
  * patches/any/submitted-missing-etc-hosts.diff: return HOST_NOT_FOUND
    instead of NO_DATA.  #551622, #551760, #551879, #552010.
  * Restart NSS related services after upgrade. #551971, #551885.
  * testsuite-checking/*kfreebsd*: the *at syscalls emulation is not
    working under all conditions, allow failure of related tests. That
    should be removed after switching to kernel 8.0.

  [ eglibc (2.10.1-1) unstable; urgency=low ]

  [ Aurelien Jarno ]
  * New upstream release.
    - Fix C++ declaration of string functions.  #496763.
    - Add Handling for group shadow files.  #519479.
    - Use AT_RANDOM for randomized stack protector value.  
      #533077.
    - don't trigger assertion on __pthread_mutex_lock anymore.  
      #479952.
    - Fix week specifier in en_GB.  #511474.
    - Update sys/timex.h.  #550857.
    - debian/copyright, debian/*symbols*, debian/shlibver,
      debian/locales-depver, debian/debhelper.in/*.lintian: upgrade
      to 2.10.
    - alpha has been moved to ports, update debian/sysdeps/alpha.mk and
      debian/patches/alpha/* accordingly.
    - Remove debian/patches/arm/submitted-setjmp.diff (merged).
    - Remove debian/patches/arm/submitted-fpu_control_h.diff (merged).
    - Remove debian/patches/hppa/cvs-tsd.diff (merged).
    - Remove debian/patches/hppa/cvs-nptl.diff (merged).
    - Remove debian/patches/hurd-i386/cvs-resource-prio.diff (merged).
    - Remove debian/patches/hurd-i386/cvs-hurdsig-fix.diff (merged).
    - Remove debian/patches/hurd-i386/cvs-net-headers.diff (merged).
    - Remove debian/patches/hurd-i386/cvs-report-wait-fix.diff (merged).
    - Remove debian/patches/hurd-i386/cvs-get_pc_thunk.diff (merged).
    - Remove debian/patches/hurd-i386/cvs-strerror_l.diff (merged).
    - Remove debian/patches/hurd-i386/cvs-rtld.diff (merged).
    - Update debian/patches/hurd-i386/local-tls-support.diff.
    - Update debian/patches/hurd-i386/submitted-extern_inline.diff.
    - Update debian/patches/hurd-i386/local-atomic-no-multiple_threads.diff.
    - Remove debian/patches/mips/cvs-context.diff (merged).
    - Remove debian/patches/sparc/cvs-siginfo.diff (merged).
    - Remove debian/patches/all/submitted-readme-version.diff (merged).
    - Remove debian/patches/any/submitted-install-map-files.diff (merged).
    - Remove debian/patches/any/cvs-pthread_h.diff (merged).
    - Remove debian/patches/any/local-bashisms.diff (merged).
    - Remove debian/patches/any/cvs-bz7058-nss_nss-nis.diff (merged).
    - Remove debian/patches/any/cvs-iconv-utf16.diff (merged).
    - Remove debian/patches/any/submitted-cross-zic.diff (merged).
    - Remove debian/patches/any/cvs-binutils_2.20.diff (merged).
    - Remove debian/patches/any/submitted-nss-nsswitch.diff (merged).
    - Remove debian/patches/any/cvs-bz9706-nss_nss-files_files-parse.diff
      (merged).
    - Update debian/patches/any/cvs-broken-dns.diff.
    - Remove debian/patches/any/cvs-bz9697-posix-regcomp.diff (merged).
    - Remove debian/patches/any/cvs-bz697-posix-regexec.diff (merged).
    - Remove debian/patches/any/submitted-broken-dns.diff (merged).
    - Remove debian/patches/any/submitted-mount_h.diff (merged).
    - Update debian/patches/any/submitted-futex_robust_pi.diff.
    - Update debian/patches/any/local-dynamic-resolvconf.diff.
    - Update debian/patches/any/local-libgcc-compat-main.diff.
    - Update debian/patches/any/local-libgcc-compat-ports.diff.
    - Update debian/patches/any/local-no-pagesize.diff.
    - Remove debian/patches/any/submitted-date-and-unknown-tz.diff (merged).
    - Remove debian/patches/any/cvs-sunrpc-license.diff (merged).
    - Remove debian/patches/any/submitted-tst-cpucount.diff (merged).
    - Remove debian/patches/any/submitted-signalfd-eventfd.diff (merged).
    - Remove debian/patches/any/cvs-unsetenv.diff (merged).
    - Remove debian/patches/localedata/mt_MT_euro.diff (merged).
    - Remove debian/patches/localedata/submitted-bz9731-el_CY_euro.diff
      (merged).
    - Remove debian/patches/localedata/sk_SK_euro.diff (merged).
    - Remove debian/patches/localedata/submitted-bz9730-locale-sv_FI.diff
      (merged).
    - Remove debian/patches/localedata/cvs-el_CY-el_GR-frac_digits.diff
      (merged).
    - Update debian/patches/localedata/sort-UTF8-first.diff.
    - Update debian/patches/localedata/fr_CA-first_weekday.diff
    - Update debian/patches/localedata/fr_BE-first_weekday.diff
    - Update debian/patches/localedata/cy_GB-first_weekday.diff
    - Remove debian/patches/localedata/submitted-bz9835-en_GB-first_day.diff
      (merged).
    - Update debian/patches/localedata/first_weekday.diff
    - Update debian/patches/localedata/fr_LU-first_weekday.diff
    - Update debian/patches/localedata/fr_CH-first_weekday.diff
    - Remove debian/patches/sh4/cvs-headers-update.diff (merged).
    - Remove debian/patches/any/local-revert-3270.diff (fixed upstream).
  * Remove localedata/locale-fr_FR.diff as coreutils has been fixed.
  * Add debian/patches/any/submitted-autotools.diff to update config.guess
    and config.sub.
  * Remove debian/patches/powerpc/local-sysconf.diff, as it only concerns
    kernel that are not supported anymore.
  * Add debian/patches/ia64/submitted-sysconf.diff to fix sysconf() on ia64.
  * Add debian/patches/alpha/submitted-getsysstats.diff,
    debian/patches/alpha/submitted-includes.diff and
    debian/patches/alpha/submitted-lowlevellock.diff to partially fix FTBFS
    on alpha.
  * Add debian/patches/any/local-linuxthreads-unwind.diff to fix exception
    handling with linuxthreads.
  * Add debian/patches/any/cvs-nptl-init.diff to allow overwriting
    architectures init.c in csu and nptl individually.
  * Add debian/patches/any/submitted-accept4-hidden.diff to fix build
    on non Linux architectures.
  * Add debian/patches/kfreebsd/local-sysdeps-2.10.diff to update sysdeps
    for glibc 2.10 on GNU/kFreeBSD.
  * Add debian/patches/alpha/submitted-rtld-fPIC.diff to fix build on alpha.
  * Add debian/patches/any/submitted-getent-gshadow.diff to add gshadow
    support to getent.
  * debian/rules.d/tarball.mk: store the checkout revision in the tarball
    (file .svn-revision).
  * debian/rules.d/tarball.mk: add an "update-from-upstream-svn" rule to
    automatically update debian/patches/svn-updates.diff.
  * patches/ia64/submitted-libm.diff: new patch to fix errors in the
    math testsuite on ia64.
  * Use gcc 4.4 by default, except on armel, hppa, mips, mipsel, sparc and
    hurd-i386.
  * Update to upstream revision 8758.
  * patches/any/submitted-missing-etc-hosts.diff: new patch from Steve
    Langasek to treat a missing /etc/hosts as a simple "not found", not as
    an internal error.  bug#539950.
  * libc.postinst: only call telinit on Linux as originally.
  * Fix package name in alpha/ia64 private symbols versioning.
  * Add patches/sparc/local-sparcv9-memchr.diff to fix test-memchr.

  [ Petr Salinger ]
  * Add kfreebsd/local-no-SOCK_NONBLOCK.diff to fix build on GNU/kFreeBSD.

  [ Samuel Thibault ]
  * Add debian/patches/hurd-i386/local-_dl_random.diff to fix build on
    hurd-i386.
  * Add debian/patches/hurd-i386/local-unwind-resume.diff to fix build on
    hurd-i386.
  * Fix debian/patches/hurd-i386/local-tls-support.diff to align up includes
    on Linux, to fix build.

  [ Carlos O'Donell ]
  * Add hppa/cvs-nptl-compat.diff to keep ABI compatibility between
    linuxthreads and NPTL on HPPA.
  * sysdeps/hppa.mk: switch to NPTL. bug#538513.
  * testsuite-checking/expected-results-hppa-linux-gnu-libc: update.

  [ eglibc (2.9-27) unstable; urgency=low ]

  [ Aurelien Jarno ]
  * Extend description of libc-bin, patch by Christoph Berg. 
    bug#544389.
  * Strip *.o files manually (dh_strip does not do it) to prevent
    leakage of the build directory.
  * libc.postinst: re-add "telinit u", removed by accident in version
    2.9-24. bug#545179.
  * nscd.init: set PATH to "/sbin:/usr/sbin:/bin:/usr/bin". 
    bug#544942.
  * nscd.conf.5: add documentation for max-db-size and auto-propagate
    options. bug#544544.
  * Merge from the multiarch branch:
    - allow to specify libdir and slibdir also for the main flavor.
    - use real dependencies between the build_* and binaryinst_*
      targets.
    - simplify clean target.
  * Set the minimum kernel version to 6.0.0 for biarch library on
    kfreebsd-amd64 to match the main library.
  * alpha/submitted-sock_nonblock.diff: adjust patch location (alpha is
    still a main architecture in glibc 2.9). bug#540871.

  [ Samuel Thibault ]
  * debian/debhelper.in/libc.install: Install libc/*-gnu*/ instead of
    libc/*-*-gnu*/, to fix FTBFS on hurd-i386 due to it now being i486-gnu/.
  * debian/patches/hurd-i386/submitted-null-pathname.diff: New patch to fix
    chdir("") and chroot("") into returning ENOENT.
  * debian/patches/hurd-i386/submitted-sbrk.diff: New patch to fix sbrk beyond
    128MB.
  * debian/patches/hurd-i386/local-thread-cancel.diff: New patch to fix ext2fs
    crash.
  * debian/patches/hurd-i386/submitted-readlinkat.diff: New patch to add
    support for readlinkat(), to fix insserv build.
  * debian/patches/hurd-i386/cvs-termios-IXANY.patch: New patch to
    define IXANY in XOpen environment too, to fix libgphoto2 build.
  * debian/patches/hurd-i386/submitted-SOL_IP.patch: New patch to add SOL_IP
    definition, to fix directfb build.

  [ Petr Salinger ]
  * kfreebsd/local-sysdeps.diff: update to revision 2779 (from glibc-bsd).

  [ Clint Adams ]
  * debian/rules.d/debhelper.mk: make sure that snippets are included
    before doing CURRENT_VER substitution; fix thanks to Steve
    Langasek.
  * Bump to Standards-Version 3.8.3.

  [ eglibc (2.9-26) unstable; urgency=low ]

  [ Aurelien Jarno ]
  * alpha/submitted-sock_nonblock.diff, hppa/submitted-sock_nonblock.diff:
    create the files at the correct location. bug#540871.
  * Use the full triplet for optimized and biarch packages.
  * cvs-unsetenv.diff: new patch to not segfault in unsetenv() if run after
    clearenv().

  [ Samuel Thibault ]
  * Convert config_os' gnu-gnu into gnu to fix multiarch paths.

  [ Petr Salinger ]
  * kfreebsd/local-sysdeps.diff: update to revision 2744 (from glibc-bsd).
  * any/local-linuxthreads-kill_other.diff, fixes ruby 1.9 testsuite failure

  [ eglibc (2.9-25) unstable; urgency=low ]

  * Remove Ben Collins <bcollins@debian.org> from the uploaders (
    bug#540901).
  * Recommends libc6-i686 on i386 and libc0.1-i686 on kfreebsd-i386
    (instead of amd64 and kfreebsd-amd64). bug#455603.
  * rules.d/debheper.in: fix a one letter typo causing libc6-udeb to be
    empty. bug#541725.
  * alpha/submitted-sock_nonblock.diff, hppa/submitted-sock_nonblock.diff:
    new patches to accommodate SOCK_NONBLOCK != O_NONBLOCK on these
    architectures. bug#540871.
  * Add dependency on $syslog in /etc/init.d/nscd. bug#541492.

  [ eglibc (2.9-24) unstable; urgency=low ]

  [ Aurelien Jarno ]
  * Remove any/cvs-pthread_mutex_lock.diff following upstream decision.
  * Replace debian/sysdeps/depflags.{mk,pl} by entries in debian/control
    using the "new" dpkg-dev features. Clean-out some very old entries.
  * Recommends libc6-i686 on amd64 and libc0.1-i686 on kfreebsd-amd64
    (bug#455603).
  * Don't access dpkg files directly in libc6.preinst.
  * patches/any/local-ld-multiarch.diff: convert i586 and i686 into i486
    (bug#540646).
  * debian/rules.d/debhelper.mk: use dh_lintian instead doing the work
    manually.
  * Split out libc-bin from libc6 and libc-dev-bin from libc6-dev.
    (#330735).

  [ Petr Salinger ]
  * kfreebsd/local-sysdeps.diff: update to revision 2696 (from glibc-bsd).

  [ esound (0.2.41-7) unstable; urgency=low ]

  * Let libesd0-dev depend on pkg-config. #558481.
  * Standards-Version is 3.8.4, no changes needed.
  * Let every package depend on ${misc:Depends}.
  * debian/patches/03_hurd.patch:
    - Patch from Samuel Thibault to fix the build on GNU/Hurd.
      #564606.

  [ esound (0.2.41-6) unstable; urgency=low ]

  * Remove libesd-alsa0. Only build one package, libesd0. On Linux it
    uses ALSA unconditionally, we don’t support OSS anymore.
    #553182.
  * Make esound-common conflict against libesd-alsa0 so that it gets
    removed from user systems.
  * Simplify the build process accordingly.

  [ expat (2.0.1-7) unstable; urgency=low ]

  * debian/control (Depends): Fixed debhelper-but-no-misc-depends.
  * debian/patches/560901_CVE_2009_3560.dpatch: Adjusted.
    - lib/xmlparse.c (doProlog): Revised patch for CVE-2009-3560 after
      regressions have been detected (#561658). Many thanks to
      Niko Tyni and Karl Waclawek for their help and the fix.

  [ expat (2.0.1-6) unstable; urgency=medium ]

  * debian/patches/560901_CVE_2009_3560.dpatch: Added.
    - lib/xmlparse.c (doProlog): Fix DoS vulnerability CVE-2009-3560 (
      #560901).
  * debian/patches/00list: Adjusted.

  [ expat (2.0.1-5) unstable; urgency=medium ]

  * debian/control (Standards-Version): Bumped to 3.8.3.
    (Priority, Section): Fixed binary-control-field-duplicates-source.
    (Description): Fixed extended-description-is-probably-too-short and
    duplicate-long-description.
  * debian/rules (CFLAGS): Drop useless '-pthread -D_REENTRANT' from version
    1.95-8-1 (#551079).
  * debian/README.source: Added for policy compliance.
  * debian/patches/551936_CVE_2009_2625.dpatch: Added.
    - lib/xmltok_impl.c (updatePosition): Fix DoS vulnerability CVE-2009-2625
      and CVE-2009-3720 (#551936).
  * debian/patches/00list: Adjusted.

  [ fltk1.1 (1.1.10-2) unstable; urgency=low ]

  * src/Makefile: link libfltk.so.1.1 against -lpthread, as fluid now
    otherwise fails to link on the Hurd (with complaints that libfltk.so.1
    contains undefined references to pthread_mutexattr_*).
  * debian/source.lintian-overrides: retire per Lintian 2.3.1.  (See #553264.)

  [ fltk1.1 (1.1.10-1) unstable; urgency=low ]

  * New upstream release.
  * {fluid,test}/Makefile: link against all directly referenced libraries,
    even if they are also indirect dependencies, to fix build errors with
    binutils-gold, which defaults to --no-add-needed.  (#554365.)

  [ fltk1.1 (1.1.10~rc3-1) unstable; urgency=low ]

  * New upstream release candidate.

  [ fltk1.1 (1.1.10~rc2-3) unstable; urgency=low ]

  * debian/FLTKConfig.cmake: belatedly advance FLTK_VERSION_PATCH to 10.
  * debian/{fluid,source}.lintian-overrides: override spurious Lintian
    diagnostics; fluid.desktop's command is legitimate, as is the
    artificial debian/CMakeCache.txt discussed in #553264.

  [ fltk1.1 (1.1.10~rc2-2) unstable; urgency=low ]

  * debian/libfltk1.1.symbols: prepare for the GCC 4.4 transition by
    tagging three symbols (for inline methods) emitted *only* by GCC 4.3.x
    as optional.  (#551612; LP: #455418.)

  [ fltk1.1 (1.1.10~rc2-1) unstable; urgency=low ]

  * New upstream release candidate.
  * debian/copyright: extend date range through 2009.
  * fluid/*: revert i18n patch (#333401); although I still support the
    general idea, it proved problematic in practice.  (Translated strings
    weren't always properly isolated to the GUI, and the only translation
    wasn't actively maintained anyway.)
  * debian/fluid.install: update accordingly.  (No more fluid.mo.)
  * Update Spanish Debconf translation, thanks to Franciso Javier Cuadrado.
    (#513692.)  Apologies for the delay; the submission was slightly
    late for lenny, and as such no longer merited an upload on its own.
  * debian/control:
    - List ${misc:Depends} in Depends across the board, as future Debhelper
      versions could conceivably generate content for it.
    - Clean up Section fields: libfltk1.1 is already implicitly in libs, and
      libfltk1.1-dbg is in the newfangled debug section nowadays. ;-)
    - Advance Standards-Version to 3.8.3.  (No further changes required.)
    - Require debhelper (>= 7.0.50) for further rules simplification.
  * debian/rules:
    - On alpha, lock in a version of 1.1.10~rc2 for symbols introduced when
      building with GCC 4.3, which is now the default on that platform too.
    - Simplify further per debhelper 7.0.50+'s override_dh_* support.

  [ fontconfig (2.8.0-2.1) unstable; urgency=low ]

  * Non-maintainer upload.
  * Fix pending l10n issues. Debconf translations:
    - Swedish (Martin Bagge).  #533566
    - Vietnamese (Clytie Siddall).  #568985

  [ fontconfig (2.8.0-2) unstable; urgency=low ]

  * Package with defoma debhelper files from version 0.11.10-4
  * Updated postinst script to follow defoma debhelper style for detecting
    presence of defoma
  * ACK NMU 2.8.0-1.1 from Cyril Brulebois <kibi@debian.org>, fixed this
    time by using new defoma bits.
  * ttf-bitstream-vera is back in the archive (#461269)
  * The trigger mechanism means that fc-cache only runs once now.
    (#317881, #382213, #498948)
  * Add Provides: libfontconfig to libfontconfig1 control
    (#542835)
  * Remove stale reference to XFree86 (#550338)
  * Change dependency on ttf-dejavu to ttf-dejavu-core (#517161)
  * Upstream cache file name changes remove explicit architecture
    names (#501700)
  * Change debconf question to reference DejaVu as default Debian font.
    Note that the ml and ta translations couldn't be mechanically
    converted. (#430371, #409922)
  * Add cross building support (Neil Williams) (#451277)
  * Close wishes for newer fontconfig (#542332, #560054)

  [ fontconfig (2.8.0-1.1) unstable; urgency=low ]

  * Non-maintainer upload.
  * Re-apply Riku's band-aid (introduced in 2.6.0-4.1 and 2.6.0-4.2, which
    were not ACK'd) to unbreak the buildds again: Use “set +e” in postinst
    and prerm instead of “set -e” (#559136).

  [ fontconfig (2.8.0-1) unstable; urgency=low ]

  * upstream release of 2.8
  * Track library package version for shlib dependency.
    #496148, 456963.
  * Tested with ttf-opensymbol. Appears to work now.
    #452718.
  * Tested with many afb/pfb files. Appears to not wedge.
    #406304, #323283.

  [ freeglut (2.6.0-1) unstable; urgency=low ]

  * New upstream release.
  * Refresh patches.
  * Update Standards-Version to 3.8.4.
  * Move to 3.0 (quilt) source format.
  * Add missing ${misc:Depends}.

  [ freeglut (2.4.0-9) unstable; urgency=low ]

  * Adjust 01_fix_kfreebsd.diff for GNU/kfreebsd 8.x.
    Thanks to Petr Salinger <Petr.Salinger@seznam.cz>. #561078.
  * Fix hurd FTBFS. Thanks to Pino Toscano <pino@kde.org>.
    #553409.

  [ freeglut (2.4.0-8) unstable; urgency=low ]

  * Move autoreconf to build time. #345224.

  [ freeglut (2.4.0-7) unstable; urgency=low ]

  * New maintainer. #543435.
  * Acknowledge previous NMU.
  * debian/control
    - Update Standards-Version to 3.8.3.
    - Replace Source-Version substvar.
    - Add Vcs-* and Homepage fields.
    - Update debhelper version to 7.
    - Adjust descriptions.
    - Fix debug package section and priority.
    - Remove outdated conflicts, provides and depends.
  * Move top srcdir changes to quilt patch system.
  * Tidy up debian/rules.
  * Use config.{guess,sub} from autotools-dev.
  * Convert copyright to machine readable format.

  [ freetype (2.4.2-1) unstable; urgency=high ]

  * New upstream release
    - High urgency upload for RC security bugfix.
    - Corrects a stack overflow in the interpreter for CFF fonts
      (CVE-2010-1797).  #592399.
    - drop debian/patches-freetype/opentype-missing-glyphs, included
      upstream.
  * Update libfreetype6.symbols for two new functions.

  [ freetype (2.4.0-2) unstable; urgency=medium ]

  * debian/patches-freetype/opentype-missing-glyphs: fix from upstream for
    glyphs from OpenType fonts failing to render.  #589256,
    LP: #605858.
  * Medium-urgency upload to fix important regression.

  [ freetype (2.4.0-1) unstable; urgency=high ]

  * New upstream release (#572576).
    - fixes CVE-2010-2497, CVE-2010-2498, CVE-2010-2499, CVE-2010-2500,
      CVE-2010-2519, and CVE-2010-2520
    - high-urgency upload for security bugfixes.
    - drop debian/patches-freetype/freetype-bytecode-interpreter.patch and
      debian/patches-freetype/enable-full-bytecode-interpreter - the
      bytecode interpreter is now enabled by default upstream at last!
    - drop debian/patches-freetype/freetype-bdflib-large-encodings.patch and
      debian/patches-freetype/uninitialized-vars.patch, applied upstream.
    - drop debian/patches-freetype/331-hmtx-no-shorts.diff, implemented
      differently upstream.
    - new symbol FT_Library_SetLcdFilterWeights added to the symbols table,
      bump the shlibs.
    - fixes problem with outlines for some OpenType fonts.  Closes; #583868.
  * Add a debian/watch file - though we won't use it internally due to the
    multiple tarball issues.
  * Begin to simplify debian/rules a little by trimming dead code.
  * Don't set SHELL = /bin/bash in debian/rules, no bashisms found in
    the current package.
  * debian/patches/ft2demos-grkey.patch: don't point grKEY() at an enum when
    it's being passed values that aren't defined in that enum, fixing a build
    failure with gcc 4.5.  Thanks to Brian M. Carlson for the preliminary
    patch.  #564989.
  * docs/PATENTS no longer exists, so we don't install it.
  * Add ${misc:Depends} substitutions to all packages, per lintian.
  * Standards-Version to 3.8.4, no changes required.
  * Clarify in debian/copyright that freetype can be used under GPLv2 or
    later.

  [ freetype (2.3.11-1) unstable; urgency=low ]

  * New upstream release
    - drop debian/patches-freetype/proper-armel-asm-declaration.patch and
      debian/patches-freetype/CVE-2009-0946.patch, applied upstream.
    - new symbol tt_cmap13_class_rec added to the symbols table, bump the
      shlibs.

  [ gcc-3.3 (1:3.3.6ds1-20) unstable; urgency=low ]

  * rules.defs: Set GFDL_INVARIANT_FREE unconditionally to `yes'.
    (#586011)

  [ gcc-3.3 (1:3.3.6ds1-19) unstable; urgency=low ]

  * New maintainer.
  * Reintroduce the package into Debian unstable to be released with
    Debian squeeze.
  * Build with gcc-4.1 instead of gcc-3.4 because the latter is no longer
    available.
  * Add symbol files as generated by mole for amd64, i386 and powerpc.
  * Drop lpia for missing symbol files.

  [ gcc-4.3 (4.3.5-2) unstable; urgency=low ]

  * Update to SVN 20100714 from the gcc-4_3-branch.
    - Fix PR target/43733, PR c++/43555, PR target/44481, PR target/44075,
      PR target/43740, PR target/39690, PR target/44597.
  * Update configury to be able to target i686 instead of i486 on i386.
  * Fix setting biarch_cpu macro.

  [ gcc-4.3 (4.3.5-1) unstable; urgency=low ]

  * GCC-4.3.5 release.
    - Fix PR tree-optimization/43769, PR target/44202, PR c++/44193,
      PR bootstrap/38591, PR other/43620, PR middle-end/38564,
      PR c++/43116, PR middle-end/38584, PR tree-optimization/43220,
      PR middle-end/38360, PR c/38957, PR c/35443, PR c/35742,
      PR c++/35335, PR rtl-optimization/43438, PR tree-optimization/43629.

  [ Iain Buclaw ]
  * Revert the removal of the gdc-ice-null-tree patch. #577420.
  * Build std.c.freebsd into phobos library. #577721.
  * Fix some wrong-code bugs. #581240, #581698.

  [ Matthias Klose ]
  * Provide symlink to README.Bugs. #577418.

  [ gcc-4.3 (4.3.4-10) unstable; urgency=low ]

  [ Iain Buclaw ]
  * Revert last change to gdc-fix-build.dpatch to fix the powerpc build.

  [ Matthias Klose ]
  * Regenerate sparc-biarch patch to fix build failure on sparc.

  [ gcc-4.3 (4.3.4-9) unstable; urgency=low ]

  * Update to SVN 20100410 from the gcc-4_3-branch.
    - Fix PR rtl-optimization/43360, PR rtl-optimization/41917,
      PR libstdc++/21769, PR ada/41912, PR tree-optimization/43528,
      PR target/43524, PR target/42113, PR middle-end/42718, PR target/43458.
  * Update cell-4_3-branch to 20100216.

  [ Nobuhiro Iwamatsu ]
  * gcc-multiarch.dpatch: Update for sh4. #546443.

  [ Iain Buclaw ]
  * Update to new upstream mecurial branch 20100405.
    - gdc-4.3.dpatch: Add.
    - gdc-libphobos-std-process.dpatch: Add.
    - gdc-fix-build.dpatch: Update.
    - gdc-libphobos-build.dpatch: Update.
    - gdc-pr26885.dpatch: Update.
  * debian/control.m4: update upstream website.
  * Fix gdc build on armel.
  * Work around build problem on kfreebsd-amd64.
  * Fix libphobos build for kfreebsd platforms.
  * Fixes error on static initialization of arrays with trailing comma.

  [ Arthur Loiret ]
  * debian/control: Update my email's address.

  [ Matthias Klose ]
  * Let the gcc driver know about .[dD] files.
  * Configure --with-pkgversion with correct gdc-4.3 version.

  [ gcc-4.3 (4.3.4-8) unstable; urgency=low ]

  * Update to SVN 20100215 from the gcc-4_3-branch.
    - Fix PR rtl-optimization/41917.
  * gcc-4.3-base: Set priority to optional.
  * Update cell-4_3-branch to 20091117, fixing build failure on powerpc.

  [ gcc-4.3 (4.3.4-7) unstable; urgency=low ]

  * Update to SVN 20100215 from the gcc-4_3-branch.
    - Fixes: PR libfortran/42901, PR rtl-optimization/42952,
      PR middle-end/42898, PR bootstrap/42786, PR tree-optimization/41826,
      PR target/42774, PR target/42542, PR target/42511, PR target/42564,
      PR target/42448, PR middle-end/42099, PR target/42549,
      PR libfortran/PR42422, PR target/42113, PR libgfortran/42090,
      PR target/41900, PR c++/21008, PR c++/37037, PR c++/41972,
      PR c++/36912, PR target/41900, PR c++/35067, PR c++/41876.

  [ Aurelien Jarno ]
  * Add sparc64 support: disable multilib and install the libraries
    in /lib.

  [ Matthias Klose ]
  * Don't call install-info directly, depend on dpkg | install-info instead.
  * Enable multiarch for sh4.
  * Remove build dependency on expect-tcl8.3. #472977.
  * lib32stdc++6{,-dbg}: Add dependency on 32bit glibc

  [ Nobuhiro Iwamatsu ]
  * Backport linux atomic ops changes for sh4 from the trunk. #561550.
  * Backport from trunk: [SH] Not run scheduling before reload as default.
    #561429.
  * Backport from trunk Fix PR target/41993, [sh] ICE in create_pre_exit.

  [ Iain Buclaw ]
  * Build gdc-4.3 based on 2.015.
  * Allow GDC to build if GNU C has execvpe() implemented (starting with
    glibc-2.11).

  [ gcc-4.3 (4.3.4-6) unstable; urgency=low ]

  * Update to SVN 20091101 from the gcc-4_3-branch.
    - Fixes: PR target/41702, PR target/40913, PR target/38948,
      PR target/26515, PR fortran/41479.
  * Call dh_shlibdeps for gappletviewer to satisfy pedantic interpretations
    of policy. Addresses: #553159.
  * Add build conflict with binutils-gold (C++ test failures).
  * On sparc default to v9 in 32bit mode.

  [ gcc-4.3 (4.3.4-5) unstable; urgency=medium ]

  * Really install the linker script introduced with last upload for
    the armel build.
  * Set stage1 cflags for mips{,el} nbuild to fix build failure (?).
  * Update to SVN 20091003 from the gcc-4_3-branch.
    - Fixes PR target/22093, PR fortran/41515.
  * Don't install the 4.3.3 symlink in the gcc libdir anymore.
  * Install a hook _Unwind_DebugHook, called during unwinding. Intended as
    a hook for a debugger to intercept exceptions. CFA is the CFA of the
    target frame.  HANDLER is the PC to which control will be transferred
    (patch taken from Fedora).
  * Don't run the testsuite for gnat build on sparc (timeouts on the buildds).

  [ gcc-4.3 (4.3.4-4) unstable; urgency=low ]

  * Update to SVN 20090926 from the gcc-4_3-branch.
    - Fixes PR c/39779, PR libffi/40242, PR libffi/41443, PR target/40473.
  * Apply proposed patch for PR target/40134 (armel).

  [ gcc-4.3 (4.3.4-3) unstable; urgency=low ]

  * Update to SVN 20090919 from the gcc-4_3-branch.
    - Fixes PR middle-end/41009, PR middle-end/37850, and some other
      architecture specific backports.
  * Fix lintian errors in libstdc++ packages.

  [ gcc-4.3 (4.3.4-2) unstable; urgency=low ]

  [ Aurelien Jarno ]
  * patches/kbsd-gnu-ada.dpatch: add Ada support on kfreebsd-amd64.
  * rules.conf: enable Ada on kfreebsd-amd64.

  [ Matthias Klose ]
  * Update to SVN 20090826 from the gcc-4_3-branch.
    - Fixes: PR target/41019, PR target/8603 (#161432),
      PR rtl-optimization/41033, PR target/40906, PR target/40577,
      PR fortran/40847, PR fortran/40851, PR c/41046, PR debug/39706.
      PR middle-end/41094, PR target/40718, PR fortran/41102.
  * Avoid underscores in doc-base document id's to workaround a
    dh_installdocs bug.

  [ gcc-4.4 (4.4.4-8) unstable; urgency=medium ]

  * Update to SVN 20100728 from the gcc-4_4-branch (r162660).
    - Fix PR target/44942, PR target/42869, PR c/44555, PR middle-end/42509,
      PR tree-optimization/44977, PR fortran/45019.

  [ Marcin Juszkiewicz ]
  * Fix dependencies on cross library packages.
  * Copy all debian/rules* files in the -source package.

  [ Matthias Klose ]
  * Add descriptions for patches, where missing.
  * Rebuild to depend on libmpfr4.
  * Fix versioned build dependency on gcc-4.x-source package for cross builds.
    LP: #609060.
  * Set Vcs attributes in control file.
  * Fix PR java/40816, taken from the gcc-4_5-branch. Addresses: #589459.
  * Link executables statically when `static' is passed in DEB_BUILD_OPTIONS
    (Jim Heck). #590102.

  [ gcc-4.4 (4.4.4-7) unstable; urgency=low ]

  * Update to SVN 20100712 from the gcc-4_4-branch (r162081).
    - Fix PR target/44597, PR target/44705, PR tree-optimization/40421,
      PR tree-optimization/44683, PR c++/44587, PR fortran/43841,
      PR fortran/43843, PR fortran/44582, PR fortran/44847, PR fortran/44773.

  [ Marcin Juszkiewicz ]
  * cross-fixes.diff: Remove sh part.
  * debian/rules2: Merge rules.d includes.
  * Properly -name -dbg packages for cross builds.
  * Various cross build fixes.
  * Build libmudflap packages for cross builds.
  * Merge debian/rules.conf bits for generating the control file
  * Fix generation of maintainer scripts for cross packages.
  * Build a gcc-base package for cross builds.

  [ Kees Cook ]
  * Fix additional libstdc++ testsuite failures for hardening defaults.

  [ Matthias Klose ]
  * gcc-arm-implicit-it.diff: Only pass -mimplicit-it=thumb when in
    thumb mode (Andrew Stubbs).

  [ gcc-4.4 (4.4.4-6) unstable; urgency=low ]

  * Update to SVN 20100622 from the gcc-4_4-branch (r161235).
    - Fix PR bootstrap/44544, PR fortran/44536, PR target/44534,
      PR tree-optimization/44508, PR target/44261, PR target/43740,
      PR bootstrap/44426. PR c++/44627 (LP: #503668), PR target/39690.

  [ Matthias Klose ]
  * Add M68K TLS support, backport from the 4.5 branch. #586060.
  * Merge binary-libgcc.mk packaging changes into binary-libgcc-cross.mk
    (Loic Minier).
  * Fix Fortran cross-compiler build when not building the runtime library.
  * Apply proposed fix for PR target/44626 (backport from the 4.5 branch).
    LP: #564492.
  * Add maintainer scripts for cross packages.

  [ Marcin Juszkiewicz ]
  * Merge the rules.d/binary-*-cross.mk files into rules.d/binary-*.mk.
  * ARM: speed up division on Thumb-2 (backport from the trunk). LP: #589779.

  [ gcc-4.4 (4.4.4-5) unstable; urgency=low ]

  [ Matthias Klose ]

  * Update to SVN 20100612 from the gcc-4_4-branch (r160657).
    - Fix PR target/44169, PR target/44481, PR target/44075, PR other/43838,
      PR libstdc++/32499, PR libgcj/44216.
  * debian/patches/libstdc++-pic.diff: Fix installation for cross builds.
  * Update libsupc++/vmi_class_type_info.cc from the 4.5 branch.
    #584308.
  * Export long double versions of "C" math library for arm-linux-gnueabi,
    m68k-linux-gnu (ColdFire), mips*-linux-gnu (o32 ABI), sh*-linux-gnu
    (32 bit). Merge the libstdc++-*-ldbl-compat.diff patches.
  * Remove the backport for the plugin support.

  [ Aurelien Jarno ]
  * libstdc++-mips-ldbl-compat.diff: On MIPS provide the long double
    versions of "C" math functions in libstdc++ as we need to keep the
    ABI. #584610.

  [ gcc-4.4 (4.4.4-4) unstable; urgency=medium ]

  * Update to SVN 20100602 from the gcc-4_4-branch (r160193).
    - Fix PR c++/43555, PR fortran/44360.
  * Don't bother with un-normalized paths in .la files, just remove them.
  * debian/locale-gen: Update locales needed for the libstdc++-v3 testsuite.
  * If libstdc++6 is built from newer gcc-4.x source, run the libstdc++-v3
    testsuite against the installed lib too.
  * Configure with --enable-secureplt on powerpcspe.
  * Fix PR target/44261, taken from the trunk. #582787.
  * Apply proposed powerpc backport for PR target/44169.
  * On ix86, pass -mtune=generic32 in 32bit mode to the assembler, when
    configured for i586-linux-gnu or i686-linux-gnu.

  [ gcc-4.4 (4.4.4-3) unstable; urgency=low ]

  * Update to SVN 20100527 from the gcc-4_4-branch (r159909).
    - Fix PR rtl-optimization/39580, PR target/44199, PR target/43733,
      PR target/44245, PR tree-optimization/43845, PR debug/44205,
      PR bootstrap/43870, PR target/44074, PR target/44202, PR target/44074,
      PR c++/44193.

  [ Matthias Klose ]

  * Enable multilibs again on powerpcspe. #579780.
  * Fix setting CC for REVERSE_CROSS build (host ==  target,host != build).
    #579779.
  * Backport fix for PR rtl-optimization/39580 from the trunk. #576198.
  * Fix setting biarch_cpu macro.

  [ Aurelien Jarno ]

  * Fix $(distrelease) on non-official archives. Fix powerpcspe, sh4 and
    sparc64 builds.  #583179.

  [ gcc-4.4 (4.4.4-2) unstable; urgency=low ]

  [ Matthias Klose ]

  * Update to SVN 20100518 from the gcc-4_4-branch (r159527).
    - Fix PR c/43893, PR other/43620, PR middle-end/44085,
      PR documentation/44016, PR target/43744, PR debug/43370,
      PR middle-end/43671, PR fortran/44036, PR fortran/44135.
  * Update cell branch to 20100518.
  * Update configury to be able to target i686 instead of i486 on i386.
  * Ubuntu only:
    - Configure --with-arch-32=i686.
    - Pass --hash-style=gnu instead of --hash-style=both to the linker.
    - Don't build packages built from the gcc-4.5 sources.
  * Add libgcc4 to common libs (not built when built from gcc-4.5 sources).
  * Preliminary architecture port for powerpcspe (Kyle Moffett).
    #579780.
  * Bump inter package dependencies to 4.4.4-1. #580148.

  [Ludovic Brenta]

  Merge from gnat-4.4 (4.4.4-3) unstable; urgency=low

  * debian/control.m4, debian/control, debian/rules.d/binary-ada.mk: make
    upgrades from Lenny work without broken packages or hard decisions
    (part II).
    (libgnatvsn-dev, libgnatprj-dev): new dummy transition packages.

  Merge from gnat-4.4 (4.4.4-2) unstable; urgency=low

  * debian/control.m4, debian/control: make upgrades from Lenny work without
    broken packages or hard decisions.
    (gnat-4.4): replace all previous versions of gnat-X.Y.
    (libgnat{vsn,prj}4.4-dev):
    - Replace the corresponding 4.3 package in addition to Conflicting with it.
    - Suggest the -dbg package, too.
    (libgnat{vsn,prj}4.4-dbg):
    - Depend on the -dev package, too.
    - Do not recommend gnat-gdb, superseded by gdb.
    (libgnatprj4.4-dbg): do not recommend libgnatprj-dev, no longer in the
    archive.

  [ gcc-4.4 (4.4.4-1) unstable; urgency=low ]

  * GCC 4.4.4 release. Fixes compared to last upload:
    - Fix PR middle-end/43570, PR libgomp/43706, PR libgomp/43569,
      PR fortran/43836, PR libgcj/40860.
  * Apply proposed patch for PR c/43893.
  * Backport two libjava fixes from the trunk to run josm with gcj.
  * gcc-4.4-plugin-dev: Don't build anymore. Unused.

  [ gcc-4.4 (4.4.3-9) unstable; urgency=low ]

  * Update to SVN 20100420 from the gcc-4_4-branch (r158551).
    - Fix PR middle-end/43337, PR target/43662, PR tree-optimization/43771,
      PR tree-optimization/43769, PR fortran/43339.
  * Revert change in last upload, not linking with --hash-style=both on
    mips/mipsel.
  * Apply proposed patch for PR libgcj/40860, handle --no-merge-exidx-entries.

  [ gcc-4.4 (4.4.3-8) unstable; urgency=low ]

  * Update to SVN 20100417 from the gcc-4_4-branch (r157925).
    - Fix PR target/38085, PR ada/41912, PR target/43643, PR middle-end/42956,
      PR tree-optimization/43560, PR tree-optimization/43607,
      PR middle-end/43614, PR tree-optimization/43186, PR target/43668,
      PR tree-optimization/43629, PR target/43638, PR fortran/43539,
      PR libstdc++/40518, PR target/43458, PR libfortran/43605.
  * Link with --hash-style=both on mips/mipsel.
  * On mips, pass -mfix-loongson2f-nop to as, if -mno-fix-loongson2f-nop
    is not passed.

  [ gcc-4.4 (4.4.3-7) unstable; urgency=low ]

  * Update to SVN 20100401 from the gcc-4_4-branch (r157925).
    - Fix PR libfortran/43517, PR tree-optimization/43528, PR target/43524,
      PR middle-end/43600, PR other/43562, PR target/39254,
      PR target/42113, PR c/43381, PR c++/41185, PR c++/41786,
      PR fortran/43409, PR fortran/43409, PR libfortran/43265,
      PR fortran/43551, PR libfortran/43605.

  [ gcc-4.4 (4.4.3-6) unstable; urgency=high ]

  * Update to SVN 20100325 from the gcc-4_4-branch (r157722).
    - Fix PR libgomp/42942, PR target/43348, PR tree-optimization/43415,
      PR rtl-optimization/43438, PR c++/43116, PR target/43305,
      PR middle-end/43419, PR middle-end/42718, PR c/43385.
  * gcc-4.4-plugin-dev: Include missing header.
  * Apply fix for PR target/42321 from the trunk.

  [ gcc-4.4 (4.4.3-5) unstable; urgency=medium ]

  * Update to SVN 20100321 from the gcc-4_4-branch (r157610).
    - Fix PR target/43417.
  * Fix build failure on ia64, don't apply pr43348 twice.
  * Fix build failures building cross compilers configured --with-ld.

  [ gcc-4.4 (4.4.3-4) unstable; urgency=low ]

  * Update to SVN 20100320 from the gcc-4_4-branch (r157597).
    - Fix PR c/43248, PR middle-end/42233, PR bootstrap/43121,
      PR tree-optimization/43220, PR ada/42253, PR fortran/43303,
      PR fortran/43228, PR libfortran/43265, PR rtl-optimization/43360,
      PR libfortran/43265.
  * gcj-4.4-jre-headless: Stop providing java-virtual-machine.
  * Backport plugin support from the trunk:
    - Configure with --enable-plugin --disable-browser-plugin.
    - Add build support for a gcc-4.4-plugin-dev package.
  * Apply proposed fix for PR target/43348. LP: #531697.
  * Apply proposed patch for PR middle-end/43323.
  * libstdc++-arm-ldbl-compat.diff: On ARM provide the long double versions
    of "C" math functions in libstdc++; these are dropped when built
    against glibc-2.11.
  * ARM: Backport rev148072 from the trunk.
  * Backport proposed patch to enable both gold and ld in a single toolchain.
    New option -fuse-ld=ld.bfd, -fuse-ld=gold.

  [ gcc-4.4 (4.4.3-3) unstable; urgency=low ]

  * Update to SVN 20100226 from the gcc-4_4-branch (r157081).
    - Fix PR tree-optimization/42871, PR tree-optimization/42705,
      PR debug/43010, PR middle-end/42995, PR tree-optimization/42462,
      PR rtl-optimization/42952, PR c++/43024, PR c++/43033,
      PR target/40887, PR libstdc++/21769.
    - Fix out-of-range branches in Thumb-2 mode.
  * Don't call dh_makeshlibs with -V for shared libraries with
    symbol files.

  [ gcc-4.4 (4.4.3-2) unstable; urgency=low ]

  * Update to SVN 20100131 from the gcc-4_4-branch (r156416).
    - Fix PR fortran/42866, PR target/42841, PR target/38697,
      PR bootstrap/42786, PR middle-end/42898, PR fortran/38324,
      PR fortran/41044, PR fortran/41167, PR fortran/42736.
  * ada-arm-eabi.diff: system-linux-armel.ads (Stack_Check_Probes): Set
    to True. Taken from the trunk.
  * Fix PR c++/42748, do not warn about changes to mangling of va_list
    in system headers.
  * Build gnat-4.4 on armel.
  * On sh4-linux, use sh as java architecture name instead of sh4.

  [ gcc-4.4 (4.4.3-1) unstable; urgency=low ]

  * GCC 4.4.3 release. Fixes compared to last upload:
    - Fixes PR middle-end/42760, PR rtl-optimization/42691,
      PR middle-end/42674, PR c++/42608, PR c/42721, PR middle-end/42667,
      PR middle-end/40281, PR debug/42662, PR c++/42655, PR libjava/40859,
      PR target/42774 (#565455), PR target/42542 (ia64),
      PR tree-optimization/42773, PR tree-optimization/41826.
  * Update the gnat patch for arm from the trunk.
  * Temporary workaround: On arm-linux-gnueabi run the libstdc++v3 testsuite
    with -Wno-abi.

  [ gcc-4.4 (4.4.2-9) unstable; urgency=low ]

  [ Matthias Klose ]
  * Update to SVN 20100108 from the gcc-4_4-branch (r155727).
    - Fixes PR tree-optimization/42337, PR target/42448, PR middle-end/42099,
      PR target/42549 (#560812), PR tree-optimization/41956,
      PR target/42503, PR other/42611 (LP: #501921), PR target/42511,
      PR target/42564, PR tree-optimization/42614,
      PR target/42542 (LP: #403744).
  * libgcj10: Move .so symlinks into gcj-4.4-jdk. Addresses: #563280.
  * Don't use expect-tcl8.3 on hppa anymore.
  * Merge gnat-4.4 changes back from 4.4.2-5.
  * Default to v9a (ultrasparc) on sparc*-linux.
  * gcj-4.4-jdk: Include /usr/lib/jvm-exports.
  * Use 4.4.3 as the upstream version (we'll end up with this version
    for the next release anyway).
  * Always build libgcc4 on hppa, even if not building libgcc for other
    archs (gcc-4.5 bumps the soversion on hppa to 6).
  * Base the source build-dependency on the package version instead of the
    gcc version.
  * Build-depend on autogen again.

  [ Nobuhiro Iwamatsu ]
  * Update gcc-multiarch patch for sh4.

  [ gcc-4.4 (4.4.2-8) unstable; urgency=medium ]

  * Update to SVN 20091228 from the gcc-4_4-branch (r155494).
    Fix PR middle-end/41344, PR tree-optimization/42231.
  * lib32stdc++6{,-dbg}: Add dependency on 32bit glibc.
  * Remove gcc-snapshot specific patches (now built from the gcc-4.5
    packaging).
  * Remove extra chunk from the patch for PR target/40134, causing
    bad code with -Os on powerpc. #550094. LP: #445534.

  [ gcc-4.4 (4.4.2-7) unstable; urgency=low ]

  * Update to SVN 20091226 from the gcc-4_4-branch (r155468).
    Fix PR rtl-optimization/42475, PR rtl-optimization/42429.

  [ Matthias Klose ]
  * Don't call install-info directly, depend on dpkg | install-info instead.
  * Remove obsolete fastjar packaging scripts.
  * On ARM, pass --hash-style=both to ld.
  * Enable multiarch for sh4. #546443.

  [ Nobuhiro Iwamatsu ]
  * Backport from trunk Fix PR target/41993, [sh] ICE in create_pre_exit.
    #556601.

  [ Arthur Loiret ]
  * debian/rules.conf (gen_no_archs): Handle multiple arm ports.

  [ gcc-4.4 (4.4.2-6) unstable; urgency=low ]

  * Update to SVN 20091220 from the gcc-4_4-branch (r155367).
    Fix PR c++/42387, PR c++/41183.

  [ Matthias Klose ]
  * Apply svn-doc-updates.diff for non DFSG builds.
  * gcc-snapshot:
    - Remove patches integrated upstream: pr40133.diff. #561550.

  [ Nobuhiro Iwamatsu ]
  * Backport linux atomic ops changes for sh4 from the trunk. #561550.
  * Backport from trunk: [SH] Not run scheduling before reload as default.
    #561429.

  [ Arthur Loiret ]
  * Apply spu patches independently of the hardening patches; fix build
    failure on powerpc.

  [ gcc-4.4 (4.4.2-5) unstable; urgency=low ]

  * Update to SVN 20091212 from the gcc-4_4-branch (r155122).
    Revert the fix for PR libstdc++/42261, fix PR fortran/42268,
    PR target/42263, PR target/42263, PR target/41196, PR target/41939,
    PR rtl-optimization/41574.

  [ Matthias Klose ]
  * Regenerate svn-updates.diff.
  * Disable biarch testsuite runs for libffi (broken and unused).
  * Support xz compression of source tarballs.
  * Fix typo in PR libstdc++/40133 to do the link tests.
  * gcc-snapshot:
    - Remove patches integrated upstream: pr40134-snap.diff.
    - Update s390-biarch.diff for trunk.

  [ Aurelien Jarno ]
  * Add sparc64 support: disable multilib and install the libraries
    in /lib.

  [ gcc-4.4 (4.4.2-4) unstable; urgency=low ]

  * Update to SVN 20091210 from the gcc-4_4-branch (r155122), Fixes:
    PR target/42165, PR target/42113, PR libgfortran/42090,
    PR middle-end/42049, PR c++/42234, PR fortran/41278, PR libstdc++/42261,
    PR libstdc++/42273 PR java/41991.

  [ Matthias Klose ]
  * gcc-arm-thumb2-sched.diff: Don't restrict reloads to LO_REGS for Thumb-2.
  * PR target/40134: Don't redefine LIB_SPEC on hppa.
  * PR target/42263, fix wrong code bugs in SMP support on ARM, backport from
    the trunk.
  * Pass -mimplicit-it=thumb to as by default on ARM, when configured
    --with-mode=thumb.
  * Fix boehm-gc build on ARM --with-mode=thumb.
  * ARM: Don't copy uncopyable instructions in gcse.c (backport from trunk).
  * Build the spu cross compiler for powerpc from the cell-4_4-branch.
  * gcj: add option -fuse-atomic-builtins (backport from the trunk).

  [ Arthur Loiret ]
  * Make svn update interdiffs more readable.

  [ gcc-4.4 (4.4.2-3) unstable; urgency=low ]

  * Update to SVN 20091118 from the gcc-4_4-branch (r154294).
    Fix PR PR c++/9381, PR c++/21008, PR c++/35067, PR c++/36912, PR c++/37037,
    PR c++/37093, PR c++/38699, PR c++/39786, c++/36959, PR c++/41754,
    PR c++/41876, PR c++/41967, PR c++/41972, PR c++/41994, PR c++/42059,
    PR c++/42061,
    PR fortran/41772, PR fortran/41850, PR fortran/41909,
    PR middle-end/40946, PR middle-end/41317, R tree-optimization/41643,
    PR target/41900, PR rtl-optimization/41917, PR middle-end/41963,
    PR middle-end/42029.
  * Snapshot builds:
    - Patch updates.
    - Configure with --disable-browser-plugin.
  * Configure with --disable-libstdcxx-pch on hppa.
  * Backport armel patches form the trunk:
    - Fix PR objc/41848 - workaround ObjC and -fsection-anchors.
    - Enable scheduling for Thumb-2, including the fix for PR target/42031.
    - Fix PR target/41939, EABI violation in accessing values below the stack.

  [ gcc-4.4 (4.4.2-2) unstable; urgency=low ]

  * Update to SVN 20091031 from the gcc-4_4-branch (r153603).
    - Fix PR debug/40521, PR target/40913, PR middle-end/22072,
      PR target/41665, PR c++/38798, PR c++/40092, PR c++/37875,
      PR c++/37204, PR fortran/41755, PR libstdc++/40654, PR libstdc++/40826,
      PR target/41702, PR c/41842, PR target/41762, PR c++/40808,
      PR fortran/41777, PR libstdc++/40852.
  * Snapshot builds:
    - Configure with --enable-plugin, disable the gcjwebplugin by a patch.
      Addresses: #551200.
    - Proposed patch for PR lto/41652, compile lto-plugin with
      -D_FILE_OFFSET_BITS=64
    - Allow disabling the ada build via DEB_BUILD_OPTIONS nolang=ada.
  * Fixes for reverse cross builds.
  * On sparc default to v9 in 32bit mode.
  * Fix __stack_chk_fail check for cross builds configured --with-headers.
  * Apply some fixes for uClibc cross builds (Jonas Meyer, Hector Oron).

  [ gcc-4.4 (4.4.2-1) unstable; urgency=low ]

  * GCC 4.4.2 release.
    - Fixes PR target/26515, PR target/41680, PR rtl-optimization/41646,
      PR c++/39863, PR c++/41038.
  * Fix setting timeout for testsuite runs.
  * gcj-4.4/gcc-snapshot: Drop build-dependency on libgconf2-dev, disabled
    by default.
  * gcj-4.4: Run the libffi testsuite as well.
  * Add explicit build dependency on zlib1g-dev.
  * Fix cross builds, add support for gomp and gfortran (only tested for
    non-biarch targets).
  * (Build-)depend on binutils-2.20.
  * Fix up omp.h for multilibs (taken from Fedora).

  [ gcc-4.4 (4.4.1-6) unstable; urgency=low ]

  * Snapshot builds:
    - Add build dependency on libelfg0-dev (>= 0.8.12).
    - Add build dependency on binutils-gold where available.
    - Suggest binutils-gold; not perfect, it is required when using
      -use-linker-plugin.
    - Work around installation failure in the lto-plugin (PR lto/41569).
    - Install java home symlinks in /usr/lib/jvm.
    - Revert the dwarf2cfi_asm workaround, obsoleted by PR debug/40521.
  * PR debug/40521:
    - Apply patch for PR debug/40521, taken from the trunk.
    - Revert the dwarf2cfi_asm workaround, obsoleted by PR debug/40521.
    - Depend on binutils (>= 2.19.91.20091005).
  * Update to SVN 20091005 from the gcc-4_4-branch (r152450).
    - Fixes PR fortran/41479.
  * In the test summary, add more information about package versions
    used for the build.

  [ gcc-4.4 (4.4.1-5) unstable; urgency=medium ]

  * Update to SVN 20091003 from the gcc-4_4-branch (r152174).
    - Fixes PR target/22093, PR c/39779, PR libffi/40242, PR target/40473,
      PR debug/40521, PR c/41049, PR debug/41065, PR ada/41100,
      PR tree-optimization/41101, PR libgfortran/41328, PR libffi/41443,
      PR fortran/41515.
  * Updates for snapshot builds:
    - Fix build dependency on automake for snapshot builds.
    - Update patches pr40134-snap and libjava-nobiarch-check-snap.
  * Fix lintian errors in libstdc++ packages and lintian warnings in the
    source package.
  * Add debian/README.source.
  * Don't apply PR libstdc++/39491 for the trunk anymore.
  * Install java home symlinks for snapshot builds in /usr/lib/jvm,
    including javac. Depend on ecj. Addresses #536102.
  * Fix build failure on armel with -mfloat-abi=softfp.
  * Don't pessimize the code for newer armv6 and armv7 processors.
  * libjava: Use atomic builtins For Linux ARM/EABI, backported from the
    trunk.
  * Proposed patch to fix wrong-code on powerpc (Alan Modra). LP: #432222.
  * Link against -ldl instead of -lcloog -lppl. Exit with an error when using
    the Graphite loop transformation infrastructure without having the
    libcloog-ppl0 package installed (patch taken from Fedora). Packages
    using these optimizations should build-depend on libcloog-ppl0.
    gcc-4.4: Suggest the cloog runtime libraries.
  * Install a hook _Unwind_DebugHook, called during unwinding. Intended as
    a hook for a debugger to intercept exceptions. CFA is the CFA of the
    target frame.  HANDLER is the PC to which control will be transferred
    (patch taken from Fedora).

  [ gcc-4.4 (4.4.1-4) unstable; urgency=low ]

  * Update to SVN 20090911 from the gcc-4_4-branch (r151649).
    - Fixes PR target/34412, PR middle-end/41094, PR target/40718,
      PR fortran/41062, PR libstdc++/41005, PR target/41184,
      PR bootstrap/41180, PR c++/41127, PR fortran/41258,
      PR rtl-optimization/40861, PR target/41315, PR fortran/39876.

  [ Matthias Klose ]
  * Avoid underscores in doc-base document id's to workaround a
    dh_installdocs bug.
  * Update file names for the Ada user's guide.
  * Set Homepage attribute for packages.
  * Update the patch for gnat on armel.
  * gcj-4.4-jdk: Depend on libantlr-java. Addresses: #546062.
  * Backport patch for PR tree-optimization/41101 from the trunk.
    #541816.
  * Update libstdc++6.symbols for symbols introduced with the fix
    for PR libstdc++/41005.
  * Apply proposed patches for PR libstdc++/40133 and PR target/40134.
    Add symbols exception propagation support in libstdc++ on armel
    to the libstdc++6 symbols.

  [ Ludovic Brenta]
  Merge from gnat-4.4 (4.4.1-3) unstable; urgency=low
  * debian/rules.defs, debian/rules.d/binary-ada.mk, debian/rules.patch:
    better support for architectures that support only one exception
    handling mechanism (SJLJ or ZCX).

  [ gcc-4.4 (4.4.1-3) unstable; urgency=low ]

  * Update to SVN 20090822 from the gcc-4_4-branch (r151011).
    - Fixes PR tree-optimization/41016, PR tree-optimization/41011,
      PR tree-optimization/41008, PR tree-optimization/40991,
      PR tree-optimization/40964, PR target/8603 (#161432),
      PR target/41019, PR target/41015, PR target/40957, PR target/40934,
      PR rtl-optimization/41033, PR middle-end/41047, PR middle-end/41006,
      PR fortran/41070, PR fortran/40995, PR fortran/40847, PR debug/40990,
      PR debug/37801, PR c/41046, PR c/40948, PR c/40866, PR bootstrap/41018,
      PR middle-end/41123,PR target/40971, PR c++/41131, PR fortran/41102,
      PR libfortran/40962.

  [ Arthur Loiret ]
  * Only use -fno-stack-protector when known to the stage1 compiler.

  [ Aurelien Jarno ]
  * lib32* packages: remove the Pre-Depends: libc6-i386 (>= 2.9-18) and
    upgrade the Conflicts: libc6-i386 from (<< 2.9-18) to (<< 2.9-22).
    #537466.
  * kbsd-gnu-ada.dpatch: add support for kfreebsd-amd64.

  [ Matthias Klose ]
  * Build gnat on armel, the gnat-4.4 build still failing, gcc-snapshot
    builds good enough to build itself.
  * Merge enough of the gnat-4.4 changes back to allow a combined build
    from the gcc-4.4 source.
  * Build libgnatprj for armel.
  * On armel build just one version of the ada run-time library.
  * Update auto* build dependencies for snapshot builds.
  * Apply proposed patch for PR target/40718.

  [ gcc-4.4 (4.4.1-2) unstable; urgency=low ]

  [ Matthias Klose ]
  * Update to SVN 20090808 from the gcc-4_4-branch (r150577).
    - Fixes PR target/40832, PR rtl-optimization/40710,
      PR tree-optimization/40321, PR build/40010, PR fortran/40727,
      PR build/40010, PR rtl-optimization/40924, PR c/39902,
      PR middle-end/40943, PR target/40577, PR c++/39987, PR debug/39706,
      PR c++/40948, PR c++/40749, PR fortran/40851, PR fortran/40878,
      PR target/40906.
  * Bump GCC version required in dependencies to 4.4.1.
  * Enable Ada for snapshot builds on all archs with a gnat package
    available in the archive.
  * Build-depend on binutils 2.19.51.20090805, needed at least for armel.

  [ Aurelien Jarno ]
  * kbsd-gnu-ada.dpatch: new patch to fix build on GNU/kFreeBSD.

  [ gnutls26 (2.8.6-1) unstable; urgency=low ]

  * Use dh_lintian.
  * Use dh_makeshlibs for the guile stuff, too. This gets us
    a) ldconfig in postinst. #553109
    and
    b) a shlibs file.
    However the shared objects /usr/lib/libguile-gnutls*so* are still not
    designed to be used as libraries (linking) but are dlopened. guile-1.10
    will address this issue by keeping this stuff in a private directory.
  * hotfix pkg-config files (proper fix to be included upstream).
  * Stop unneeeded linkage against libgpg-error. 16_unnecessarydep.diff

  [ gnutls26 (2.8.5-2) unstable; urgency=low ]

  * Add a huge bunch of lintian overrides for the guile stuff to make dak
    happy.

  [ gnutls26 (2.8.5-1) unstable; urgency=low ]

  * Add datefudge to build-depends. (Only needed for the pkcs1-pad test.)
  * Switch to '3.0 (quilt)' source format, allowing us to use upstreams
    orig.tar.bz2 without repacking it to gz.
  * New upstream version.
    + Drop patches/20_fixtimebomb.diff.

  [ gnutls26 (2.8.4-2) unstable; urgency=high ]

  * [20_fixtimebomb.diff] Fix testsuite error. #552920

  [ gnutls26 (2.8.4-1) unstable; urgency=low ]

  * New upstream version.
    + Drop debian/patches/15_openpgp.diff.
  * Sync priorities with override file, libgnutls26 has been bumped from
    important to standard.

  [ gnutls26 (2.8.3-3) unstable; urgency=low ]

  * Empty dependency_libs in la-files. (Squeeze release goal.)

  [ gnutls26 (2.8.3-2) unstable; urgency=low ]

  * [ debian/patches/15_openpgp.diff ] The CVE-2009-2730 patch broke
    openpgp connections.

  [ gnutls26 (2.8.3-1) unstable; urgency=high ]

  * New upstream version.
    + Stops hardcoding a hard dependency on the versions of gcrypt and tasn it
      was built against. #540449
    + Fixes CVE-2009-2730, a vulnerability related to NUL bytes in X.509
      certificate name fields. #541439        GNUTLS-SA-2009-4
      http://lists.gnu.org/archive/html/help-gnutls/2009-08/msg00011.html
  * Drop 15_chainverify_expiredcert.diff, included upstream.
  * Urgency high, since 541439 applies to testing, too.

  [ hal (0.5.14-3) unstable; urgency=low ]

  * Switch to source format 3.0 (quilt)
    - Add debian/source/format.
    - Drop Build-Depends on quilt.
    - Remove /usr/share/cdbs/1/rules/patchsys-quilt.mk from debian/rules.
    - Remove debian/README.source.
  * debian/patches/20-ignore-temporary-cryptsetup-devices.patch
    - Do not probe temporary cryptsetup devices. (#586286)
  * debian/control
    - Bump Standards-Version to 3.9.0.
    - Use architecture wildcards linux-any and kfreebsd-any.

  [ hal (0.5.14-2) unstable; urgency=low ]

  * debian/hal.init
    - Source the lsb init-functions after checking if the daemon exists.
    - Make directory containing the pid file world readable. (#562915)
  * debian/patches/15-probe-input-segfault-fix.patch
    - Initialize error structure before using it to avoid segfault in
      hald-probe-input. (#562068)
      Thanks to Sebastian Andrzej Siewior for the patch.
  * debian/hal.postinst
    - When upgrading from lenny, make sure to kill any running hald daemon
      before trying to start the new one. The pid file can be missing or
      outdated and trying to start hal will fail otherwise. (#561505)
    - Cleanup /var/run/hal and /var/lib/hal on upgrades.
    - When being triggered to regenerate the hal fdi-cache, only restart hal
      if it is actually running.
  * debian/hal.dirs
    - Remove /var/lib/hal directory, it is no longer used.

  [ hal (0.5.14-1) unstable; urgency=low ]

  * New upstream release.
  * Remove patches that have been merged upstream
    - debian/patches/20_cpufreq_warning_message_fix.patch
    - debian/patches/21_fix_segfault_in_hal_util_get_last_element.patch
    - debian/patches/22_fix_unconditional_usage_of_PATH_MAX.patch
    - debian/patches/23_support_relative_paths_in_umount_hal.patch
    - debian/patches/30_mount_relatime.patch
  * debian/libhal1.symbols
    - Update symbols file for new API additions.
  * debian/patches/45-fix-libusb-detection.patch
    - Fix broken libusb detection on Linux.
  * Drop debian/patches/50_kfreebsd.patch and replace it with smaller,
    self-contained patches that can be updated more easily and are better
    suited for sending upstream.
  * debian/patches/50-kfreebsd-setproctitle.patch
    - Disable usage of setproctitle on kfreebsd as glibc does not support it.
  * debian/patches/51-kfreebsd-lrt-clock_gettime.patch
    - Link against -lrt for clock_gettime.
  * debian/patches/52-kfreebsd-libufs.patch
    - Check for availability of libufs and compile the code conditionally as
      kfreebsd currently does not ship a libufs library.
  * debian/patches/53-kfreebsd-blkid.patch
    - Use libblikd instead of libvolume-id on kfreebsd.
  * debian/patches/54-kfreebsd-libusb2.patch
    - Fix build failures when using libusb2 on kfreebsd.
  * debian/patches/99-autoreconf.patch
    - Run "autoreconf -i" to update the build system.
  * debian/control
    - Build against libusb2 (new USB stack) on kfreebsd.
      With the patches above this fixes the build failures on kfreebsd with
      8.x kernel headers. (#561076)

  [ hal (0.5.13-6) unstable; urgency=low ]

  * debian/patches/10_nonpolkit-mount-policy.patch
    - Only allow root to mount fixed (internal) storage devices.

  [ hal (0.5.13-5) experimental; urgency=low ]

  * Disable PolicyKit and ConsoleKit support in hal. GNOME uses DK-disks for
    mounting (removable) devices nowadays and KDE never made use of the
    PolicyKit support in HAL. (#549505, #526854)
  * debian/rules
    - Pass --disable-policy-kit and --disable-console-kit to
      DEB_CONFIGURE_EXTRA_FLAGS.
    - Explicitly disable smbios support to not accidentally pick up any
      libsmbios shlibs dependencies in a tainted build environment.
  * debian/control
    - Drop libpolkit-dev and libck-connector-dev build dependency.
    - Drop policykit dependency and demote consolekit to Recommends. We still
      want to install consolekit by default for its D-Bus "at_console"
      functionality.
    - Keymap handling was disabled in 0.5.13-4 as this is done by udev
      nowadays. Bump dependency on udev to (>= 143) to make sure we actually
      have a udev version which supports keymap remapping. (#555050)
      See also /usr/share/doc/udev/README.keymap.txt
  * debian/hal.install
    - Stop installing the PolicyKit policy files.
  * debian/hal.manpages
    - Stop installing hal-is-caller-privileged.1 man page.
  * debian/hal.postinst
    - Remove polkit-auth call.
    - Ensure the system groups powerdev and plugdev are created as they are
      used in the D-Bus policy file.
  * debian/patches/10-no-polkit-policy-file-validate-check.patch
    - Drop this patch, obsolete.
  * debian/patches/01_at_console.patch
    - Restrict access to the HAL D-Bus service using "at_console" and
      alternatively group powerdev/plugdev.

  [ hal (0.5.13-4) unstable; urgency=low ]

  * Disable ACL management which is done by udev nowadays. Drop dependency on
    the acl package.
  * Disable multimedia key remapping which is managed by udev. Drop build
    dependency on gperf.
  * debian/patches/21_fix_segfault_in_hal_util_get_last_element.patch
    - Validate input before passing it to strlen which fixes a segfault in
      hal_util_get_last_element. (#531383)
  * Add support for GNU/Hurd. (#552386)
    - debian/patches/22_fix_unconditional_usage_of_PATH_MAX.patch: Use
      HAL_PATH_MAX as PATH_MAX is not defined on GNU/Hurd.
    - debian/control: Disable Linux-only dependencies.
    - debian/hal.init: Hurd's proc translator does not provide /proc/$PID/root
      so ensure we do not fail the chroot check on GNU/Hurd.
      Thanks to Pino Toscano for the patch.
  * debian/patches/23_support_relative_paths_in_umount_hal.patch
    - Support relative paths in umount.hal. (#552139)
  * Bump Standards-Version to 3.8.3. No further changes.
  * Add debian/README.source which refers to the quilt documentation.

  [ hal (0.5.13-3) unstable; urgency=low ]

  * debian/patches/50_kfreebsd.patch
    - Present input.keys capability on GNU/kFreeBSD. (#541189)
      Thanks to Aurelien Jarno for the updated patch.
  * debian/patches/30_mount_relatime.patch
    - List "relatime" as valid mount option on Linux. (#510124)
      Thanks to Krzysztof Lubański for the patch.

  [ isdnutils (1:3.9.20060704+dfsg.1-2) unstable; urgency=low ]

  * QA upload.
  * Refresh patches so they apply cleanly.
  * Update ppp-2.4.4.patch to only build the plugin for version 2.4.4. There
    is no need to support older versions of ppp from pre-etch times.
  * Add ppp-2.4.5.patch to support ppp 2.4.5.
  * As we build pppdcapiplugin for ppp 2.4.4 and 2.4.5, change the dependency
    to ppp (>= 2.4.4), ppp (<< 2.4.6).
  * Drop old Conflicts and Replaces which are no longer necessary.

  [ isdnutils (1:3.9.20060704+dfsg.1-1) unstable; urgency=low ]

  * QA upload
  * Change source package to 3.0 (quilt) format
  * Remove some components that are not DFSG-compliant (#559425):
    - act2000/firmware: no source code available
    - eicon/firmware: no source code available
    - eurofile/src/wuath: commercial use is forbidden
    - hisax/ISAR.bin: no source code available
    - icn/firmware: no source code available
    - ipppd: incompatible licences (advertising clause vs GPL)
    - isdnlog/isdnlog/ora*: commercial use is forbidden
    - isdnlog/tools/telrate/tt.js: no licence stated
    - pcbit/convhexbin.c: no licence stated
  * Drop eurofile, ipppd and isdnactivecards packages
    - isdnactivecards will be re-added in the non-free section
  * Remove all modified autotools-generated files in 'clean' rule

  [ isdnutils (1:3.9.20060704-10) unstable; urgency=low ]

  * QA upload
  * Add sparc64 and sh4 to the architectures lists.

  [ isdnutils (1:3.9.20060704-9) unstable; urgency=low ]

  * QA upload
  * Add va_list.dpatch to the list of patches to apply.

  [ isdnutils (1:3.9.20060704-8) unstable; urgency=low ]

  * QA upload
  * Add sparc64 and sh4 to the architectures lists.  #549878.
  * [Debconf translation updates]
    - French (Christian Perrier).  #551720
    - Galician (Marce Villarino).  #554475.
  * Relibtoolize.  #560560.

  [ isdnutils (1:3.9.20060704-7) unstable; urgency=low ]

  * Drop "set -e" in config scripts as it breaks upgrades.
    Let's hope someone will look this in more details later on
    #554537

  [ isdnutils (1:3.9.20060704-6) unstable; urgency=low ]

  * QA upload
  * Make "MAKEDEV" calls conditional in postinst scripts
    #553692
  * Replace libreadline5-dev by libreadline-dev in build dependencies
    #553790

  [ isdnutils (1:3.9.20060704-5) unstable; urgency=low ]

  * QA upload
  * Allow build on sh4. #549878
  * Use "set -e" in all config scripts
  * Replace call to "/bin/kill" by "kill" in ipppd.prerm
  * Replace call to "/sbin/MAKEDEV" by "MAKEDEV" in postinst scripts
  * Replace call to "/sbin/init" by "init" in postinst scripts
  * Add "${misc:Depends} to ippd dependencies to properly cope with
    dependencies that might be triggered by debhelper utilities
  * Drop useless calls to install-docs in prerm scripts
  * Debconf templates and debian/control reviewed by the debian-l10n-
    english team as part of the Smith review project. #550030
  * Remove "Uploaders:" as the package is orphaned
  * [Debconf translation updates]
    - Czech (Martin Sin).  #550726
    - Vietnamese (Clytie Siddall).  #550858
    - Finnish (Esko Arajärvi).  #550876
    - Vietnamese (Clytie Siddall).  #550941
    - Basque (Iñaki Larrañaga Murgoitio).  #551060
    - Swedish (Martin Bagge).  #551117
    - Portuguese. #552166
    - Italian (Luca Monducci).  #552217
    - Spanish (Francisco Javier Cuadrado).  #552265
    - Russian (Yuri Kozlov).  #552463, #547435
    - Japanese (Hideki Yamane (Debian-JP)).  #553033
    - German (Thomas Mueller).  #553078

  [ isdnutils (1:3.9.20060704-4) unstable; urgency=low ]

  * Orphaning isdnutils, as I do not use it anymore in a way to be able to
    properly maintain it.
  * Acknowledge NMU upload.
    #527529
  * Call /sbin/MAKDEV explicitly from ipppd postinst instead of relying on the
    symlink in /dev/, which may not be there if makedev was installed after
    udev was started.
    #542156
  * Renamed /etc/modprobe.d/blacklist-capiutils to blacklist-capiutils.conf to
    avoid warnings from modprobe due to recent changes in module-init-tools.
    #520248
  * Removed / modified calls to log_success_msg with empty strings from
    init.d.functions, as that apparently causes the script to exit, weird...
    #543567
  * Remodelled isdnutils-base.postinst for checking on non-empty /etc/isdn/.
    #431855
  * Modified / corrected debconf templates.
    #378705
  * Fixed capifax manpage to mention the filename to be sent, and to correctly
    describe how the notification program is called.
    #318930,#353884,#324719
  * Added support for sending to 3.1kHz-only destinations.
    #354830
  * Start isdnutils at sequence 21, so that the makedev script is run
    earlier (S20isdnutils < S20makedev).
    #383992
  * Add support for successful CAPI return codes instead of treating them as
    errors.
    #471600
  * Start isdneurofile at sequence 22, so that the isdnutils script is run
    earlier, at sequence 21 (see above).
    #498943
  * Fixed text typo in init.d/isdnutils.
    #502276
  * Fixed bashism in vboxmail.enhanced script.
    #530106
  * Changed dependency on makdev to "udev | makedev".
    #546872

  [ jack-audio-connection-kit (1:0.118+svn3796-7) unstable; urgency=low ]

  * Make RTPRIO handling more robust (#588008, #587977)

  [ jack-audio-connection-kit (1:0.118+svn3796-6) experimental; urgency=low ]

  * reupload to experimental

  [ jack-audio-connection-kit (1:0.118+svn3796-5) unstable; urgency=low ]

  [ Reinhard Tartler ]
  * jackd must not be a virtual package, use 'jack-daemon' for that
  * take over files from old jackd package
  * change shlibsfile to prefer jackd2's libjack
  * regenerate debian/control
  * jack-daemon needs of course to be provided, not in depends
  * add myself to uploaders

  [ Adrian Knoth ]
  * Use utils.mk in rules.
  * Regenerate control

  [ Jonas Smedegaard ]
  * Silence optional build-dependencies to ease backporting.
  * Update control file.

  [ jack-audio-connection-kit (1:0.118+svn3796-4) unstable; urgency=low ]

  [ Jonas Smedegaard ]
  * Use CDBS upstream-tarball.mk (not local tarball-in-tarball rule),
    and weaken dependency to ease backporting (the get-orig-source rule
    is not needed during normal builds.
  * Fix update URL for upstream source in watch file, copyright file and
    CDBS hint used in get-orig-source rule.
  * Renumber patches. Add README documenting new patch numbering scheme.
  * Use patchsys-quilt.mk (not simple-patchsys.mk). Adjust patches to
    all use a prefix of 1 (as required by default for quilt).
  * Refresh patches (using --no-timestamp to limit future VCS noise.
  * Add DEP3 hints to patches.
  * Add myself as uploader.
  * Let CDBS handle autotools bootstrapping and dh_buildinfo.
  * Drop old unmaintained documentation pulled from non-default sources.
  * Use filter (not findstring) to parse DEB_BUILD_OPTIONS, as mandated
    by Debian Policy §4.9.1 since version 3.8.0.
  * Use d-shlibs to resolve development library dependencies. This fixes
    accidental complete lack of library development dependencies.
  * Reintroduce control.in file to semi-auto-update build-dependencies
    when DEB_MAINTAINER_MODE=1.
  * Have CDBS suppress weak-included build-dependencies only needed when
    DEB_MAINTAINER_MODE=1.
  * Build-depend on quilt and automake1.11 (not automake), and tighten
    build-dependencies on cdbs and debhelper.

  [ Adrian Knoth ]
  * Switch back to jackd1 codebase
  * Add epoch version
  * Separate libjackserver and inprocess clients into libjackserver0
  * Provide libjack0.shlibs to allow different jackd installations

  [ jack-audio-connection-kit (1.9.5~dfsg-13) unstable; urgency=low ]

  * Fix FTBFS on hppa (#580824)

  [ jack-audio-connection-kit (1.9.5~dfsg-12) unstable; urgency=low ]

  * Add -fvisibility=hidden to build flags.
  * Fix FTBFS on hurd

  [ jack-audio-connection-kit (1.9.5~dfsg-11) unstable; urgency=low ]

  * Don't use Debian provided waf anymore. (#580363)
  * Drop doxygen build dependency.
  * Update to upstream SVN revision 4008. (uses semaphores on Linux now)

  [ jack-audio-connection-kit (1.9.5~dfsg-10) unstable; urgency=low ]

  * Fix FTBFS on armel (#580618)

  [ jack-audio-connection-kit (1.9.5~dfsg-9) unstable; urgency=low ]

  * Provide fix for GNU/kFreeBSD (#579465)
  * Conditionally include audioadapter.so on ALSA platforms only.

  [ jack-audio-connection-kit (1.9.5~dfsg-8) unstable; urgency=low ]

  * Fix endif placement in ia64/alpha patch.

  [ jack-audio-connection-kit (1.9.5~dfsg-7) unstable; urgency=low ]

  * Update to upstream SVN version 4003
  * Dropping local Debian patches, they are included upstream
  * Add local patch for IA64 and alpha (#580089)

  [ jack-audio-connection-kit (1.9.5~dfsg-6) unstable; urgency=low ]

  * Fix more varargs issues on armel and alpha

  [ jack-audio-connection-kit (1.9.5~dfsg-5) unstable; urgency=low ]

  * Fix FTBFS on alpha and ia64 (#580089)
  * Fix FTBFS on armel (#580088)

  [ jack-audio-connection-kit (1.9.5~dfsg-4) unstable; urgency=low ]

  * Upgrade to svn version r3995. (bug#548537)
  * Fix FTBFS on kFreeBSD (conditionally enable ALSA) (bug#579465)
  * Fix FTBFS on powerpc (bug#579479)
  * Fix FTBFS caused by missing atomic operations (#579464)
  * Remove outdated documentation (#577444)

  [ jack-audio-connection-kit (1.9.5~dfsg-3) unstable; urgency=low ]

  * Fix restructure configure options to only add --firewire on
    supported architectures.
    bug#579237, thanks to Bastian Blank.
  * Handle library ABI through generalized packaging variable.
  * Bump API to 0.118.0 (from 9.116.2): Jackd2 1.9.4 declared compliance
    this newer version of jackd1, and does not promise backwards
    compatibility.
  * Tighten symbols older than API version to instead follow API: Future
    alternative implementations potentially of older version themselves
    are not assured to be binary compatible.
  * Have libjack-dev provide virtual libjack0.100.0-dev (...again - was
    apparently lost at some point upgrading to jackd2).

  [ jack-audio-connection-kit (1.9.5~dfsg-2) unstable; urgency=low ]

  * Fix relax shlibs file to libjack0 0.116.2 or newer: library API
    promised upstream to not have changed since.
    bug#579134, thanks to Reinhard Tartler.
  * Fix rename symbols file to get properly handled by dh_makeshlibs.
  * Fix tighten symbols file to depend at minimum 0.116.2 (not 0.116.0).
  * Suppress lintian error about newly added symbols: Any library
    symbols changing since 0.116.2 supposedly are outside public API.

  [ jack-audio-connection-kit (1.9.5~dfsg-1) unstable; urgency=low ]

  [ Adrian Knoth ]
  * New upstream version 1.9.5
  * Remove FreeBoB support. Use the FFADO firewire backend instead.
  * Build against FFADO-2.0.0
  * Enable jackdbus
  * Rename jack_rec to jackrec (as done in jackd1)
  * Include (updated) manpages from jackd1

  [ Jonas Smedegaard ]
  * Repackage source:
    + Strip binary code (shared libraries for MacOS X and Windows).
    + Strip unneeded sources copyright-protected without licence.
    + Isolate as patch 0000 changes between tarball release and upstream
      SVN trunk as of revision 3968.
  * Sync control.in with latest hand-edited changes to control.
  * Add myself as uploader.
  * Drop old Vcs-Bzr stanza from control.
  * Fix tighten libasound-dev build-dependency to at least 1.0.18.
  * Lower debhelper build-dependency to 6, to ease backporting (we need
    no newer features anyway).
    Fix bump debhelper compat level to match build-dependency.
  * Update patch handling:
    + Use source format "3.0 (quilt)" (not CDBS simple-patchsys.mk).
    + Unfuzz.
    + Refresh, compacting with quilt --no-timestamps --no-index -pab.
    + Rename with leading number, and add README to source documenting
      micro naming scheme.
    + Add DEP3 header to patch 1001 "earlier connect.diff").
    + Unpatch as last clean target to please both git-buildpackage and
      source format 3.0 (quilt).
  * Update watch file:
    + Track jackd2 releases.
    + Handle DFSG mangling.
    + Add usage hint.
  * Fix non-unix line-ends in PO files.
  * Tidy build routines:
    + Drop install hints automagically handled by CDBS already.
    + Separate configure from build in rules file.
    + Avoid unneeded ifeq construct in rules file.
    + Use single space in multi-line fields of control file.
    + Mention use of 'waf distclean' when upstream ships cleaned source.
    + Fix avoid remove man subdir (clash with dpkg unpatch routine).
  * Drop file user-howto (7 years old, newest version 4 years old, and
    is apparently included in jackd.1 manpage already).
  * Use d-shlibs to resolve development library dependencies.
    Build-depend on d-shlibs.
  * Stop build-depending on scons (upstream use waf now).
  * Use system waf. Build-depend on waf.
      - Strip binary waf file (too risky to blindly invoke, and too much
        hassle unpacking and inspecting properly).
    Stop build-depending on python (only used by local waf now dropped).
  * Recursively-expand a variable and avoid a linewrap in rules file.
  * Enable waf verbose mode (easing porter work).
  * Setup get-orig-source routine:
    + include cdbs snippet upstream-tarball (suppressing its build-
      dependencies unneeded for normal builds, to ease backporting).
    + Repackage source, stripping DFSG-violating files.
  * Rewrite debian/copyright using draft DEP5 rev. 135 format.
  * Track symbols, but relaxed due to uncertainty on public library ABI.

  [ jack-audio-connection-kit (1.9.4+svn3842-2) experimental; urgency=low ]

  * Fix a problem with jack_connect using a hard coded JACK client name
    and when calling jack_connect or jack_disconnect multiple times in a
    fast sequence, then the subsequent jack_(dis)connect calls fail.

  [ jack-audio-connection-kit (1.9.4+svn3842-1) experimental; urgency=low ]

  * New upstream release

  [ jack-audio-connection-kit (0.118+svn3796-1) unstable; urgency=low ]

  [ Jonathan Wiltshire ]
  * Debconf templates and debian/control reviewed by the debian-l10n-
    english team as part of the Smith review project. #550036
  * Debconf translation updates:
    - Swedish (#550493)
    - Czech (#550499)
    - Vietnamese (#550563)
    - Finnish (#550573)
    - Portugese (#546645, #550574)
    - Italian (#551924)
    - Spanish (#551977)
    - Russian (#552005)
    - French (#552072)

  [ Adrian Knoth ]
  * New upstream release (see NEWS, cmdline args have changed)
  * Drop versioned build dependency for libreadline. (#553791)
  * Remove Guenter Geiger from Uploaders (#546951)
  * Build with celt-0.7.0 (#556821)
  * Debconf translation updates:
    - Japanese (#552230)
    - German (#550986)
    - Galician (#554228)

  [ jack-audio-connection-kit (0.116.2+svn3592-3) unstable; urgency=low ]

  [ Adrian Knoth ]
  * Include Russian translation (#539460)
  * Include Czech translation (#538955)
  * Include Italian translation (#543514)
  * Actively remove /etc/init.d/jackd (#538963)
  * Explain new realtime default in the NEWS file (#539581)
  * Move FreeBoB and FFADO drivers to new package jackd-firewire, so users
    without 1394 devices have fewer dependencies. (#540891)
  * Fix FTBFS caused by double-installing the manpages (#543077)
  * Fix 24bit little endian problem on BE CPUs (#486308)

  [ keyutils (1.4-1) unstable; urgency=low ]

  * Merging upstream version 1.4.
  * Call dh_install with --fail-missing in rules.

  [ keyutils (1.3-1) unstable; urgency=low ]

  * Correcting wrong vcs-browser field.
  * Adding explicit debian source version 1.0 until switch to 3.0.
  * Updating year in copyright file.
  * Updating to standards 3.8.4.
  * Merging upstream version 1.3.
  * Updating README.source.
  * Updating year in copyright file.
  * Making build-depends on quilt versioned.
  * Sorting dh call in rules to more common order.
  * Removing manpage.patch, not required anymore.

  [ keyutils (1.2-12) unstable; urgency=low ]

  * Updating maintainer field.
  * Updating vcs fields.
  * Updating package to standards version 3.8.3.
  * Bumping versioned build-depends on debhelper.
  * Sorting and wrapping depends.
  * Simplifying libkeyutils-dev install file.
  * Adding README.source.
  * Adding maintainer homepage in copyright.

  [ krb5 (1.8.3+dfsg~beta1-1) unstable; urgency=low ]

  * New Upstream version
  * Add breaks with libkrb53 because libdes425 cannot work with new
    libk5crypto3 (#557929)
  * You want this version: it fixes an incompatibility with how PACs are
    verified with Windows 2008
  * As a result of libkrb53 breaks, we no longer get into problems with
    krb5int_hmac, #566988
  * Note that libkdb5-4 breaks rather than conflicts libkadm5srv6, 
    #565429
  * Start kdc  before x display managers, #588536

  [ krb5 (1.8.1+dfsg-5) unstable; urgency=low ]

  * Ignore duplicate token sent in mechListMIC from Windows 2000 SPNEGO
    (LP: #551901)
  * krb5-admin-server starts after krb5-kdc, #583494

  [ krb5 (1.8.1+dfsg-4) unstable; urgency=low ]

  * fix prerm script (#577389), thanks Harald Dunkel

  [ krb5 (1.8.1+dfsg-3) unstable; urgency=high ]

  * CVE-2010-1321 GSS-API accept sec context null pointer deref, 
    #582261
  * Force use of bash for build, #581473
  * Start slapd before krb5 when krb5-kdc-ldap installed, 
    #582122

  [ krb5 (1.8.1+dfsg-2) unstable; urgency=high ]

  * Fix crash in renewal and validation, Thanks Joel Johnson for such a
    prompt bug report, #577490

  [ krb5 (1.8.1+dfsg-1) unstable; urgency=high ]

  * New upstream release
  * Fixes significant ABI incompatibility between Heimdal and MIT in the
    init_creds_step API; backward incompatible change in the meaning of
    the flags API.  Since this was introduced in 1.8 and since no better
    solution was found, it's felt that getting 1.8.1 out everywhere that
    had 1.8 very promptly is the right approach.  Otherwise software build
    against 1.8 will be broken in the future.
  * Testing of Kerberos 1.8 showed an incompatibility between Heimdal/MIT
    Kerberos and Microsoft Kerberos; resolve this incompatibility.  As a
    result, mixing KDCs between 1.8 and 1.8.1 in the same realm may
    produce undesirable results for constrained delegation.  Again,
    another reason to replace 1.8 with 1.8.1 as soon as possible.
  * Acknowledge security team upload, thanks for picking up the slack and
    sorry it was necessary

  [ krb5 (1.8+dfsg-1.1) unstable; urgency=high ]

  * Non-maintainer upload by the Security Team.
  * Fixed CVE-2010-0628: denial of service (assertion failure and daemon crash)
    via an invalid packet that triggers incorrect preparation of an error
    token. (575740)
  * Makes src/slave/kpropd.c ISO C90 compliant (#574703)

  [ krb5 (1.8+dfsg-1) unstable; urgency=low ]

  * New upstream version
  * Include new upstream notice file in docs
  * Update symbols files
  * Include upstream ticket 6676: fix handling of cross-realm tickets
    issued by W2K8R2
  * Add ipv6 support to kprop,  Michael Stapelberg, #549476
  * New Brazilian Portuguese translations, Thanks Eder L. Marques,
    #574149

  [ krb5 (1.8+dfsg~alpha1-7) unstable; urgency=high ]

  * MITKRB5-SA-2010-001: Avoid an assertion failure leading to a denial of
    service in the KDC by doing better input validation.  (CVE-2010-0283)
  * Update standards version to 3.8.4 (no changes required).

  [ krb5 (1.8+dfsg~alpha1-6) unstable; urgency=medium ]

  * Import upstream fixes including:
     - A non-conformance with RFC 4120 that causes  enc_padata to be
    included when the client may not support it
      - Weak crypto acts as a filter and does not reject if DES is
    included in krb5.conf, fixes Samba net ads join, #566977
    * Medium urgency because of the samba bug fix.  If the samba maintainers
    request the release team to bump to high I'd support that.
  * Update libkdb5 symbols for new upstream internal interface

  [ krb5 (1.8+dfsg~alpha1-5) unstable; urgency=high ]

  [ Sam Hartman ]
  * New API to allow an application to enable weak crypto
  * Rename libkadm5clnt and libkadm5srv to libkadm5clnt_mit and
    libkadm5srv_mit in order to avoid conflicts with Heimdal packages.
    Sorry for the second trip through new, but we needed to coordinate
    with upstream  on the ABI issues involved with this change.
  * Medium urgency in order to get a fix for openafs-krb5 weak crypto into
    testing sooner
  * Include fix for pam-krb5 segfault with wrong password; bump urgency to
    high.

  [ Russ Allbery ]
  * Change libkrb5-dbg to only depend on libkrb5-3, libk5crypto3, or
    libkrb5support0.  All of the other packages for which it provides
    debugging symbols also depend on one of those packages and always
    will, so listing the disjunction of every library package is
    overkill.  Remove from the Depends several obsolete library packages
    no longer included.
  * Drop obsolete Replaces for libkadm5srv-mit7 and libkadm5clnt-mit7.
  * Wrap krb5-multidev dependencies and description and shorten the short
    description.
  * Reformat NEWS.Debian to avoid using a bulleted list per devref.

  [ Sam Hartman ]
  * Link libkadm5{clnt,srv}.so specially so that the links work without
    libkrb5-dev installed

  [ krb5 (1.8+dfsg~alpha1-4) unstable; urgency=high ]

  * Add replaces to deal with moving files from krb5-multidev to
    libkrb5-dev, #565217
  * This is definitely the getting all the conflicts combinations right is
    tricky series of releases.  Sorry about the wasted cycles.

  [ krb5 (1.8+dfsg~alpha1-3) unstable; urgency=high ]

  * Move files to avoid overlap between heimdal-dev and krb5-multidev,
    #565132

  [ krb5 (1.8+dfsg~alpha1-2) unstable; urgency=high ]

  * While Kerberos 1.8 is not vulnerable to CVE-2009-4212 (the vulnerable
    code was removed during the 1.8 release process for code
    simplification and code size reasons), this is urgency high to get a
    version of Kerberos that fixes that integer underflow in the AES and
    RC4 code  into testing.
  * For now,  heimdal and MIT shared libraries for kadm5 will conflict;
    discussions of how to fix this are ongoing upstream, #564666
  * New translations; sorry about missing them in the last upload
      - Vietnamese,  Thanks Clytie Siddall, #548204
      - Basque, Thanks Piarres Beobide, #534284
  * Update standards version (no changes required)
  * Pull upstream changes made since alpha1 into the package.  In
    particular this includes a fix to a bug where unkeyed checksums are
    accepted by the FAST KDC backend.  That bug was introduced between 1.7
    and 1.8 alpha1 so is only present in prior Debian packages of 1.8. See
    upstream tickets 6632 and 6633.

  [ krb5 (1.8+dfsg~alpha1-1) unstable; urgency=low ]

  * Include symlinks in libkrb5-dev too
  * New upstream release
  * Fix .so symlinks in krb5-multidev

  [ krb5 (1.8+dfsg~aa+r23527-1) experimental; urgency=low ]

  * MIT krb5 trunk prior to 1.8 branch
  * Remove krb5-telnet, krb5-ftpd, krb5-clients, krb5-rsh-server, no
    longer provided upstream.  These are provided now in a separate source
    distribution.
  * Bring back functions needed by Samba, #531635
  * I know that the symbols revisions are generating lintian warnings;
    that will be cleaned up when upstream actually makes an alpha release
  * Implement krb5-multidev similar to heimdal-multidev so that packages
    can be built against both MIT Kerberos and Heimdal

  [ krb5 (1.7+dfsg-4) unstable; urgency=high ]

  * cve-2009-3295, MIT-KRB5-SA-2009-003: KDC crash when failing to find
    the realm of a host., Thanks 2Jakob Haufe for the report to Debian

  [ krb5 (1.7+dfsg-3) unstable; urgency=low ]

  * Fix typo in control file
  * Exclude usr/lib/krb5/plugins from  dh_makeshlibs call to deal with
    behavior change in dh_makeshlibs, #558719

  [ krb5 (1.7+dfsg-2) unstable; urgency=low ]

  * Only picked up part of the upstream fix to #557979; upstream fully
    reverted to 1.6.

  [ krb5 (1.7+dfsg-1) unstable; urgency=low ]

  * New upstream version, #554225
  * Several fixes applied after the 1.7 release:
      - 6506: correctly handle keytab vs stash file
    - 6508: kadmind ACL parsing could reference uninitialized memory
    - 6509: kadmind can reference null pointer on ACL error
    - 6511: uninitialized memory passed to krb5_free_error in change
    password client path
    - 6514: none replay cache memory leak
    - 6515: profile library mutex performance improvements
    - 6541: memory leak in PAC verify code
    - 6542: Check for null characters in pkinit certs
    - 6543: login vs user order in ftpd sometimes wrong
    - 6551: Memory leak in spnego accept_sec_context error path
  * libkrb5-dev depends on libkadm5clnt6 (LP: #472080)
  *  Avoid locking out accounts on PREAUTH_FAILED, #557979, (LP:
    #489418)

  [ krb5 (1.7dfsg~beta3-2) UNRELEASED; urgency=low ]

  * Update to policy 3.8.2 (no changes)

  [ lcms (1.18.dfsg-1.2) unstable; urgency=low ]

  * Non-maintainer upload
  * Fix silly copy&paste error (Really #560993)

  [ lcms (1.18.dfsg-1.1) unstable; urgency=low ]

  * Non-maintainer upload
  * Fix CVE-2009-0793 (#530785)
  * Fix detection of sparc64, patch by Aurelien Jarno (#560993)

  [ lesstif2 (1:0.95.2-1) unstable; urgency=low ]

  [Sam Hocevar]
  * Acknowledging past NMUs. Thanks to Aaron M. Ucko and Paul Gevers, who
    now co-maintains this package (#396199, #479779, #503361, #314440,
    #43640, #87745, #356017, #496081, #330057, #439186).
  * debian/control:
    + Add Paul Gevers to the uploaders list.
    + Update Vcs fields.

  [Paul Gevers]
  * New upstream release (dropping deprecated patches)
    - 020_bad_integer_cast.diff (solved upstream)
    - 020_unsigned_int.diff (included upstream)
    - 021_xim_chained_list_crash.diff (included upstream)
    - 031_fix_inverted_scrollwheel.diff (included upstream)
    - 031_shutup_xtungrabbutton.diff (included upstream)
    - 040_fedora_accelkeys.diff (included upstream)
    - 040_fedora_c++fix.diff (included upstream)
    - 040_fedora_text.diff (included upstream)
    - 050_cvs_invalid_pointer.diff (was from upstream)
    - 050_cvs_1773603_invalid_pointer_TextOut.c.diff (was from upstream)
    - 050_cvs_1773603_invalid_pointer_List.c.diff (was from upstream)
    - 050_cvs_1773603_invalid_pointer_Label.c.diff (was from upstream)
    - 050_cvs_1773603_invalid_pointer_LabelG.c.diff (was from upstream)
    - 050_cvs_class_initialize_DialogS.c.diff (was from upstream)
    - 050_cvs_attachbottom_Form.c.diff (was from upstream)
    - 060_update_manpages (included upstream)
    - 071_fix_crash_on_ESC_Traversal.c (included upstream)
    Remaining patches (updated descriptions, conform current DEP3
    proposal):
    - 000_bootstrap_script.diff (updated, in sync with upstream CVSMake)
    - 000_libtool_linking.diff (leave as is, debian specific, path)
    - 010_rebootstrap (updated, see also 000_bootstrap_script.diff)
    - 020_missing_xm_h.diff (not included upstream yet)
    - 020_render_table_crash.diff (in upstream cvs)
    - 020_xpmpipethrough.diff (not included upstream yet)
    - 030_manpage.diff (not included upstream, debian specific, path)
    - 031_use_X11_Xtos_header.diff (in upstream cvs)
    - 040_fedora_XxxxProperty-64bit.diff updated to prevent segfault on
      i386 when copy/pasting. Updated with courtesy from Hans de Goede
      (Fedora) (in upstream cvs)
    - 080_fix_spelling-error-in-binary (not included upstream yet,
      updated)
    Added patches
    - 030_manpage_Virtualbindings to fix manpage-section-mismatch
      (lintian)
    - 005_libtool_LT_HAVE.diff to fix a libtool error:
      possibly undefined macro: LT_HAVE_FREETYPE and LT_HAVE_XRENDER
    - 005_libtool_obsolete.diff to fix autoconf warnings about obsolete
      MACRO's.
    - 040_fedora_PutPixel32.diff fixes PutPixel32 crashing on 64 bit
      completly, with courtesy from Hans de Goede (Fedora)
      (#409093) (in upstream cvs)
  * debian/control
    - Update policy to 3.8.3 (no changes needed)
    - Add ${misc:Depends} to all depends fields (lintian)
  * debian/rules
    - Add DEB_HOST_GNU_TYPE and DEB_BUILD_GNU_TYPE to CARGS in line with
      /usr/share/doc/autotools-dev/README.Debian.gz
    - Removed CARGS without-freetype-config without-fontconfig-config
      because freetype is a build depend and configure can't cope (bug?)
    - Removed deprecated dh_desktop call
  * Create debugging symbols for lesstif2 (-dbg package)
  * Added README.source to confirm to policy 4.14 (lintian)
  * Fixed categories in debian/lesstif-bin.desktop (copied by accident
    from another package).

  [ libaio (0.3.107-7) unstable; urgency=low ]

  * Add support for sh3 and sh4. (#535288)
    Thanks to Nobuhiro Iwamatsu <iwamatsu@nigauri.org>.
  * Now using Standards-Version 3.8.3 (no changes needed).

  [ libcap2 (1:2.19-3) unstable; urgency=high ]

  * Add a versioned dependency on libpam-runtime to libcap2-bin because
    pam-auth-update is needed in postinst. (#593250)
  * Set urgency to high because we are fixing a RC bug.

  [ libcap2 (1:2.19-2) unstable; urgency=medium ]

  * Add -lpam to LDLIBS. Thanks to Sebastian Ramacher for suggesting the patch!
    (591410)
  * Set urgency to medium.
  * Improve patch description.

  [ libcap2 (1:2.19-1) unstable; urgency=low ]

  [ Kees Cook ]
  * Add pam_cap.so to the default PAM auth stack. (#573089)

  [ Torsten Werner ]
  * New upstream release.
  * Convert package to source format 3.0.
  * Remove quilt from Build-Depends.
  * Add static library to -dev package. Thanks to Stephan Sürken. (
    #589840)
  * Fix typo in Description. Thanks to Pascal De Vuyst. (#557496)
  * Add a patch to fix the man page cap_from_text(3). Thanks to Roland
    Koebler. (#567350)
  * Update Standards-Version: 3.9.0 (no changes).

  [ libcap2 (1:2.17-2) unstable; urgency=low ]

  * Explain in the long description of the -bin package that the manpage
    cap_from_text(3) is part of -dev package. (#548080)

  [ libcap2 (1:2.17-1) unstable; urgency=low ]

  * new upstream release
  * Switch from cdbs to dh.
  * Update Standards-Version: 3.8.3 (no changes).
  * Use gbp-pq to edit quilt patch.
  * Change Build-Depends: debhelper (>= 7.0.50~).
  * Add README.source.
  * Add man page capsh.8.

  [ libdrm (2.4.18-6) unstable; urgency=medium ]

  [ Sven Joachim ]
  * New patch 04_fix_nouveau_bo_new_tile_segfault.diff, backported from
    upstream commit df32c307e8f81b46ee8aa4dd7222fc18f175bbb3.  Fixes
    segfault in nouveau_bo_new_tile() failure path (see #579425).
  * Update xsfbs to 81fc271788605b52e85c2d11635a0371fb44605e0.

  [ libdrm (2.4.18-5) unstable; urgency=low ]

  * Upload to unstable.

  [ libdrm (2.4.18-4) experimental; urgency=low ]

  * Steal 03_revert_abi_change.diff from Ubuntu to revert the nouveau ABI
    change.  Current Debian kernels support only the old ABI.
    Thanks Sven Joachim!
  * Build a libdrm-nouveau1 package on Linux architectures (#568162).
    Patch adapted from the Ubuntu package. Thanks Sven Joachim!

  [ libdrm (2.4.18-3) unstable; urgency=low ]

  * Include full SONAME in libdrm*.install to prevent accidental breakage.
  * Add back the drm headers in libdrm-dev.

  [ libdrm (2.4.18-2) unstable; urgency=low ]

  * Fix FTBFS on non-Linux architectures (#570851): Replace
    --{enable,disable}-radeon-experimental-api configure flag with
    --{enable,disable}-radeon since it got renamed.
  * Add ${misc:Depends} where it was missing, and fold all Depends.
  * Bump Standards-Version from 3.8.3 to 3.8.4 (no changes needed).
  * Add myself to Uploaders.

  [ libdrm (2.4.18-1) unstable; urgency=low ]

  * New upstream release.

  [ libdrm (2.4.17-1) unstable; urgency=low ]

  [ Julien Cristau ]
  * New upstream release, #560434, #567831.
  * Update patch 01_default_perms.diff to account for upstream move of libdrm
    to toplevel.
  * Update libdrm2.symbols and shlibs.
  * Update libdrm-intel1.symbols and shlibs.
  * Bump debhelper build-dep, we use dh_strip --remaining-packages (
    #558443).  Thanks, Sergio Gelato!
  * Enable libdrm_radeon, interface to kernel graphics memory management on
    radeon (#558786).
  * Rename the build directory to not include DEB_BUILD_GNU_TYPE for no
    good reason.  Thanks, Colin Watson!
  * Remove myself from Uploaders

  [ Brice Goglin ]
  * Bump linux-libc-dev dependency to 2.6.32, thanks Piotr Engelking,
    #561224.
  * Add libdrm-radeon1 symbols and update shlibs.
  * Update debian/copyright.

  [ Timo Aaltonen ]
  * Update libdrm2.symbols and shlibs.

  [ libdrm (2.4.15-1) unstable; urgency=low ]

  * New upstream release.
    + update libdrm-intel1 symbols and shlibs
  * Only build libdrm-intel on x86 (linux and kfreebsd).

  [ libdrm (2.4.14-1) unstable; urgency=low ]

  * Parse space-separated DEB_BUILD_OPTIONS, and handle parallel=N.
  * New upstream release.
  * Bump Standards-Version to 3.8.3.

  [ libdrm (2.4.13-1) unstable; urgency=low ]

  [ Christopher James Halse Rogers ]
  * debian/control:
    + Remove scary 'built from DRM snapshot' warning from long description of
      libdrm-intel1{,-dbg}

  [ Julien Cristau ]
  * New upstream release.
  * Update libdrm-intel1.symbols.

  [ libexif (0.6.19-1) unstable; urgency=high ]

  * New upstream release
    - fix CVE-2009-3895: heap buffer overflow during tag format conversion
      (#557137)

  [ libexif (0.6.18-1) unstable; urgency=low ]

  * New upstream release
  * Clean and minify the build process (using dh7 overrides)
  * Bump Standards-Version to 3.8.3.
  * Add README.source file.
  * Add doc-base file for libexif API documentation.

  [ libgcrypt11 (1.4.5-2) unstable; urgency=low ]

  * Fix FTBFS on mips(el). Thank you, Aurelien Jarno. #561475

  [ libgcrypt11 (1.4.5-1) unstable; urgency=low ]

  * New upstream version.
    + Does not try to use SPARC32 assembly code on SPARC64. #560028
  * Drop patches included upstream: 21_cpuid.diff 20_padlock.diff.
  * Switch to 3.0 (quilt) format.
  * Update copyright stanza for documentation.
  * Simplify debian/rules. There should not be any reason to disable the
    pubkey test on specific archs anymore since GCRYCTL_ENABLE_QUICK_RANDOM is
    set. (#385805). Also tests/register et al. are run by upstream's check
    target, there is no need for manual invocation.

  [ libgcrypt11 (1.4.4-6) unstable; urgency=low ]

  * Sync priorities with override file, libgcrypt11 is priority standard
    now.
  * [patches/21_cpuid.diff] Fix CPUID detection. (Thank's, Ben Hutchings.)
    #519391

  [ libgcrypt11 (1.4.4-5) unstable; urgency=low ]

  * Use makeinfo -html instead of texi2html to generate html docs.
    #552947
  * Ship png figures used in html documentation.

  [ libgcrypt11 (1.4.4-4) unstable; urgency=low ]

  * Update homepage location. #540468
  * Empty dependency_libs in la-file.
  * Stop double installing info files with both dh_install and dh_installinfo.

  [ libice (2:1.0.6-1) unstable; urgency=low ]

  [ Julien Cristau ]
  * libice6-dbg doesn't need to depend on x11-common.
  * Remove the debian revision from the xtrans-dev build-dep.
  * Move -dbg package to the debug section.

  [ Timo Aaltonen ]
  * New upstream release.
  * Bump Standards-Version to 3.8.3.

  [ libieee1284 (0.2.11-6) unstable; urgency=low ]

  * Moved to source format 3.0 (quilt).

  * debian/control:
    + Bump Standards-Version to 3.8.4 (no changes).
    + Add ${misc:Depends}.
    + Remove dpatch build-dep.
  * debian/rules:
    + Remove dpatch code.

  * All patches refreshed, tagged with DEP-3 headers.

  [ libjpeg6b (6b1-1) unstable; urgency=low ]

  * New upstream release
    - libjpeg62 has now versionned symbols.
    - Updated build system that use current libtool.
    - Full source code for the build system.
  * debian/copyright: add 6b1 upstream download URL.
  * debian/control:
    - libjpeg62-dev: Provides libjpeg-dev since the transition has been
      postponed.
    - Remove now useless dependency on libtool and sharutils
    - Bump Standards-Version to 3.9.0.
  * Get rid of dpatch system. Patches were only relevant to libjpeg-progs
    which is not build from this package anymore.
  * Move to new source format 3.0 (quilt). Patches applied:
    - use-autotools-dev: Use autotools-dev version of config.sub/.guess.
    - extern_C-jpeglib.h: Wrap jpeglib.h with extern "C" {} if __cplusplus
      is defined.
  * debian/rules:
    - Adjust for new build system and new patch system.
  * debian/shlibs: add (>=6b1) to avoid linker warnings with libjpeg6b.

  [ libjpeg6b (6b-16) unstable; urgency=low ]

  * Transition to libjpeg8:
  * debian/control:
   - Bump standard version to 3.8.4.
   - libjpeg62-dev no more Provides libjpeg-dev
   - move libjpeg62, libjpeg62-dev and libjpeg62-dbg to section oldlibs
   - move libjpeg62-dev to priority extra (conflict with libjpeg8-dev)
   - mention obsolescence in the description.
   - Add ${misc:Depends}

  [ libjpeg6b (6b-15) unstable; urgency=low ]

  * Transition to libjpeg7:
   - Remove package libjpeg-progs.
   - remove debian/extra.
  * debian/control:
   - Bump standard version to 3.8.3.
   - Move libjpeg62-dbg to section debug.

  [ libnss-ldap (264-2.2) unstable; urgency=low ]

  * Non-maintainer upload.
  * Fix pending l10n issues. Debconf translations:
    - Vietnamese (Clytie Siddall).  #572767

  [ libnss-ldap (264-2.1) unstable; urgency=low ]

  * Non-maintainer upload.
  * Adapt versioned dependency on debhelper to the current debhelper
    compatibility level
  * Add ${misc:Depends} to binary package dependencies to properly cope
    with dependencies triggerred by debhelper
  * Fix pending l10n issues. Debconf translations:
    - Finnish (Esko Arajärvi).  #533599
    - Italian (Luca Monducci).  #544598
    - Slovak (Ivan Masár).  #571222

  [ libpam-ldap (184-8.5) unstable; urgency=low ]

  * Non-maintainer upload.
  * Fix pending l10n issues. Debconf translations:
    - Spanish (Francisco Javier Cuadrado).  #579510

  [ libpam-ldap (184-8.4) unstable; urgency=low ]

  * Non-maintainer upload.
  * Fix "needs versioned dependency on libpam-runtime", thanks to Arthur de
    Jong for providing the info in the bug report (#578638).

  [ libpam-ldap (184-8.3) unstable; urgency=low ]

  * Non-maintainer upload.
  * Fix pending l10n issues. Debconf translations:
    - Vietnamese (Clytie Siddall).  #548000
    - Galician (Marce Villarino).  #537422
    - Norwegian Bokmål (Bjørn Steensrud).  #563361
    - Simplified Chinese (Ji ZhengYu).  #563615

  [ libpam-ldap (184-8.2) unstable; urgency=low ]

  * Non-maintainer upload.
  * Restore the libsasl2-dev build-dependency, the libnss-ldapd suggests,
    and the libpam-runtime dependency, casualties of the previous NMU.

  [ libpam-ldap (184-8.1) unstable; urgency=low ]

  * Non-maintainer upload.
  * Add quilt to build dependencies (fix FTBFS)
  * Add decent copyright and licence information in debian/copyright
  * Add ${misc:Depends} to the binary package dependencies to cover
    dependencies induced by debhelper utilities. Drop debconf
    dependencies that are covered by this
  * Versioned build dependency on debhelper >5
  * Debconf templates and debian/control reviewed by the debian-l10n-
    english team as part of the Smith review project. #531557
  * [Debconf translation updates]
    - Brazilian Portuguese. #532470
    - Czech. #532476
    - Finnish. #532506
    - Japanese. #532621
    - Slovak. #532962
    - Portuguese. #533243
    - Traditional Chinese. #533732
    - Italian. #533756
    - Russian. #533877
    - Swedish. #534245
    - German. #534336
    - French. #534390
    - Basque. #534438
  * Danish (Frank Damgaard).  #546300

  [ libpng (1.2.44-1) unstable; urgency=low ]

  * New upstream release
    Stop memory leak when reading a malformed sCAL chunk

  [ libpng (1.2.43-1) unstable; urgency=high ]

  * New upstream release
  * Fix CVE-2010-0205 and Cert VU#576029
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0205
    https://www.kb.cert.org/vuls/id/576029
    Do not stall and consume large quantities of memory while processing
    certain Portable Network Graphics (PNG) files
    572308

  [ libpng (1.2.42-2) unstable; urgency=low ]

  * Merge 1.2.42-1ubuntu1
    Move libpng from /usr/lib to /lib, so that plymouth is usable on
    systems with a separate /usr.
  * Fix out-of-date-standards-version

  [ libpng (1.2.42-1ubuntu1) lucid; urgency=low ]

  * Merge from Debian testing.  Remaining changes:
    - Move libpng from /usr/lib to /lib, so that plymouth is usable on
      systems with a separate /usr.

  [ libpng (1.2.42-1) unstable; urgency=low ]

  * New upstream release
  * Remove 02-export-png_set_strip_error_numbers.patch (merged)
  * Fix debhelper-but-no-misc-depends

  [ libpng (1.2.41-1ubuntu1) lucid; urgency=low ]

  * Move libpng from /usr/lib to /lib, so that plymouth is usable on systems
    with a separate /usr.

  [ libpng (1.2.41-1) unstable; urgency=low ]

  * New upstream release
  * Debian source format is 3.0 (quilt)
  * Update debian/watch
  * Add 02-export-png_set_strip_error_numbers.patch
    Define PNG_ERROR_NUMBERS_SUPPORTED
    Upstream doesn't define PNG_ERROR_NUMBERS_SUPPORTED since 1.2.41. As
    a consecuence, the symbol png_set_strip_error_numbe@@PNG12_0 wasn't
    exported.

  [ libpng (1.2.40-1) unstable; urgency=low ]

  * New upstream release

  [ libpng (1.2.39-1) unstable; urgency=low ]

  * New upstream release
  * Fix out-of-date-standards-version
  * Fix patch-system-but-no-source-readme

  [ libsdl1.2 (1.2.14-6) unstable; urgency=low ]

  * Add 320_disappearingcursor.diff to fix problems with the mouse cursor
    disappearing in OpenTTD using 1.2.14-5.  Partially reverts the fix for
    upstream bug #716 (r4872); taken together with 310_fixmouseclicks,
    the upstream fix is entirely reverted.  (#578389)
    - Thanks to Adam D. Barratt!
  * Add source format 1.0 for now.
  * Bump Standards Version to 3.8.4. (No changes needed).

  [ libsdl1.2 (1.2.14-5) unstable; urgency=low ]

  * Add 310_fixmouseclicks.diff to fix problems with left-mouse clicks
      not working in Wesnoth in windowed mode.  Partially reverts the fix
      for upstream bug #716 (r4872).  (#565788).
      Thanks to Adam D. Barratt for the fix.

  [ libsdl1.2 (1.2.14-4) unstable; urgency=low ]

  * Move -dev Recommends back to Depends, as other packages may want to
    statically link with libsdl.a. (#565579).

  [ libsdl1.2 (1.2.14-3) unstable; urgency=low ]

  [ Barry deFreese ]
  * Add build-dep on libglu1-mesa-dev to enable OpenGL support. (LP: #328932)
  * Disable Playstation 3 Cell driver on PPC. (#564846).
    + Thanks to Scott Kitterman at Ubuntu for finding fix from Gentoo.
  * 222_joystick_crash.diff - Fix crash with dpad joystick. (#564831).
    + Thanks to Tarek Soliman for catching the fix from upstream.

  [ libsdl1.2 (1.2.14-2) unstable; urgency=low ]

  [ Barry deFreese ]
  * Upload to unstable.
  * Update 215_kfreebsd_gnu.diff patch to fix FTBFS on kFreeBSD.
    + Thanks to Christoph Egger for the fix!
  * Add ${misc:Depends} for binary packages for Debhelper package.

  [ libsdl1.2 (1.2.14-1) experimental; urgency=low ]

  [ Barry deFreese ]
  * New upstream release. (#557711).
    + Remove patches that are applied upstream or code changed.
    + Refresh remaining patches.

  [ libsdl1.2 (1.2.13-5) unstable; urgency=low ]

  [ Barry deFreese ]
  * Add myself to uploaders.
  * Add watch file.
  * Add Homepage: field to source stanza.
  * Fix Vcs-Browser path.
  * 310_segfault_noGLX.diff - Don't segfault when no GLX. (541365).
    + Thanks to Gonéri Le Bouder for the fix.
  * 050_altivec_detection.diff - Detect Altivec machines. (#502993).
    + Update 100_libtoolize.diff.
  * 320_activate_xrandr_on_default.diff - Enable xrandr. (#450689).
    + Thanks to Kai Wasserbäch for the patch.
  * 221_check_SDL_NOKBD_environment_variable.diff. (#438915).
    + Thanks to Bernhard Kauer for the patch.
  * Remove manpage from libsdl1.2-dev.install, installed by dh_installman.
  * Remove duplicate sections from binary packages.
  * Bump debhelper build-dep version and compat to 5.
  * Bump Standards Version to 3.8.3

  [ Aurelien Jarno ]
  * 100_config_update.diff: update config.guess/sub. (#549240).

  [ libselinux (2.0.96-1) unstable; urgency=low ]

  * New upstream release
    + Add const qualifiers to public API where appropriate by KaiGai
      Kohei.
    + Remove duplicate slashes in paths in selabel_lookup from Chad Sellers
    + Adds a chcon method to the libselinux python bindings from Steve Lawrence

  [ libselinux (2.0.94-1) unstable; urgency=low ]

  * New upstream release
    * Set errno=EINVAL for invalid contexts from Dan Walsh.
    * Show strerror for security_getenforce() by Colin Walters.
    * Merged selabel database support by KaiGai Kohei.
    * Modify netlink socket blocking code by KaiGai Kohei.
    * Fix from Eric Paris to fix leak on non-selinux systems.
    * regenerate swig wrappers
    * pkgconfig fix to respect LIBDIR from Dan Walsh.
    * Change the AVC to only audit the permissions specified by the
      policy, excluding any permissions specified via dontaudit or not
      specified via auditallow.
    * Fix compilation of label_file.c with latest glibc headers.
    * add/reformat man pages by Guido Trentalancia <guido@trentalancia.com>.
    * Change exception.sh to be called with bash by Manoj Srivastava
      <srivasta@debian.org>
  * Bug fix: "memory leak", thanks to Sam Hocevar. Upstream fixed bug
    a wee bit differently.                              (#570639).

  [ libselinux (2.0.89-4) unstable; urgency=low ]

  * Revert decision not to ship /selinux; instead, ask policy folks to add
    an exception.                                #496752

  [ libselinux (2.0.89-3) unstable; urgency=low ]

  * Fix breakage in python-selinux.

  [ libselinux (2.0.89-2) unstable; urgency=low ]

  * [libselinux 16a76cd]: Do not ship /selinux
    Shipping /selinux is a violation of the FHS, and is proscribed by
    Debian policy. There is nothing that actually depends on /selinux
    being present, possibly apart from user scripts. From this point on,
    the machine operator will have to decide where to locate the mount
    point for selinuxfs, and modify /etc/fstab accordingly. SELinux
    modules scan for selinuxfs in /proc/mounts, so everything should
    adjust to the location of the selinuxfs mount automatically.
    Bug fix: "/selinux not in FHS", thanks to Kees Cook (#556972).

  [ libselinux (2.0.89-1) unstable; urgency=low ]

  * New upstream point release
    + Add pkgconfig file. This eliminates a patch we have been carrying fr
      a while.
  * Update build dependency on libsepol so we pick up the typo fix in
    libsepol.

  [ libselinux (2.0.88-1) unstable; urgency=low ]

  * New upstream point release
    + Rename and export selinux_reset_config()

  [ libselinux (2.0.87-3) unstable; urgency=low ]

  * [8dc8610]: [topic--exception-fix] exception.sh contains bashisms Use
    bash to run exception.sh (fails with non bash /bin/sh. Also, one now
    has to make swigify before building in ./src; this is the poximate
    cause of the bug.
    Bug fix: "python-selinux python modules are missing", thanks to Kees
    Cook (#551664).

  [ libselinux (2.0.87-2) unstable; urgency=high ]

  * [937ad58]: [libselinux] Add pkg-config as a build dependency
  * Bug fix: "python-selinux python modules are missing", thanks to Kees
    Cook                                               (#551664).

  [ libselinux (2.0.87-1) unstable; urgency=low ]

  * New upstream point release
    + Add exception handling in libselinux from Dan Walsh. This uses a
      shell script called exception.sh to generate a swig interface file.
    + Make matchpathcon print <<none>> if path not found in fcontext file.
    + Removal of reference counting on userspace AVC SID's.
  * Bug fix: "cross-build fixes", thanks to Colin Watson (#550731).

  [ libselinux (2.0.85-4) unstable; urgency=high ]

  * Handle the ase of init=/bin/sh in postinst. We now make sure that
    /proc/init/exe is actually /sbin/init, and that we have /dev/initctl,
    before calling tellinit.
    Bug fix: "postinst script fails if there is no /dev/initctl", thanks
    to Johannes Schauer (#545647).
    Bug fix: "postinst script fails if there is no /dev/initctl", thanks
    to Johannes Schauer (#545673).

  [ libselinux (2.0.85-3) unstable; urgency=low ]

  * First cut at providing symbols files.
    Bug fix: "please distribute a .symbols file", thanks to Marco
    d'Itri                                                 (#544364).
  * Check for extra libraries and shlib version numbers.  Unless there is
    a nocheck option in the deb build options variable, now we look to see
    if there are extra libraries we have linked to. Might need to back
    this out later, if this causes problems on the buildds.

  [ libselinux (2.0.85-2) unstable; urgency=low ]

  * Re-nenable building in parallel, which was disabled in the last
    upload.

  [ libselinux (2.0.85-1) unstable; urgency=low ]

  * New upstream release
    + Reverted Tomas Mraz's fix for freeing thread local storage to avoid
      pthread dependency.
    + Removed fini_context_translations() altogether.
    + Merged lazy init patch from Stephen Smalley based on original patch
      by Steve Grubb.
    + Add per-service seuser support from Dan Walsh.
    + Let load_policy gracefully handle selinuxfs being mounted from
      Stephen Smalley.
    + Check /proc/filesystems before /proc/mounts for selinuxfs from Eric
      Paris.
  * Bug fix: "parallel building fails sometimes", thanks to Kees Cook
    Disabled for now.                                    (#536840).
  * Bug fix: "It fails to install into an (experimental) chroot", thanks
    to Francesco Paolo Lovergine. Stole chroot detection code from udev's
    postinst. In effect, we stat / and ensure that is the same as
    /proc/1/root's lstat value.                          (#537888).

  [ libsigc++-2.0 (2.2.4.2-1) unstable; urgency=low ]

  * New upstream release.

  * Released to unstable.  I'm not sure this is perfect, but we need to
    move to 2.2, and having this in unstable and being tested is better
    than having it molder in experimental, forgotten.

  * Don't manually install the Doxygen tagfile; it has a new name and
    comes along automatically with "make install" now.

  * Fixed the use of misc:Depends in the -doc package.

  * Tightened the versioned dependency on debhelper to >=5.0.0.

  * Referenced a versioned name for the license file in
    debian/copyright.

  * Removed the dependency from -dev to libstdc++: it's a virtual
    package that's provided as part of a proper g++ install, so no need
    to depend on it directly.

  * Updated config.sub and config.guess in build/. (#528218)

  [ libsigc++-2.0 (2.2.2-1) experimental; urgency=low ]

  * New upstream release.

  * Merge watchfile improvements from Deng Xiyue.

  * Update to debhelper compatibility level 5.

  * Use ${binary:Version} instead of ${Source-Version}.

  * Add ${misc:Depends} to all binary packages so that debhelper can magically
    generate dependencies for us.

  * Add a NEWS file warning that the deprecated SigC namespace has been
    removed.

  [ libsigc++-2.0 (2.2.1-1) experimental; urgency=low ]

  * New upstream release. (#468220)

  [ libsm (2:1.1.1-1) unstable; urgency=low ]

  * New upstream release.
  * Move libsm6-dbg to 'debug' section.
  * Drop x11-common (pre-)dependencies, this isn't needed anymore.
  * Bump libice-dev build-dep to 2:1.0.5.
  * Bump xutils-dev build-dep to 1:7.4+4 for new util-macros.
  * Add README.source from xsfbs, bump Standards-Version to 3.8.3.
  * Look for space-separated DEB_BUILD_OPTIONS.

  [ libtasn1-3 (2.7-1) unstable; urgency=low ]

  * New upstream version.

  [ libtasn1-3 (2.6-1) unstable; urgency=low ]

  * New upstream version.
  * Drop libtasn1-config.1, we have not shipped the documented script since
    2.0.

  [ libtasn1-3 (2.5-1) unstable; urgency=low ]

  * New upstream version.
  * Do not run test-suite when cross compiling. (Thanks, Colin Watson)
    #554343

  [ libtasn1-3 (2.4-1) unstable; urgency=low ]

  * New upstream version.
  * Update debian/copyright.
  * Drop cdbs simple-patchsys in favour of dpkg-source v3. Remove unneeded
    debian/README.source.
  * Use dh_installinfo instead of dh_install for info files to get the
    recommended dependency on dpkg (>= 1.15.4) | install-info.

  [ libtool (2.2.6b-2) unstable; urgency=low ]

  * Add build depedency on zlib1g-dev needed by the search-path.at
    testsuite test.  (#560219)

  [ libtool (2.2.6b-1) unstable; urgency=low ]

  * New upstream release
    - Fixes CVE-2009-3736 (#559797)
  * Skip demo-deplibs.test.  This is basicly the same as
    deplibs_test_disable.patch from the 1.5.26 version.
  * Skip the link-order2.at test.  It has the same problem
    as the deplibs test.
  * Since deplibs-ident.at now passes, just let it return that
    the result is ok.
  * Skip localization test when setlocale is not functional.
  * Renable test suite.
  * Remove the "Apps/" part of the doc-base entry.
  * Change debhelper compatibility to 7.
  * Replace dh_clean -k with dh_prep
  * Change build dependency of automake to 1.10.1 (#542190)
  * Add support for GNU/kOpenSolaris (#545687)
  * Update Standards-Version from 3.8.1 to 3.8.3: No changes required.
  * Add ${misc:Depends} to libtool-doc's Depends so we have proper
    depedencies for it.
  * Build-Conflict against gcj for now, to avoid a regression test
    failure.  See #555801.
  * Symbol versioning works with the GNU gold linker now. (#554821)

  [ libusb (2:0.1.12-15) unstable; urgency=low ]

  * Don't include config.guess/config.sub in 91_autoreconf.diff (
    bug#538675).
  * Upgraded policy compliance to 3.8.4 (no changes).

  [ libusb (2:0.1.12-14) unstable; urgency=low ]

  * Add debian/patches/06_bsd.diff to fix build with kFreeBSD headers
    8.0.
  * Upgraded policy compliance to 3.8.3 (no changes).

  [ libx11 (2:1.3.3-3) unstable; urgency=low ]

  [ Julien Cristau ]
  * Drop manpage from libx11-6-udeb.
  * Don't install X11 locale data in the udeb.  The installer uses only gtk
    apps so this is useless (and big).

  [ Cyril Brulebois ]
  * Cherry-pick patch from upstream to run user's synchandlers as well as
    any internal synchandlers: 75ea8c3793. This fixes xnee issues when
    RECORD extension is enabled (#536491; LP: #378648).
  * Merge xsfbs/debian-unstable to fix double autoreconf runs.

  [ libx11 (2:1.3.3-2) unstable; urgency=low ]

  [ Julien Cristau ]
  * Update debian/copyright from upstream COPYING.
  * Remove myself from Uploaders

  [ Brice Goglin ]
  * Remove Jamey Sharp and Josh Triplett from Uploaders, #568274.

  [ Cyril Brulebois ]
  * Add udeb needed for the graphical installer: libx11-6-udeb.
  * Bump the B-D on libxcb1-dev to ensure libx11-6-udeb gets a dependency
    on libxcb1-udeb.
  * Bump Standards-Version from 3.8.3 to 3.8.4 (no changes needed).
  * Add myself to Uploaders.

  [ libx11 (2:1.3.3-1) unstable; urgency=low ]

  * xtrans has been fixed to not make us export a weak in6addr_any.  Adjust
    libx11-6.symbols accordingly (#560648).
  * Rename the build directory to not include DEB_BUILD_GNU_TYPE for no
    good reason.  Thanks, Colin Watson!
  * Update symbols file for sparc64 (#560400).  Thanks, Aurélien
    Jarno!
  * New upstream release
    + fix XCopyGC argument order in manpage (LP: #408337)
  * Bump xutils-dev build-dep for new util-macros.
  * Install the Compose man page in libx11-data.
  * Rediff patches 003_recognize_glibc_2.3.2_locale_names.diff,
    007_iso8859-15_Compose_fix.diff, 008_remove_ko_Compose.diff,
    009_remove_th_Compose.diff, 015_russian_locale_alias.diff.
  * libx11-6.symbols: add xlocaledir, made non-static in 1.3.3.

  [ libx11 (2:1.3.2-1) unstable; urgency=low ]

  [ Julien Cristau ]
  * libx11-6.symbols: _XkbReadBufferCopy32, _XkbReadCopyData32 and
    _XkbWriteCopyData32 are only present on 64-bit architectures.
  * Unmark the following symbols as private, they're being used:
    - _XRegisterFilterByMask
    - _XRegisterFilterByType
    - _XUnregisterFilter
    - _XInitKeysymDB
    - _Xevent_to_mask
  * Build the Xlib specs and install them in libx11-dev.
  * Upload to unstable.

  [ Timo Aaltonen ]
  * New upstream release.
  * Bump the build-dep on xutils-dev (>= 1:7.5~1).

  [ libx11 (2:1.3-1) experimental; urgency=low ]

  * libx11-6.symbols: mark some more stuff as private.
  * libx11-6.symbols: add kfreebsd-amd64 tag for 64-bit symbols.
  * Run dpkg-gensymbols with -c4 to catch mismatches between the symbols file
    and the library.
  * New upstream release.
  * Cherry-pick patch from upstream git to avoid an error in configure due to
    underquoting.
  * Fix 006_tailor_pt_BR.UTF-8_Compose.diff to apply on new upstream.
  * Bump Standards-Version to 3.8.3.

  [ libx11 (2:1.2.99.901-1) experimental; urgency=low ]

  [ Brice Goglin ]
  * Bump Standards-Version to 3.8.2.

  [ Julien Cristau ]
  * Drop 002_arm_abi_brain_damage.diff, the old ABI arm port is gone.
  * Use a glob in libx11-6.install and libx11-xcb1.install.
  * Add tentative symbols file for libX11.so.6.  Many private symbols still
    included.
  * Build-depend on dpkg 1.15.3, to get support for tags in the symbols file.
  * New upstream release candidate
    + add {left,right}wards arrow to en_US.UTF-8 compose table
      (#532117).  Thanks, Filippo Giunchedi!

  [ libx86 (1.1+ds1-6) unstable; urgency=low ]

  * New maintainer
    546252
  * Fix out-of-date-standards-version
  * Fix patch-system-but-no-source-readme

  [ libx86 (1.1+ds1-5) unstable; urgency=low ]

  * Orphaning the package.

  [ libxau (1:1.0.6-1) unstable; urgency=low ]

  * New upstream release
    - manpage fixes (#583599).  Thanks, Tom Fogal!
  * Drop Pre-Depends on x11-common, only necessary for upgrades from sarge.
  * Bump build-dependency on xutils-dev for util-macros 1.4.
  * Bump Standards-Version to 3.9.0.

  [ libxau (1:1.0.5-2) unstable; urgency=low ]

  [ Julien Cristau ]
  * Rename the build directory to not include DEB_BUILD_GNU_TYPE for no
    good reason.  Thanks, Colin Watson!
  * Remove myself from Uploaders

  [ Cyril Brulebois ]
  * Add udeb needed for the graphical installer: libxau6-udeb.
  * Add myself to Uploaders.
  * Bump Standards-Version from 3.8.3 to 3.8.4 (no changes needed).
  * Add ${misc:Depends} to non-udeb binaries, and wrap Depends.

  [ libxau (1:1.0.5-1) unstable; urgency=low ]

  * New upstream release
  * Update xsfbs to 5693792171d885769e58dcccc053c08b11acd12a
    + README.source lets us bump standards version to 3.8.3.0
  * Change -dbg package to "debug" section
  * Delete autogen.sh, which gets installed at build time

  [ libxaw (2:1.0.7-1) unstable; urgency=low ]

  [ Julien Cristau ]
  * Add header to 01_Xaw_StripChart_fix.diff.  This way it's not necessary to
    go look at the changelog for xfree86 4.2.1-5 to figure out what this is
    about.
  * Build the Xaw spec and install it in libxaw7-dev.
  * README.Debian pointed at this doc in xspecs, it's now unnecessary.

  [ Timo Aaltonen ]
  * New upstream release.
  * Bump the build-dep on xutils-dev (>= 1:7.5~1).
  * Bump Standards-Version to 3.8.3.

  [ libxcb (1.6-1) unstable; urgency=low ]

  * New upstream release.
  * Bump Build-Depends on xcb-proto (from 1.5 to 1.6) accordingly.
  * debian/libxcb1.symbols: Add xcb_discard_reply@Base, new in this
    release.

  [ libxcb (1.5-3) unstable; urgency=low ]

  * Add udeb needed for the graphical installer: libxcb1-udeb.
  * Version the B-D on libxau-dev to ensure libxcb1-udeb gets a dependency
    on libxau6-udeb.
  * Version the B-D on libxdmcp-dev to ensure libxcb1-udeb gets a
    dependency on libxdmcp6-udeb.
  * Bump Standards-Version from 3.8.3 to 3.8.4 (no changes needed).
  * Remove Jamey Sharp from Uploaders (#568277), with many thanks
    for your work!
  * Add myself to Uploaders.

  [ libxcb (1.5-2) unstable; urgency=low ]

  * Add libxcb-dri2-0

  [ libxcb (1.5-1) unstable; urgency=low ]

  * New upstream release
  * Bump standard version

  [ libxcomposite (1:0.4.2-1) unstable; urgency=low ]

  * New upstream release.
  * Update debian/copyright from upstream COPYING.
  * Bump xutils-dev build-dep for xorg-macros 1.6.
  * Drop pre-dependency on x11-common, only needed for upgrades from sarge.
  * Bump Standards-Version to 3.9.0.

  [ libxcomposite (1:0.4.1-2) unstable; urgency=low ]

  [ Julien Cristau ]
  * Rename the build directory to not include DEB_BUILD_GNU_TYPE for no
    good reason.  Thanks, Colin Watson!
  * Remove myself from Uploaders

  [ Brice Goglin ]
  * Remove Jamey Sharp and Josh Triplett from Uploaders, #568280.

  [ libxcomposite (1:0.4.1-1) unstable; urgency=low ]

  [ Timo Aaltonen ]
  * New upstream release (#554236).
  * Bump Standards-Version to 3.8.3.
  * Run autoreconf on build. Add build-deps on automake, libtool and
    xutils-dev.
  * Parse space-separated DEB_BUILD_OPTIONS, and handle parallel=N.

  [ libxcursor (1:1.1.10-2) unstable; urgency=low ]

  [ Julien Cristau ]
  * Rename the build directory to not include DEB_BUILD_GNU_TYPE for no
    good reason.  Thanks, Colin Watson!
  * Remove myself from Uploaders

  [ Cyril Brulebois ]
  * Add udeb needed for the graphical installer: libxcursor1-udeb.
  * Version/Bump some B-D to make sure the udeb gets its dependencies on
    the (recently-added) udebs rather than on the libraries:
     - libx11-dev
     - libxfixes-dev
     - libxrender-dev
  * Bump Standards-Version from 3.8.3 to 3.8.4 (no changes needed).
  * Add myself to Uploaders.
  * Add ${misc:Depends} to non-udeb binaries, and wrap Depends.

  [ libxcursor (1:1.1.10-1) unstable; urgency=low ]

  [ Julien Cristau ]
  * Drop the -1 debian revisions from build-depends.
  * Bump Standards-Version to 3.7.3.
  * Drop the XS- prefix from Vcs-* control fields.
  * Remove /usr/X11R6/lib/X11/icons from the cursor path (#557292).
  * Kill vim modeline from debian changelog, it makes lintian angry.

  [ Brice Goglin ]
  * Add README.source, bump Standards-Version to 3.8.2.
  * Use updated xsfbs, #538582.
  * Move -dbg package to section debug.

  [ Timo Aaltonen ]
  * New upstream release (#554238).
  * Run autoreconf on build. Add build-deps on automake, libtool
    and xutils-dev.
  * Parse space-separated DEB_BUILD_OPTIONS, and handle parallel=N.
  * Bump Standards-Version to 3.8.3.
  * Drop pre-dependency on x11-common from libxcursor-dev. This was needed
    for upgrades from sarge.

  [ libxdamage (1:1.1.3-1) unstable; urgency=low ]

  [ Julien Cristau ]
  * Remove myself from Uploaders.
  * Rename the build directory to not include DEB_BUILD_GNU_TYPE for no
    good reason.  Thanks, Colin Watson!
  * New upstream release.
  * Bump xutils-dev build-dep for newer macros.

  [ Brice Goglin ]
  * Remove Jamey Sharp and Josh Triplett from Uploaders, #568279.

  [ libxdamage (1:1.1.2-1) unstable; urgency=low ]

  [ Brice Goglin ]
  * Add a link to www.X.org in the long description.
  * Drop CVS header from debian/copyright.
  * Add upstream URL to debian/copyright.
  * Add README.source, bump Standards-Version to 3.8.2.
  * Use updated xsfbs, #538586.
  * Move -dbg package to section debug.

  [ Timo Aaltonen ]
  * New upstream release (#554235).
  * Run autoreconf on build. Add build-deps on automake, libtool
    and xutils-dev.
  * Parse space-separated DEB_BUILD_OPTIONS, and handle parallel=N.
  * Drop pre-dependency on x11-common from libxdamage-dev. This was needed
    for upgrades from sarge.

  [ Julien Cristau ]
  * Bump Standards-Version to 3.8.3 (no changes).

  [ libxdmcp (1:1.0.3-2) unstable; urgency=low ]

  [ Julien Cristau ]
  * Rename the build directory to not include DEB_BUILD_GNU_TYPE for no
    good reason.  Thanks, Colin Watson!
  * Remove myself from Uploaders

  [ Cyril Brulebois ]
  * Add udeb needed for the graphical installer: libxdmcp6-udeb.
  * Add myself to Uploaders.
  * Bump Standards-Version from 3.8.3 to 3.8.4 (no changes needed).

  [ libxdmcp (1:1.0.3-1) unstable; urgency=low ]

  [ Brice Goglin ]
  * Add a link to www.X.org and a reference to the upstream module
    in the long description.
  * Add upstream URL to debian/copyright.

  [ Timo Aaltonen ]
  * New upstream release (#555996).
  * Run autoreconf on build. Add build-deps on automake, libtool
    and xutils-dev.
  * Parse space-separated DEB_BUILD_OPTIONS, and handle parallel=N.
  * Bump Standards-Version to 3.8.3.
  * Move -dbg package to section debug.
  * Drop pre-dependency on x11-common from libxdmcp-dev. This was needed
    for upgrades from sarge.

  [ libxext (2:1.1.2-1) unstable; urgency=low ]

  * New upstream release.
  * Update debian/copyright from upstream COPYING.
  * Bump xutils-dev build-dep for xorg-macros 1.4.
  * Drop patch included upstream, disable patch system.
  * Bump Standards-Version to 3.9.0.

  [ libxext (2:1.1.1-3) unstable; urgency=low ]

  [ Julien Cristau ]
  * Rename the build directory to not include DEB_BUILD_GNU_TYPE for no
    good reason.  Thanks, Colin Watson!

  [ Cyril Brulebois ]
  * Add udeb needed for the graphical installer: libxext6-udeb.
  * Bump the B-D on libx11-dev to ensure libxext6-udeb gets a dependency
    on libx11-6-udeb.
  * Bump Standards-Version from 3.8.3 to 3.8.4 (no changes needed).
  * Add myself to Uploaders.

  [ libxext (2:1.1.1-2) unstable; urgency=low ]

  * Upload to unstable.

  [ libxext (2:1.1.1-1) experimental; urgency=low ]

  [ Timo Aaltonen ]
  * New upstream release (#555999).
  * Bump the build-dep on xutils-dev (>= 1:7.5~1).

  [ Julien Cristau ]
  * Add a symbols file for libxext6.
  * Don't export xgeExtRegister.

  [ libxext (2:1.0.99.4-1) experimental; urgency=low ]

  [ Julien Cristau ]
  * Drop the -1 debian revisions from build-deps.
  * Drop the XS- prefix from Vcs-* control fields.
  * libxext6{,-dbg} don't need to depend on x11-common.
  * Use ${binary:Version} instead of the deprecated ${Source-Version}.
  * Run autoreconf at build time.
  * Parse space-separated DEB_BUILD_OPTIONS, handle parallel=N.
  * Drop Pre-Depends on x11-common.  This was needed for upgrades from sarge.
  * Bump Standards-Version to 3.8.3
  * New upstream release.
  * Bump build-dependencies following configure.ac, and drop libxau-dev
    (unneeded).
  * Update libxext-dev.install to install headers.
  * libxext-dev Depends on new x11proto-xext-dev, and Replaces old one.

  [ Brice Goglin ]
  * Add a link to www.X.org and a reference to the upstream module
    in the long description.
  * Add upstream URL to debian/copyright.
  * Use updated xsfbs, #538585.
  * Move -dbg package to section debug.

  [ Timo Aaltonen ]
  * Add README.source from xsfbs.

  [ libxfixes (1:4.0.5-1) unstable; urgency=low ]

  * New upstream release.
  * Bump xutils-dev build-dep for xorg-macros 1.8.
  * Update debian/copyright from upstream COPYING.
  * Bump Standards-Version to 3.9.0.

  [ libxfixes (1:4.0.4-2) unstable; urgency=low ]

  [ Julien Cristau ]
  * Rename the build directory to not include DEB_BUILD_GNU_TYPE for no
    good reason.  Thanks, Colin Watson!

  [ Brice Goglin ]
  * Remove Jamey Sharp and Josh Triplett from Uploaders, #568278.

  [ Cyril Brulebois ]
  * Use dh_makeshlibs’s -V argument instead of debian/libxfixes3.shlibs
  * Add udeb needed for the graphical installer: libxfixes3-udeb.
  * Bump the B-D on libx11-dev to ensure libxfixes3-udeb gets a dependency
    on libx11-6-udeb.
  * Bump Standards-Version from 3.8.3 to 3.8.4 (no changes needed).
  * Add myself to Uploaders.

  [ libxfixes (1:4.0.4-1) unstable; urgency=low ]

  [ Julien Cristau ]
  * Remove Branden and Fabio from Uploaders with their permission.
  * Don't build-depend on packages with a -1 debian revision.
  * Drop the XS- prefix from the Vcs-* control fields.
  * Remove x11-common (pre-)dependency from libxfixes3 and libxfixes3-dbg, as
    it shouldn't be needed.
  * Use ${binary:Version} instead of the equivalent but confusingly-named
    ${Source-Version} in debian/control.
  * Bump Standards-Version to 3.8.3.

  [ Brice Goglin ]
  * Add upstream URL to debian/copyright.
  * Drop CVS header from debian/copyright.
  * Add a link to www.X.org in the long description.
  * Install the upstream ChangeLog.
  * Add README.source, bump Standards-Version to 3.8.2.
  * Use updated xsfbs, #538584.
  * Move -dbg package to section debug.

  [ Timo Aaltonen ]
  * New upstream release (#556000).
  * Run autoreconf on build. Add build-deps on automake, libtool
    and xutils-dev.
  * Parse space-separated DEB_BUILD_OPTIONS, and handle parallel=N.
  * Drop pre-dependency on x11-common from libxfixes-dev. This was needed
    for upgrades from sarge.

  [ libxi (2:1.3-4) unstable; urgency=low ]

  * Add udeb needed for the graphical installer: libxi6-udeb.
  * Version/Bump some B-D to make sure the udeb gets its dependencies on
    the (recently-added) udebs rather than on the libraries:
     - libx11-dev
     - libxext-dev
  * Add myself to Uploaders.

  [ libxi (2:1.3-3) unstable; urgency=low ]

  [ Julien Cristau ]
  * Rename the build directory to not include DEB_BUILD_GNU_TYPE for no
    good reason.  Thanks, Colin Watson!
  * Remove myself from Uploaders
  * Update patch from 2:1.3-2 to not crash if an app (like, say, anything
    using Qt3) calls libXi functions but the extension isn't available
    (#568323).  Thanks, Roman Mamedov!

  [ Brice Goglin ]
  * Remove Jamey Sharp and Josh Triplett from Uploaders, #568276.

  [ Cyril Brulebois ]
  * Bump Standards-Version from 3.8.3 to 3.8.4 (no changes needed).
  * Upload to unstable.

  [ libxi (2:1.3-2) unstable; urgency=low ]

  * Initialize extension with the right number of events.  This should fix
    issues when libXi announces more events than the X server will actually
    send for that extension, and thus smashes Xlib's event vector (
    #515734, #515946).  Patch by Peter Hutterer, analysis by Nathan Kidd.
  * Upload to unstable.

  [ libxi (2:1.3-1) experimental; urgency=low ]

  * Bump Standards-Version to 3.8.3.
  * Add build-deps on xmlto and asciidoc to build the manpages.
  * New upstream release.

  [ libxi (2:1.2.99.4-1) experimental; urgency=low ]

  [ Timo Aaltonen ]
  * Add README.source from xsfbs.  Bump Standards-Version to 3.8.1.

  [ Julien Cristau ]
  * Move libxi6-dbg to section 'debug'.
  * Drop libxi-dev pre-dependency on x11-common, only needed for upgrades from
    sarge.
  * New upstream release candidate.
  * XInput.h moved here from x11proto-input-dev; add Replaces.
  * Also remove config.h.in in clean.
  * Bump shlibs and update symbols.

  [ libxinerama (2:1.1-3) unstable; urgency=low ]

  [ Julien Cristau ]
  * Rename the build directory to not include DEB_BUILD_GNU_TYPE for no
    good reason.  Thanks, Colin Watson!
  * Remove myself from Uploaders

  [ Cyril Brulebois ]
  * Add udeb needed for the graphical installer: libxinerama1-udeb.
  * Version/Bump some B-D to make sure the udeb gets its dependencies on
    the (recently-added) udebs rather than on the libraries:
     - libx11-dev
     - libxext-dev
  * Bump Standards-Version from 3.8.3 to 3.8.4 (no changes needed).
  * Add myself to Uploaders.

  [ libxinerama (2:1.1-2) unstable; urgency=low ]

  * Upload to unstable.

  [ libxinerama (2:1.1-1) experimental; urgency=low ]

  [ Brice Goglin ]
  * Add upstream URL to debian/copyright.
  * Add a link to www.X.org and a reference to the upstream module
    in the long description.

  [ Timo Aaltonen ]
  * New upstream release (#555997).
  * Run autoreconf on build. Add build-deps on automake, libtool
    and xutils-dev.
  * Parse space-separated DEB_BUILD_OPTIONS, and handle parallel=N.
  * Bump Standards-Version to 3.8.3.
  * Add headers to libxinerama-dev, moved from x11proto-xinerama-dev.
  * Bump {Build-,}Depends, add Replaces on x11proto-xinerama-dev.
  * Move -dbg package to section debug.
  * Drop pre-dependency on x11-common from libxinerama-dev. This was needed
    for upgrades from sarge.

  [ libxml2 (2.7.7.dfsg-4) unstable; urgency=low ]

  * debian/rules:
    - Use a variable to express which sub-targets to invoke for
      configure/build/install.
    - Refactor configure-% and build-% rules.
    - Avoid possible renaming of _d.so files to _d_d.so files in the
      install-python%-dbg rules.
  * debian/control, debian/control.udeb, debian/libxml2-udeb.install,
    debian/rules: Add an udeb package when building for Ubuntu.
    #583767.
  * debian/control:
    - Remove old Conflicts/Replaces for packages that have disappeared before
      etch.
    - Bump Standards-Version to 3.9.0.0.

  [ libxml2 (2.7.7.dfsg-3) unstable; urgency=low ]

  * debian/rules: Use build_python* instead of build-python* as build
    directory when configuring python modules. build-python$* would get
    matched by make as an existing file and would prevent evaluation of the
    corresponding build rule. Thanks Loïc Minier.
  * debian/python-libxml2.install: Don't hardcode site-/dist-packages in
    .install. Cope with builds which don't have any dist-packages (or
    site-packages) based python versions. Thanks Loïc Minier.
  * debian/rules, debian/python-libxml2-dbg.install, debian/control:
    Add a python-libxml2-dbg package. #583582.
  * debian/rules: Don't link against libpython.
  * python-libxml2-dbg.preinst: Remove /usr/share/doc/python-libxml2-dbg
    symlink when it exists (which is the case with older Ubuntu packages).

  [ libxml2 (2.7.7.dfsg-2) unstable; urgency=low ]

  * debian/libxml2-dbg.preinst, debian/libxml2-dev.preinst,
    debian/libxml2-utils.preinst: Remove /usr/share/doc symbolic links on
    upgrade. They will then be replaced by directories by dpkg.
    #577025.

  [ libxml2 (2.7.7.dfsg-1) unstable; urgency=low ]

  * New upstream release.
  * debian/control:
    + Bump Standards-Version to 3.8.4.0.
    + Depend on a version of debhelper that provides dh and supports
      overrides.
  * debian/compat: Bump to 7.
  * debian/rules:
    + Don't avoid to build in example/. There is no reason to do so anymore.
    + Remove remains of WORKAROUND_MODIFIED_FILES, that was removed 2 years
      ago.
    + Change the way python libs are built. We now use configure to set
      different environment with and without python, and arrange things so
      that we don't have to build the base libxml2 library several times.
    + Deduplicate in /usr/lib/pyshared, not
      /usr/lib/python-support/python-libxml2.
    + Remove old source and diff rules that only displayed a message
      inviting to use dpkg-source -b.
    + Force -Wl,--as-needed at the beginning of the gcc command line.
    + Simplify rules by switching to dh.
    + Don't refresh COPYING during clean target, it appears not to be
      necessary anymore.
    + Use a common cache for main and python configure passes.
  * debian/python-libxml2.install: Install python files from
    /usr/lib/python*/dist-packages.
  * python/generator.py: Sort python generated stubs so that libxml2.py
    doesn't differ between python 2.5 and 2.6.
  * doc/devhelp/Makefile.{am,in}: Properly install devhelp files when
    builddir != srcdir.

  [ libxml2 (2.7.6.dfsg-2) unstable; urgency=low ]

  * Cherry-picks from upstream git:
    + globals.c: fix the initialization of the mutex.
    + xmlIO.c: remove an abuse of zlib API and use a clean interface
      available in zlib >= 1.2.3. #565683, #565823.
  * debian/control:
    + Put libreadline-dev before libreadline5-dev in Build-Deps.
      #553803.
    + Add misc:Depends dependencies where they are missing.

  [ libxml2 (2.7.6.dfsg-1) unstable; urgency=low ]

  * New upstream release.
  * debian/control:
    + Bump Standards-Version to 3.8.3.0.
    + Set libxml2 package priority to standard to match override.

  [ libxml2 (2.7.5.dfsg-1) unstable; urgency=low ]

  * New upstream release.
    + Fixed a RelaxNG bug introduced in 2.7.4. #546442.

  [ libxml2 (2.7.4.dfsg-2) unstable; urgency=low ]

  * debian/libxml2.symbols: Force binaries that use versioned symbols to
    depend on version 2.7.4 at least.
  * parser.c: Fix a parsing problem with little data at startup.
    Cherry-picked from upstream git. #546254, #546488.

  [ libxml2 (2.7.4.dfsg-1) unstable; urgency=low ]

  * New upstream release.
  * Revert old change to entities.c.
  * debian/copyright: Change upstream url. #541082.
  * debian/libxml2.symbols: Change symbols file to use newly introduced
    symbol versioning
  * debian/rules: bump shlibs to current version.

  [ libxml2 (2.7.3.dfsg-2.1) unstable; urgency=high ]

  * Non-maintainer upload by the Security Team (#540865).
  * Fix multiple use-after-free flaws when parsing notation and
    enumeration attribute types (CVE-2009-2416).
  * Fix stack overflow when parsing root XML document element DTD
    definition (CVE-2009-2414).

  [ libxmu (2:1.0.5-1) unstable; urgency=low ]

  [ Timo Aaltonen ]
  * New upstream release.
    + Fix 64bit support (#521887)

  [ Julien Cristau ]
  * Bump Standards-Version to 3.8.3.

  [ libxpm (1:3.5.8-1) unstable; urgency=low ]

  [ Timo Aaltonen ]
  * New upstream release.
  * Bump the build-dep on xutils-dev (>= 1:7.5~1).

  [ Julien Cristau ]
  * Bump Standards-Version to 3.8.3.

  [ libxrandr (2:1.3.0-3) unstable; urgency=low ]

  [ Timo Aaltonen ]
  * Drop pre-dependency on x11-common from libxrandr-dev. This was needed
    for upgrades from sarge.
  * Move -dbg package to section debug.
  * Bump Standards-Version to 3.8.3.

  [ Julien Cristau ]
  * Rename the build directory to not include DEB_BUILD_GNU_TYPE for no
    good reason.  Thanks, Colin Watson!
  * Remove myself from Uploaders

  [ Brice Goglin ]
  * Remove Jamey Sharp and Josh Triplett from Uploaders, #568282.

  [ libxrender (1:0.9.6-1) unstable; urgency=low ]

  * New upstream release.
  * Update debian/copyright from upstream COPYING.
  * Bump Standards-Version to 3.9.0.

  [ libxrender (1:0.9.5-2) unstable; urgency=low ]

  [ Julien Cristau ]
  * Rename the build directory to not include DEB_BUILD_GNU_TYPE for no
    good reason.  Thanks, Colin Watson!
  * Remove myself from Uploaders

  [ Cyril Brulebois ]
  * Add udeb needed for the graphical installer: libxrender1-udeb.
  * Bump the B-D on libx11-dev to ensure libxrender1-udeb gets a
    dependency on libx11-6-udeb.
  * Bump Standards-Version from 3.8.3 to 3.8.4 (no changes needed).
  * Add ${misc:Depends} to non-udeb binaries, and wrap Depends.
  * Add myself to Uploaders.

  [ libxrender (1:0.9.5-1) unstable; urgency=low ]

  [ Timo Aaltonen ]
  * New upstream release.
  * Run autoreconf on build. Add build-deps on automake, libtool
    and xutils-dev.
  * Parse space-separated DEB_BUILD_OPTIONS, and handle parallel=N.
  * Bump Standards-Version to 3.8.3.
  * Move -dbg package to section debug.
  * Drop pre-dependency on x11-common from libxrender-dev. This was needed
    for upgrades from sarge.

  [ Julien Cristau ]
  * Install the libXrender doc in libxrender-dev.

  [ libxslt (1.1.26-5) unstable; urgency=low ]

  * debian/rules: Avoid possible renaming of _d.so files to _d_d.so files in
    the install-python%-dbg rules.
  * debian/control:
    - Add missing dependency on python-libxml2-dbg to python-libxslt1-dbg.
    - Remove old Conflicts/Replaces for packages that have disappeared before
      etch.
    - Bump Standards-Version to 3.9.0.0.
    - Add Homepage.
    - Add Vcs-{Git,Browser} fields.

  [ libxslt (1.1.26-4) unstable; urgency=low ]

  * debian/rules:
    - Refactor configure-% and build-% rules.
    - Hack to link with -Wl,--as-needed.
  * debian/python-libxslt1.install: Don't hardcode site-/dist-packages in
    .install. Cope with builds which don't have any dist-packages (or
    site-packages) based python versions. Thanks Loïc Minier.
  * debian/control:
    - Add missing XB-Python-Version to python-libxslt1.
    - Mention the version of XSLT implemented. #579244.
    - Fix typo in libxslt1-dev package description. #579241.
  * debian/control, debian/python-libxslt1-dbg.install, debian/rules: Add a
    python-libxslt1-dbg package.
  * doc/xsltproc.xml, doc/xsltproc.1: Document what happens when there is
    no output and -o is specified. #539890.

  [ libxslt (1.1.26-3) unstable; urgency=low ]

  * debian/compat: Switch to debhelper compat level 7.
  * debian/control: Build depend on debhelper >= 7.0.50~.
  * debian/rules:
    + Remove old source and diff rules. They only displayed a message
      inviting to use dpkg-source -b.
    + Remove workarounds for modified and deleted files. The modified file
      is not modified anymore, and as we're not using svn-buildpackage we
      also don't care about deleted files anymore.
    + Trust dpkg-buildpackage to set the CFLAGS.
    + Change the way python libs are built. We now use configure to set
      different environment with and without python, and arrange things so
      that we don't have to build the base libxslt library several times.
    + Use a common cache for main and python configure passes.
    + Modify libexslt.la in place in debian/tmp.
    + Switch to dh.
    + Deduplicate in /usr/lib/pyshared, not
      /usr/lib/python-support/python-libxslt1.
  * debian/python-libxslt1.install: Install python files from
    /usr/lib/python*/dist-packages.
  * python/Makefile.am, python/Makefile.in, python/generator.py: Don't
    generate python API intermediate files in $srcdir.
  * debian/libxslt1-dev.install: Install libexslt.la with dh_install.

  [ libxslt (1.1.26-2) unstable; urgency=low ]

  * debian/control:
    + Add missing ${misc:Depends}.
    + Bump Standards-Version to 3.8.4.0.
    + Put libxslt1-dbg in section debug.
  * debian/libxslt1-dev.install: Install /usr/share/aclocal files.
    #569066.
  * debian/rules, debian/libxslt1.1.symbols: Add symbols file and bump
    shlibs. #563399.

  [ libxslt (1.1.26-1) unstable; urgency=low ]

  * New upstream release.
    + Allow both --xinclude and --output options at the same time in xsltproc.
      #497585.

  [ libxss (1:1.2.0-2) unstable; urgency=low ]

  * Upload to unstable.

  [ libxss (1:1.2.0-1) experimental; urgency=low ]

  [ Brice Goglin ]
  * Add a link to www.X.org and a reference to the upstream module
    in the long description.
  * Add README.source, bump Standards-Version to 3.8.2.
  * Use updated xsfbs, #538600.
  * Move -dbg package to section debug.

  [ Timo Aaltonen ]
  * New upstream release.
  * Add includes in -dev, bump {Build-,}Depends, add Replaces on
    x11proto-scrnsaver-dev.
  * Run autoreconf on build. Add build-deps on automake, libtool
    and xutils-dev.
  * Parse space-separated DEB_BUILD_OPTIONS, and handle parallel=N.
  * Bump Standards-Version to 3.8.3 (no changes).
  * Drop pre-dependency on x11-common from libxss-dev. This was needed
    for upgrades from sarge.

  [ Julien Cristau ]
  * debian/rules: fix rules dependencies.
  * libxss-dev.install: add header moved over from the proto.

  [ libxt (1:1.0.7-1) unstable; urgency=low ]

  [ Timo Aaltonen ]
  * New upstream release.
  * Bump the build-dep on xutils-dev (>= 1:7.5~1).

  [ libxt (1:1.0.6-1) unstable; urgency=low ]

  [ Julien Cristau ]
  * New upstream release.
  * Don't export dependencies on libSM and libX11 in the Requires field of
    xt.pc.  They're already in Requires.private, and do more harm than good in
    Requires.  Thanks to Stephen Gran and Margarita Manterola for noticing.
  * Remove Branden from Uploaders with his permission.
  * Don't build-depend on packages with a -1 debian revision.
  * Bump Standards-Version to 3.7.3.
  * Drop the XS- prefix from Vcs-* control fields.
  * Drop (pre-)dependencies on x11-common from libxt6 and libxt6-dbg, that's
    not needed.
  * Use ${binary:Version} instead of ${Source-Version}.
  * Remove pre-dependency on x11-common from libxt-dev, that was needed for
    upgrades from sarge.
  * Parse space-separated DEB_BUILD_OPTIONS.
  * Allow parallel builds.
  * Run autoreconf on build.
  * Remove patch 01_use_extern_C_in_headers.diff, applied upstream.
  * Use --with-xfile-search-path rather than setting XFILESEARCHPATHDEFAULT
    through CFLAGS directly.
  * Stop passing "-include X11/XlibConf.h" in CFLAGS; this was a hack
    introduced in 1:0.99.0+cvs.20050803-1, and unneeded since the upstream fix
    on Sep 24, 2005.
  * Cherry-pick patch from upstream git to link against libICE.

  [ Brice Goglin ]
  * Add a link to www.X.org and a reference to the upstream module
    in the long description.
  * Add upstream URL to debian/copyright.
  * Add README.source, bump Standards-Version to 3.8.3.
  * Use updated xsfbs, #538592.
  * Move -dbg package to section debug.

  [ Loic Minier ]
  * Drop -Wl,-Bsymbolic-functions from LDFLAGS as it conflicts with the Xt
    inheritance mechanism; LP: #343574.

  [ libxtst (2:1.1.0-3) unstable; urgency=low ]

  [ Julien Cristau ]
  * Rename the build directory to not include DEB_BUILD_GNU_TYPE for no
    good reason.  Thanks, Colin Watson!

  [ Brice Goglin ]
  * Fix short description, thanks Nick Shaforostoff, #565234.

  [ libxtst (2:1.1.0-2) unstable; urgency=low ]

  * Upload to unstable.

  [ libxtst (2:1.1.0-1) experimental; urgency=low ]

  [ Timo Aaltonen ]
  * New upstream release.
  * Bump the build-dep on xutils-dev (>= 1:7.5~1).
  * Bump the build-dep on libxext-dev (>= 1:1.0.99.4).

  [ libxtst (2:1.0.99.2-2) experimental; urgency=low ]

  * Brown paper bag upload.
  * Actually install the headers.

  [ libxtst (2:1.0.99.2-1) experimental; urgency=low ]

  [ Brice Goglin ]
  * Bump Standards-Version to 3.7.3 (no changes).
  * Drop the XS- prefix from Vcs-Git and Vcs-Browser fields in debian/control.
  * Add a link to www.X.org and a reference to the upstream module
    in the long description.
  * Install the upstream ChangeLog.
  * Add README.source, bump Standards-Version to 3.8.2.
  * Use updated xsfbs, #538589.
  * Move -dbg package to section debug.

  [ Julien Cristau ]
  * Run autoreconf at build time.
  * Parse space-separated DEB_BUILD_OPTIONS, handle parallel=N.
  * Drop pre-dependency on x11-common from libxtst-dev.  This was needed for
    upgrades from sarge.
  * Bump Standards-Version to 3.8.3.
  * New upstream release candidate
    - record.h and XTest.h moved here from recordproto and xextproto
  * Bump {Build-,}Depends, add Replaces on x11proto-xext-dev and
    x11proto-record-dev.
  * Drop -1 debian revision from Build-Depends [lintian].

  [ libxv (2:1.0.5-1) unstable; urgency=low ]

  [ Brice Goglin ]
  * Add a link to www.X.org and a reference to the upstream module
    in the long description.
  * Add upstream URL to debian/copyright.
  * Add README.source, bump Standards-Version to 3.8.2.
  * Use updated xsfbs, #538591.
  * Move -dbg package to section debug.

  [ Timo Aaltonen ]
  * New upstream release.
  * Run autoreconf on build. Add build-deps on automake, libtool and
    xutils-dev.
  * Parse space-separated DEB_BUILD_OPTIONS, and handle parallel=N.
  * Drop Pre-Depends on x11-common from libxv-dev. This was needed for
    upgrades from sarge.

  [ Julien Cristau ]
  * Bump Standards-Version to 3.8.3.

  [ libxxf86vm (1:1.1.0-2) unstable; urgency=low ]

  * Upload to unstable.

  [ libxxf86vm (1:1.1.0-1) experimental; urgency=low ]

  [ Timo Aaltonen ]
  * New upstream release.
  * Run autoreconf on build. Add build-deps on automake, libtool and
    xutils-dev.
  * Parse space-separated DEB_BUILD_OPTIONS, and handle parallel=N.
  * Bump Standards-Version to 3.8.3.
  * Drop pre-dependency on x11-common from libxx86vm-dev.  This was needed
    for upgrades from sarge.
  * Add includes in -dev, bump {Build-,}Depends, add Replaces on
    x11proto-xf86vidmode-dev.
  * Move -dbg package to section debug.

  [ lzo2 (2.03-2) unstable; urgency=low ]

  * Changed source format to 3.0 (quilt)
  * Added ${misc:Depends} to all packages
  * Set a version on the dependency of liblzo2-dev to liblzo2-2
  * Removed redundant section and priority fields
  * Pointed copyright to non-symlinked version of GPL file
  * Updated standards version
  * Really changed to debhelper level 6

  [ mesa (7.7.1-4) unstable; urgency=low ]

  [ Brice Goglin ]
  * Add 07_fix_i915_dri1.patch to fix X server crash when starting Compiz
    on i8xx when using legacy UMS/DRI1.

  [ Cyril Brulebois ]
  * Add myself to Uploaders.

  [ mesa (7.7.1-3) unstable; urgency=medium ]

  * Pull from mesa_7_7_branch to get the fix for a regression introduced in
    7.7.1-2 (#584163)

  [ mesa (7.7.1-2) unstable; urgency=low ]

  * debian/rules: use DEB_HOST_ARCH_CPU instead of DEB_HOST_GNU_CPU.  Prompted
    by Ubuntu which changed the latter to i686, breaking their packages on
    i386.
  * Pull from mesa_7_7_branch (commit 8ba378d).

  [ mesa (7.7.1-1) unstable; urgency=low ]

  [ Brice Goglin ]
  * Remove Thierry Reding from Uploaders, #572539.
  * Bump Standards-Version to 3.8.4, no changes needed.

  [ Timo Aaltonen ]
  * New upstream release.

  [ mesa (7.7-4) unstable; urgency=low ]

  * Pull from upstream mesa_7_7_branch up to commit 293f4d51.
    + r6xx/r7xx: emit relocation for FRAG & TILE buffer, #569663.

  [ mesa (7.7-3) experimental; urgency=low ]

  * Pull from upstream mesa_7_7_branch up to commit f5145a6e.
  * Build against libdrm-radeon1 2.4.17 to get DRI2 support.

  [ mesa (7.7-2) experimental; urgency=low ]

  [ Julien Cristau ]
  * Rename the build directory to not include DEB_BUILD_GNU_TYPE for no
    good reason.  Thanks, Colin Watson!
  * Remove myself from Uploaders

  [ Brice Goglin ]
  * Pull from upstream mesa_7_7_branch up to commit 2f28ca0a.
    + Fix funky colors on radeon/r200/r300.

  [ mesa (7.7-1) experimental; urgency=low ]

  [ Brice Goglin ]
  * Bump libdrm build dependency to 2.4.15, #561058.
  * New upstream release.
  * Pull from upstream mesa_7_7_branch up to commit 6d6c9c66.

  [ Julien Cristau ]
  * Add freedesktop.org ftp to watch file since that's where newer upstream
    tarballs are.
  * Don't include GLUT sources since we don't use them.

  [ mesa (7.7~rc2-1) experimental; urgency=low ]

  * New upstream release candidate.
    + s3v and trident DRI drivers removed since they never worked.

  [ mesa (7.6.1-1) unstable; urgency=low ]

  * New upstream release
    + Pull upstream mesa_7_6_branch up to commit da876fa3
  * Bump linux-libc-dev build-dep to 2.6.31 for the r600 dri driver (fixes
    ftbfs on mips).
  * Drop hunk from 05_hurd-ftbfs.diff that was applied upstream.  Refresh
    other patches.

  [ mesa (7.6.1~rc3-1) unstable; urgency=low ]

  * New upstream release candidate.
    + Pull upstream mesa_7_6_branch up to commit 7d41b424.
    + Includes sparc64 xform asm patch from #560403.
  * Update debian/rules to fix sparc64 FTBFS, thanks Aurelien Jarno,
    #560403.
  * Build r600 DRI driver.

  [ mesa (7.6.1~rc2-1) unstable; urgency=low ]

  * New upstream release candidate.
    + Pull upstream mesa_7_6_branch up to commit b2953ee.
    + i965: Fix the bounds emitted in the vertex buffer packets,
      #556541.
    + Fix window drawing regression in Kwin on older Radeon hardware,
      fix assertion failure leading to crash on kwin when compositing
      is enabled, #549588.
    + Refresh patches.

  [ mesa (7.6-1) unstable; urgency=low ]

  [ Brice Goglin ]
  * New upstream release.
    + Fix software fallback assertion on RS480, #539162.
    + Fix segfault in _swrast_ReadPixels on i915, #545085.

  [ Julien Cristau ]
  * Don't run install from the various configs in parallel, hopefully fixing a
    bug in the previous debian/rules.  Thanks to Bernhard R. Link for the
    suggestions.

  [ mesa (7.5.1-1) unstable; urgency=low ]

  [ Brice Goglin ]
  * New upstream release.
  * Add README.source.
  * Bump Standards-Version to 3.8.3.

  [ Julien Cristau ]
  * Override 'package-name-doesnt-match-sonames' lintian warnings for libGLU,
    libGLw and both libGLs.
  * Use dh_lintian and bump debhelper build-dep accordingly.

  [ nas (1.9.2-3) unstable; urgency=low ]

  * Fixed Japanese Debconf translation. Thanks to Hideki Yamane.
    #542548

  [ nas (1.9.2-2) unstable; urgency=low ]

  * Grab updated config.sub to fix FTBFS on new architectures.
    #535998
  * Added Japanese Debconf translation. Thanks to Hideki Yamane.
    #512867
  * Updated Spanish Debconf translation. Thanks to Francisco Javier Cuadrado.
    #520687
  * Updated Standards-Version (no changes).

  [ ncurses (5.7+20100313-2) unstable; urgency=medium ]

  [ Sven Joachim ]
  * Disable rmm and smm features in xterm terminfo entry (see #574396).
  * Include an empty /usr/share/terminfo directory in ncurses-bin to
    ensure that configure scripts detect terminfo support (#575284).
  * Let libncurses5-dev and libncursesw5-dev depend on the same version of
    ncurses-bin to mitigate the impact of #480437.
  * Explicitly specify source format 1.0 (lintian warning).

  [ ncurses (5.7+20100313-1) unstable; urgency=low ]

  [ Sven Joachim ]
  * New upstream patchlevel.
    - Workaround for bug in g++ 4.1-4.4 warnings for wattrset() macro
      on amd64 (#542031).
    - Fix typo in curs_mouse.3x (#429198).
    - Modify CF_MAN_PAGES configure macro to replace all occurrences of
      TPUT in tput.1's manpage (#573597).
    - Bump shlibs version, as there are several new symbols.
  * Remove patch introduced in 5.5-2, applied upstream. Remove patch
    introduced in version 5.7+20090627-1, no longer necessary.
  * Switch patch system to quilt.
    - Add a short debian/README.source as recommended by policy.
  * Configure with /usr/share/terminfo as default terminfo dir, so that
    we get the correct tabset directory (#509919, LP: #200773).
  * Update xterm terminfo entry from xterm 246 (#444250).
  * Derive xterm{16,256,88}-color from xterm-debian rather than
    xterm-new for correct backspace key behavior.
  * Move the debugging libraries back to /usr/lib/debug (#553239),
    ship detached debugging symbols (#532022).
  * Fix typo in debian/rules that lead to a dangling symlink in
    lib64ncurses-dev (#563272).
  * Install the binaries built without trace support in ncurses-bin
    to avoid symbol lookup errors (#365120).
  * Build static libraries with "--without-dlsym" (#556378).
  * Remove compatibility symlinks in /usr/share/terminfo that were only
    necessary for upgrades from versions prior to 5.4-9.
  * debian/control cleanups:
    - Adjust priority of the source package to required.
    - Remove duplicate Section field for library packages.
    - Fix dependencies of lib32ncursesw5-dev.
    - Fix long descriptions of 32-bit packages on 64-bit systems.
    - Do not recommend libgpm2 in non-native library packages, nor on
      non-Linux architectures.
    - Remove very old Replaces/Conflicts/Provides on ncurses-developer,
      ncurses and tput.
    - Version the "Replaces: ia32-libs" for lib32ncurses-dev.
    - Remove no longer needed "Replaces: ncurses-term" and
      "Depends: libncurses5" from ncurses-base.
    - Set Homepage field to http://invisible-island.net/ncurses/.
    - Add Vcs-Browser and Vcs-Git fields.
    - Add ${misc:Depends} in all Depends fields.
    - Add myself to Uploaders.
  * Add lintian override for alleged spelling error in ncurses-base'
    extended description; "linux" refers to a terminal type there.
  * Use dh_install instead of dh_movefiles to install files and clean
    up debian/rules a bit.
  * Update Standards-Version to 3.8.4, no changes needed.

  [ Craig Small ]
  * New maintainer 543852
  * Cross compile patch applied #550716

  [ ncurses (5.7+20090803-2) unstable; urgency=low ]

  * Updating package to standards version 3.8.3.
  * Removing vcs fields.
  * Orphaning package.

  [ openldap (2.4.23-4) unstable; urgency=low ]

  [ Steve Langasek ]
  * Bump the database upgrade version check to 2.4.23-4; should have been
    set to 2.4.23-1 when we switched to db4.8, but was missed so we need to
    clean up.  #593550.

  [ Matthijs Mohlmann ]
  * Fix root access to cn=config on upgrades from configuration style slapd.conf
    Thanks to Mathias Gug (#593566, #593878)

  [ openldap (2.4.23-3) unstable; urgency=low ]

  * Configure the newly installed openldap package using slapd.d instead of
    slapd.conf, merged from ubuntu. (#562723, #494155, #333428)
  * Update the debconf templates by running debconf-updatepo.
  * We do not support upgrades from older releases then lenny, so removed some
    upgrade functions from slapd.scripts-common.
  * Updated japanese translation, thanks Kenshi Muto (#589508)
  * Updated czech translation, thanks Miroslav Kure (#589569)
  * Update slapd.README.Debian and slapd.NEWS and note the new configuration
    style.
  * Fixes CVE-2010-0211 and CVE-2010-0212 (#589852)
  * Update italian translation, thanks Luca Monducci (#590154)
  * Update spanish translation, thanks Francisco Javier Cuadrado
    (#590829)
  * Update basque translation, thanks Iñaki Larrañaga Murgoitio
  * Bump Standards-Version to 3.9.1
  * Added debian specific patch to wait until slapd is operational before
    detaching to the terminal (#589915)
  * Add a lintian overrides for libldap.
  * Empty dependency_libs line in .la files. (#591550)
  * Update galician translation, thanks Jorge Barreiro (#592815)

  [ openldap (2.4.23-2) unstable; urgency=medium ]

  * Depend on libdb4.8 >= 4.8.30 (#588969)
  * Urgency previous as previous version fixes a RC bug.

  [ openldap (2.4.23-1) unstable; urgency=low ]

  * New upstream version
  * Change to build dependency libdb4.8-dev instead of libdb4.7-dev
  * Updated french translation thanks Christian Perrier (#579192)
  * Updated swedish translation thanks Martin Bagge (#580145)
  * Updated german translation thanks Helge Kreutzmann (#579582)
  * Updated russian translation thanks Yuri Kozlov (#585688)
  * Fix bashisms in debian/rules (#581454)
  * Add documentation patch (#513270)
  * Refreshed all quilt patches.
  * Bump Standards-Version to 3.9.0

  [ openldap (2.4.21-1) unstable; urgency=low ]

  [ Steve Langasek ]
  * New upstream version
    (#561144, #465024, #502769, #528695, #564686, #504728)
  * Add upstream manpage for ldapexop; thanks to Peter Marschall
    <peter@adpm.de>.  #549291.

  [ Matthijs Mohlmann ]
  * Ack NMU (#553432)
  * Update Standards-Version to 3.8.4
  * Fix NEWS entry to have the correct version number
  * Improve the wording for the slapd/invalid_config question (#452834)
  * Make lintian a bit more happy (#518660)
  * Fix bashism (#518657)
  * Refresh all patches
  * Add patch from upstream (#549642)
  * Reworked the configure.options a bit to include some more options
  * Enable dynamic acls
  * Use slappasswd to create a secure password (#490930)
  * Set a rootdn and rootpw if no password is given by debconf (#231950)
  * Better document the TLSCipherSuite in slapd.conf manpage (#563113)
  * Better document the TLS_CIPHER_SUITE in ldap.conf manpage (#510346)
  * Add smbk5pwd slapd module, used patch from Mark Hymers (#443073)
  * Add autogroup slapd module, used patch from Mathieu Parent (#575900)
  * Add lsb logging, used patch from David Härdeman (#385898)
  * Use dh_lintian to install the lintian-overrides
  * Added critical error report when slapcat fails (#226090)

  [ openldap (2.4.17-2.1) unstable; urgency=high ]

  * Non-maintainer upload by the Security Team.
  * Fixed CVE-2009-3767: libraries/libldap/tls_o.c doesn't properly handle NULL
    character in subject Common Name (#553432)

  [ openldap (2.4.17-2) unstable; urgency=low ]

  * Fix up the lintian warnings:
    - add missing misc-depends on all packages
    - slapd, libldap-2.4-2-dbg sections changed to 'debug' to match archive
      overrides
    - bump Standards-Version to 3.8.2, no changes required.
  * slapd.scripts-common: fix upgrade to correctly handle multiple database
    declarations; thanks, Peter Marschall <peter@adpm.de>!  #517556
  * Add 'status' argument to init script; thanks to Peter Eisentraut
    <petere@debian.org>.  #545898.
  * New patch, do-not-second-guess-sonames, to remove an incorrect check for
    the Cyrus SASL version number at runtime.  If there's any reason this is
    needed, it needs to be addressed in the cyrus-sasl soname and Debian
    shlibs, not here.  #546885.

  [ openssl (0.9.8o-2) unstable; urgency=high ]

  * Fix CVE-2010-2939: Double free using ECDH. (#594415)

  [ openssl (0.9.8o-1) unstable; urgency=low ]

  * New upstream version
    - Add SHA2 algorithms to SSL_library_init().
    - aes-x86_64.pl is now PIC, update pic.patch.
  * Add sparc64 support (#560240)

  [ openssl (0.9.8n-1) unstable; urgency=high ]

  * New upstream version.
    - Fixes CVE-2010-0740.
    - Drop cfb.patch, applied upstream.

  [ openssl (0.9.8m-2) unstable; urgency=low ]

  * Revert CFB block length change preventing reading older files.
    (#571810, #571940)

  [ openssl (0.9.8m-1) unstable; urgency=low ]

  * New upstream version
    - Implements RFC5746, reenables renegotiation but requires the extension.
    - Fixes CVE-2009-3245
    - Drop patches CVE-2009-4355.patch, CVE-2009-1378.patch,
      CVE-2009-1377.patch, CVE-2009-1379.patch, CVE-2009-3555.patch,
      CVE-2009-2409.patch, CVE-2009-1387.patch, tls_ext_v3.patch,
      no_check_self_signed.patch: applied upstream
    - pk7_mime_free.patch removed, code rewritten
    - ca.diff partially applied upstream
    - engines-path.patch adjusted, upstream made some minor changes to the
      build system.
    - some flags changed values, bump shlibs.
  * Switch to 3.0 (quilt) source package.
  * Make sure the package is properly cleaned.
  * Add ${misc:Depends} to the Depends on all packages.
  * Fix spelling of extension in the changelog file.

  [ openssl (0.9.8k-8) unstable; urgency=high ]

  * Clean up zlib state so that it will be reinitialized on next use and
    not cause a memory leak.  (CVE-2009-4355, CVE-2008-1678)

  [ openssl (0.9.8k-7) unstable; urgency=low ]

  * Bump the shlibs to require 0.9.8k-1.  The following symbols
    to added between g and k: AES_wrap_key, AES_unwrap_key,
    ASN1_TYPE_set1, ASN1_STRING_set0, asn1_output_data_fn,
    SMIME_read_ASN1, BN_X931_generate_Xpq, BN_X931_derive_prime_ex,
    BN_X931_generate_prime_ex, COMP_zlib_cleanup, CRYPTO_malloc_debug_init,
    int_CRYPTO_set_do_dynlock_callback, CRYPTO_set_mem_info_functions,
    CRYPTO_strdup, CRYPTO_dbg_push_info, CRYPTO_dbg_pop_info,
    CRYPTO_dbg_remove_all_info, OPENSSL_isservice, OPENSSL_init,
    ENGINE_set_load_ssl_client_cert_function,
    ENGINE_get_ssl_client_cert_function, ENGINE_load_ssl_client_cert,
    EVP_CIPHER_CTX_set_flags, EVP_CIPHER_CTX_clear_flags,
    EVP_CIPHER_CTX_test_flags, HMAC_CTX_set_flags, OCSP_sendreq_new
    OCSP_sendreq_nbio, OCSP_REQ_CTX_free, RSA_X931_derive_ex,
    RSA_X931_generate_key_ex, X509_ALGOR_set0, X509_ALGOR_get0,
    X509at_get0_data_by_OBJ, X509_get1_ocsp

  [ openssl (0.9.8k-6) unstable; urgency=low ]

  * Disable SSL/TLS renegotiation (CVE-2009-3555) (#555829)

  [ openssl (0.9.8k-5) unstable; urgency=low ]

  * Don't check self signed certificate signatures in X509_verify_cert()
    (#541735)

  [ openssl (0.9.8k-4) unstable; urgency=low ]

  * Split all the patches into a separate files
  * Stop undefinging HZ, the issue on alpha should be fixed.
  * Remove MD2 from digest algorithm table.  (CVE-2009-2409) (#539899)

  [ pam (1.1.1-4) unstable; urgency=low ]

  * debian/patches/conditional_module,_conditional_man: if we don't have the
    libraries required for building pam_tty_audit, we shouldn't install the
    manpage either. LP: #588547.
  * Updated debconf translations:
    - Portuguese, thanks to Eder L. Marques <eder@edermarques.net>
      (#581746)
    - Spanish, thanks to Javier Fernandez-Sanguino Peña <jfs@debian.org>
      (#592172)
    - Galician, thanks to Jorge Barreiro <yortx.barry@gmail.com>
      (#592808)
  * Don't pass --version-script options when linking executables,
    only when linking libraries.  Thanks to Julien Cristau
    <jcristau@debian.org> for the fix.  #582362.

  [ pam (1.1.1-3) unstable; urgency=low ]

  * pam-auth-update: fix a bug in our handling of module options when the
    module name contains digits, caused by a buggy regexp. :/  Partially
    addresses LP #369575.
  * Install /sbin/pam_tally2 in the libpam-modules package; thanks to
    Olivier BONHOMME <obonhomme@nerim.net> for reporting.  #554010.

  [ pam (1.1.1-2) unstable; urgency=low ]

  * Document the new symbols added in 1.1.1 in debian/libpam0g.symbols, and
    raise the minimum version for the service restarting code.
    #568480.

  [ pam (1.1.1-1) unstable; urgency=low ]

  * New upstream version.
    - restore proper netgroup handling in pam_access.
      #567385, LP: #513955.
  * Drop patches pam.d-manpage-section, namespace_with_awk_not_gawk, and
    pam_securetty_tty_check_before_user_check, which are included upstream.
  * debian/patches/026_pam_unix_passwd_unknown_user: don't return
    PAM_USER_UNKNOWN on password change of a user that has no shadow entry,
    upstream now implements auto-creating the shadow entry in this case.
  * Updated debconf translations:
    - French, thanks to Jean-Baka Domelevo Entfellner <domelevo@gmail.com>
      (#547039)
    - Bulgarian, thanks to Damyan Ivanov <dmn@debian.org> (#562835)
  * debian/patches/sys-types-include.patch: fix pam_modutil.h so that it can
    be included directly, without having to include sys/types.h first.
    #556203.
  * Add postgresql-8.3 to the list of services in need of restart on upgrade.
    #563674.
  * And drop postgresql-{7.4,8.1} from the list, neither of which is present
    in stable.
  * debian/patches/007_modules_pam_unix: recognize that *all* of the password
    hashes other than traditional crypt handle passwords >8 chars in length.
    LP: #356766.

  [ pam (1.1.0-4) unstable; urgency=low ]

  * debian/patches/pam_securetty_tty_check_before_user_check: new patch,
    to make pam_securetty always return success on a secure tty regardless
    of what username was passed.  Thanks to Nicolas François
    <nicolas.francois@centraliens.net> for the patch.  #537848
  * debian/local/pam-auth-update: only reset the seen flag on the template
    when there's new information; this avoids reprompting users for the same
    information on upgrade, regardless of the debconf priority used.
    #544805.
  * libpam0g no longer depends on libpam-runtime; packages that use
    /etc/pam.d/common-* must depend directly on libpam-runtime, and most do
    (including the Essential: yes ones), so let's break this circular
    dependency.  #545086, LP: #424566.

  [ pam (1.1.0-3) unstable; urgency=low ]

  * Bump debian/compat to 7, so we can use sane contents in debian/*.install
  * Switch all packages over to dh_install
  * Rename debian/*.lintian to debian/*.lintian-overrides and use dh_lintian
  * Move installation logic out of debian/rules into individual .install
    files
  * Drop superfluous options to dh_installchangelogs, dh_shlibdeps
  * Use debian/clean instead of rm -f'ing files in debian/rules clean target
  * Drop ./configure options that are no-ops
  * Drop the /lib/security/pam_unix_*.so symlinks, which have been deprecated
    now for 10 years and are not used at all if pam-auth-update is in play.
  * Drop the pam_rhosts_auth.so symlink as well, and document in NEWS.Debian
    that this is now obsolete.
  * Drop stale content from README.debian: some of this should have been in
    NEWS.Debian instead (but is so old it's not worth putting it there now),
    some of it is obsolete by the change in package VCS.
  * Convert debian/rules to debhelper 7 and add versioned build-dependencies
    on debhelper and quilt to suit.
  * Drop CFLAGS that we don't need anymore (-fPIC, -D_REENTRANT,
    -D_GNU_SOURCE).
  * Explicitly add -O0 to CFLAGS when noopt is set.
  * debian/patches/autoconf.patch: pull ltmain.sh in, to fix some spurious
    library linkage in the modules.
  * Move pam_cracklib manpage to the libpam-cracklib package, and add the
    requisite Replaces
  * Drop dh_makeshlibs -V; everything from lenny on should use the .symbols
    file instead, making the shlibs redundant so we don't need to care what
    version gets listed there.

  [ pam (1.1.0-2) unstable; urgency=low ]

  [ Steve Langasek ]
  * debian/patches/pam_unix_dont_trust_chkpwd_caller.patch: fix this patch
    to call setregid() instead of always returning an error on username
    mismatch in unix_chkpwd, needed in the SELinux case and in some corner
    cases with the broken_shadow option.  Thanks to Michael Spang for the
    analysis.  #543589.
  * fix the PAM mini-policy to not tell app maintainers that they don't need
    to depend on libpam-modules if they reference modules from there.
  * make libpam-runtime depend on libpam-modules (>= 1.0.1-6) - nothing else
    guarantees that we have pam_unix available for use by pam-auth-update.
  * Use /bin/sh instead of /bin/bash for libpam0g.postinst, since we've
    confirmed there are no longer any bashisms there.  #519973.
  * Clean up the libpam0g postinst a bit; invoke-rc.d has been a guaranteed
    interface for two stable release cycles now
  * debian/patches/namespace_with_awk_not_gawk: fix the sample
    namespace.init script's dependency on non-POSIX features of gawk, since
    we don't use gawk by default.  #518908.
  * Updated debconf translations:
    - German, thanks to Sven Joachim <svenjoac@gmx.de> (#544464)

  [ Kees Cook ]
  * debian/local/common-password, debian/pam-configs/unix: switch from "md5"
    to "sha512" as password crypt default.

  [ pam (1.1.0-1) unstable; urgency=low ]

  * New upstream version.
    - pam_access no longer does DNS lookups when we know we're comparing
      with a tty name or a service name.  #376209.
    - fixes for manpage spelling.  #488690.
    - fix evaluation of or'ed list of users in time.conf and group.conf.
      #326407, #514423.
  * Drop patches pam_unix_thread-safe_save_old_password.patch,
    pam_env_ignore_garbage.patch, dont_freeze_password_chain,
    pam_1.0.4_mindays, pam_mail-fix-quiet, pam_unix-chkpwd-wait, and
    cve-2009-0887-libpam-pam_misc.patch, which are included upstream.
  * Trim pam.d-manpage-section patch, which was mostly but not completely
    applied upstream.
  * Update debian/libpam0g.symbols for new extension.
  * Bump the shlibs version as well, for our dpkg-shlibdeps fallback.
  * And bump the version checks in the libpam-modules {pre,post}inst, so that
    the necessary services get restarted for any modules that need the new
    symbols.
  * Add /sbin/mkhomedir_helper to libpam-modules.
  * Document that pam_cracklib no longer checks /etc/security/opasswd.
    #263767.
  * debian/patches/007_modules_pam_unix: drop divergence from upstream
    that treats "0" as a special value in various fields in /etc/shadow,
    and document this in debian/NEWS.  Thanks to Nicolas François
    <nicolas.francois@centraliens.net> for the detailed analysis.
    #308229.
  * Updated debconf translations:
    - French, thanks to Jean-Baka Domelevo Entfellner <domelevo@gmail.com>
      (#521266)
  * Build with LDFLAGS=-Wl,-z,defs to guard against the possibility of
    any undefined symbols (due to typos or otherwise) at build time.
    #102311.
  * On upgrade from versions before 1.1.0-1, if
    /etc/pam.d/common-session-noninteractive has not been created (because
    the user declined use of pam-auth-update), create it by copying
    /etc/pam.d/common-session.  #543401.
  * debian/patches/fix-man-crud: new patch, fix "undefined macro" errors in
    manpages caused by oddities of toolchain used when generating them
    upstream.

  [ pam (1.0.1-11) unstable; urgency=low ]

  * debian/libpam-runtime.postinst: bump the --force version check to
    1.0.1-11, to allow for a new common-session-noninteractive config file;
    and include md5sum checking logic that will work the same with old
    unmanaged and new managed /etc/pam.d/common-* files.
  * debian/local/common-{auth,account,session,password}.md5sums: document
    the known md5sums for the new managed files.
  * debian/local/common-session-noninteractive{,.md5sums},
    debian/local/pam-auth-update: split out a session-noninteractive include
    file, so that we can at last distinguish between interactive and
    non-interactive PAM sessions at a policy level.  #169930,
    LP: #287715.
  * debian/local/pam-auth-update: prune md5sums for unsupported upgrade
    paths (intrepid pre-release -> karmic/squeeze)
  * Clean up the PAM mini-policy, which hasn't been touched in a number of
    years and was looking a bit crufty
  * debian/libpam-runtime.templates:  correctly tag the URL as a
    non-translatable string.
  * Updated debconf translations:
    - Swedish, thanks to Martin Bagge <brother@bsnet.se> (#541399)
    - Portuguese, thanks to Américo Monteiro <a_monteiro@netcabo.pt>
      (#541108)
    - Russian, thanks to Yuri Kozlov <yuray@komyakino.ru> (#541094)

  [ popt (1.16-1) unstable; urgency=low ]

  * New upstream release (#581439)
  * Switch to dpkg-source 3.0 (quilt) format
  * Add a watch file.
  * Update to standards version 3.8.4 (no changes)

  [ popt (1.15-1) unstable; urgency=low ]

  * New upstream release
  * Update to standards version 3.8.3
    + debian/README.source added
  * debian/rules: Switch from using "dh_clean -k" to "dh_prep".

  [ pulseaudio (0.9.21-3) unstable; urgency=low ]

  * debian/rules: Compile with -g0 on mips{,el} to work around #519006 in
    gcc-4.4

  [ pulseaudio (0.9.21-2) unstable; urgency=low ]

  * Import NMU patches into pkg-pulse git, thanks to the security team for
    their work!
  * debian/patches/0003-Re-bootstrap.patch
    + Added. Update configure so we don't have to re-run autotools when
    building the package (#576457, #576546, #576769)
  * Install a KDE specific startup file and module-device-manager.
    Thanks to Daniel Schaal and Zsolt Rizsanyi for patches and tips.
    (#570487)
  * d/p/0004-In-KDE-only-start-pulseaudio-from-the-KDE-specific-d.patch
    + Added. When running KDE use the KDE specific autostart desktop file
    instead of the generic pulseaudio-x11 file
  *  Fix two typos in debian/pulseaudio.default, patch by Paul Menzel
    (#566332)
  *  Prepare the debian package for building on HURD again (needs some upstream
     fixes as well). Patch by Pino Toscano (#573339)
  * Use the pulseaudio.1 manpage from the source tree instead of the older (and
    outdated) debian specific one.

  [ pulseaudio (0.9.21-1.2) unstable; urgency=high ]

  * Non-maintainer upload by the Security Team.
  * Added autoconf, automake, and libtool in Build-Depends to regenerate
    configure and auto* files at build time, and fixed a regression introduced
    in previous NMU (#576457)

  [ pulseaudio (0.9.21-1.1) unstable; urgency=high ]

  * Non-maintainer upload.
  * Fix insecure temporary file creation security issue (#573615).

  [ pulseaudio (0.9.21-1) unstable; urgency=low ]

  * New upstream release
  * d/p/0002-Fix-makefiles-to-include-all-alsa-path-files-on-inst.patch
    + Removed, merged upstream
  * debian/copyright: Updated
  * debian/rules: Fix build on arm (slightly changes target name)

  [ pulseaudio (0.9.20-1) unstable; urgency=low ]

  * New upstream release
  * d/p/0002-Fix-makefiles-to-include-all-alsa-path-files-on-inst.patch
    + Added. Make sure all alsa path configuration files are installed

  [ pulseaudio (0.9.19-2) unstable; urgency=low ]

  * Built with normal old-style hal support on kfreebsd and the hurd
  * debian/patches/0001-Work-around-some-platforms-not-having-O_CLOEXEC.patch:
    + Added. Don't use O_CLOEXEC on platforms that don't support it.
      (#550826)
  * debian/pulseaudio.install: Install pulse udev rules so device profiles can
    be matched with the few devices that need special tweaks
  * debian/pulseaudio.install: Add the rygel media server plugin, such that
    pulseaudio sources and sinks can be exposed over UPNP via rygel.

  [ pulseaudio (0.9.19-1) unstable; urgency=low ]

  * New upstream release
  * Remove patches that were merged upstream:
    d/p/0001-tunnel-fix-parsing-of-sink-info-from-newer-servers.patch
    d/p/0002-tunnel-fix-parsing-of-source-info-from-newer-servers.patch
    d/p/0003-svolume-tweak-constraints-for-32-bits.patch
  * Only compile the ARMv6 optimized code with -march=armv6  (#546322)
  * Depend on udev (>= 143) for device detection (#548821, #549001)
  * Update various shlibs files to use 0.9.19

  [ pulseaudio (0.9.18-1) unstable; urgency=low ]

  * New upstream release
  * d/p/0001-tunnel-fix-parsing-of-sink-info-from-newer-servers.patch
    + Added. Fix parsing of the sink info when using module-tunnel
      From the upstream 0.9.18-stable branch
  * d/p/0002-tunnel-fix-parsing-of-source-info-from-newer-servers.patch
    + Added. Fix parsing of the source info when using module-tunnel
      From the upstream 0.9.18-stable branch
  * d/p/0003-svolume-tweak-constraints-for-32-bits.patch
    + Added. Fixes gcc and the inline assembly using the same register.
      From the upstream 0.9.18-stable branch
  * debian/control: Build-Depend on libudev-dev instead of libhal-dev.
    Pulseaudio now uses udev for device detection (#546721)
  * debian/control: Enable hal->udev compat module
  * Update various shlibs files to use 0.9.18
  * debian/pulseaudio.install, debian/rules: Add udev and loopback modules
  * debian/pulseaudio-utils.install: Add pamon and parecord
  * debian/pulseaudio.install: Add dbus configuration file for system-wide
      pulse instance (#529989)
  * debian/control: Bump libsndfile1-dev build-depend to >= 1.0.20.
    (#546734)
  * debian/rules: Add -march=armv6 to the CFLAGS on arm and armel
    (#546322)

  [ pulseaudio (0.9.17-1) unstable; urgency=low ]

  * New upstream release
  * debian/copyright: updated
  * Update various shlibs files to use 0.9.17

  [ pulseaudio (0.9.16-1) unstable; urgency=low ]

  * New upstream release
  * debian/copyright: updated
  * debian/control: Remove the liboil build-dep
  * debian/libpulse0.shlibs: Bump to >= 0.9.16
  * debian/pulseaudio.postinst: No longer make pulseaudio suid and no longer
    create the pulse-rt group. Setting realtime priorities is now handled by
    rtkit.

  [ pulseaudio (0.9.16~test5-1) experimental; urgency=low ]

  * New Upstream Version

  [ pulseaudio (0.9.16~test4-1) experimental; urgency=low ]

  * New Upstream Version

  [ pulseaudio (0.9.16~test2~20090726git59659e1db-1) experimental; urgency=low ]

  * New Upstream Version
  * Ack NMU (Was fixed upstream in this version) (#537351)
  * Remove all patches, everything was merged upstream :)
  * debian/copyright: updated
  * debian/pulseaudio.install: Don't install the PolicyKit config file
  * debian/control: Removed build-dep on libpolkit-dbus-dev
  * Update various shlibs files to use 0.9.16
  * debian/pulseaudio.install: Install pulseaudio shared config files
  * debian/pulseaudio.instal: Add module-intended-roles
  * debian/control: Make pulseaudio-module-raop-dbg depend on
    pulseaudio-module-raop

  [ sane-backends (1.0.21-3) unstable; urgency=low ]

  * debian/control:
    + Bump Standards-Version to 3.9.0 (no changes).

  * debian/patches/use_libsane_matched_for_scsi.patch:
    + Added; use libsane_matched for SCSI scanners rules too.
  * debian/patches/allow_dll.d_symlinks.patch:
    + Added; allow symlinks under /etc/sane.d/dll.d (#588392).

  [ sane-backends (1.0.21-2) unstable; urgency=low ]

  * debian/patches/fix_xerox_mfp_color_mode.patch:
    + Added; fix xerox_mfp color mode, from upstream (#583789).

  [ sane-backends (1.0.21-1) unstable; urgency=low ]

  * New upstream release (#579254).
  * Moved to source format 3.0 (quilt).

  * debian/control:
    + Removed dpatch build-dep.
    + Add dependency on pkg-config to libsane-dev.
  * debian/rules:
    + Removed dpatch code.
    + --disable-fork-process -> --enable-pthread.
    + Install the pkg-config file for sane-backends.

  * All patches refreshed, tagged with DEP-3 headers.

  [ sane-backends (1.0.20-14) unstable; urgency=low ]

  * debian/control:
    + Depend and build-depend on libjpeg-dev instead of libjpeg62-dev
      (#569240).
    + Bump Standards-Version to 3.8.4 (no changes).

  * debian/sane-utils.saned.init:
    + Add $remote_fs to Required-Start & Required-Stop.

  * debconf translations:
    + fr.po: courtesy of Christian Perrier (#564595).

  [ sane-backends (1.0.20-13) unstable; urgency=low ]

  * debian/patches/34_genesys_gl841_cal_fix.dpatch:
    + Added; fix calibration on gl841-based scanners (#563163).

  * debconf translations:
    + ja.po: courtesy of Hideki Yamane (#564294).

  [ sane-backends (1.0.20-12) unstable; urgency=low ]

  * debian/patches/33_epson2_update.dpatch:
    + Update epson2 from git HEAD (#534746).

  * debconf translations:
    + de.po: courtesy of Helge Kreutzmann (#562709).
    + sv.po: courtesy of Martin Bagge (#562931).
    + ru.po: courtesy of Yuri Kozlov (#563076).
    + pt.po: courtesy of Américo Monteiro (#563174).

  [ sane-backends (1.0.20-11) unstable; urgency=medium ]

  * Urgency set to medium to unbreak saned in testing.

  * debian/patches/12_saned_polling_fix.dpatch:
    + Added; unbreak saned's polling loop for more than 1 fds (#562248).
  * debian/patches/13_saned_aliasing_fix.dpatch:
    + Added; fix strict aliasing issues in saned for gcc 4.4.

  [ sane-backends (1.0.20-10) unstable; urgency=low ]

  * debian/libsane.README.Debian:
    + Updated udev-related information and instructions, added a note about
      only adding rules for scanners supported by libsane.
  * debian/sane-utils.saned.init:
    + Add missing --oknodo in s-s-d stop call in restart case
      (#558648).
  * debian/sane-utils.templates:
    + Rework the standalone saned template and mention Avahi explicitly
      (#556877).

  * debian/patches/22_dll_backend_conf.dpatch:
    + Updated; use better wording for the comment about the net backend
      in dll.conf (#556912).
  * debian/patches/32_epson_perfection636.dpatch:
    + Added; add the Epson Perfection 636 SCSI scanner (#555971).

  [ sane-backends (1.0.20-9) unstable; urgency=low ]

  * debian/patches/11_udev_147.dpatch:
    + Added; remove NAME= from SCSI rules as udev 147 complains about it. Also
      remove support for kernel < 2.6.22. (#555443).

  [ sane-backends (1.0.20-8) unstable; urgency=low ]

  * debian/rules:
    + Fix nostrip builds, thanks to Tollef Fog Heen (#548152).

  * debian/patches/31_genesys_raw_log_fix.dpatch:
    + Added; add missing check when logging raw data. Patch by
      Tollef Fog Heen <tfheen@err.no> (#548154).

  [ sane-backends (1.0.20-7) unstable; urgency=low ]

  * debian/control:
    + Demote avahi-daemon to a Suggests (#543335).
    + libv4l-dev is not available on hurd-i386 either (#545995).

  * debian/patches/30_xerox_samsung_ids.dpatch:
    + Added; add USB IDs for various Samsung-branded MFPs (#545290).

  [ sane-backends (1.0.20-6) unstable; urgency=low ]

  * debian/control:
    + Bump Standards-Version to 3.8.3 (no changes).
  * debian/rules:
    + Empty dependency_libs in all .la files.

  * debian/patches/10_sanei_usb_update.dpatch:
    + Added; from git, favour the interface detected by sanei_usb_init(). This
      helps with some machines like the Canon MP730.

  [ svgalib (1:1.4.3-29) unstable; urgency=low ]

  * Switch to source format “3.0 (quilt)”:
    - Remove quilt from Build-Depends.
    - Remove quilt.make include from debian/rules.
    - Remove patch and unpatch targets from debian/rules.
    - Remove now unneeded debian/README.source.

  [ svgalib (1:1.4.3-28) unstable; urgency=low ]

  * Switch to debhelper compatibility level 7.
  * Use dh_prep instead of “dh_clean -k”.
  * Add support for LSB status action on init scripts.
  * Now using Standards-Version 3.8.3 (no changes needed).
  * Try to use the system's round function instead of locally defining it,
    to fix a build failure with newer eglibc 2.10 which expose it by defualt.
    - debian/patches/041_use_system_round.patch: New file.
    (#550775)
  * Fix LSB init dependency header:
    - Remove $local_fs from Required-Stop as we don't do anything on stop.
    - Switch from $local_fs to $remote_fs as we use scripts from /usr.
  * Do not “set -e” on the init script as log_action_end_msg relies on the
    exit code of the command, be it success or failure.
  * Remove long obsolete svgalibg1-dev and svgalibg1 packages.
    (#322068, #477539)
  * Add lintian overrides for suid-root programs in svgalib-bin as those
    cannot work at all w/o them.
  * Fix typo in svgalib.7 man page (.RH → .RE) that was producing a warning.
    - debian/patches/030_manpages_typos.patch: Update.

  [ tiff (3.9.4-3) unstable; urgency=low ]

  * Updated control file to remove obsolete Conflicts/Replaces for ancient
    packages.
  * Empty dependency_libs in all .la files as part of the .la file.  This
    also resolves the problem of having hard-coded paths in the .la file.
    (#509016)
  * Updated standards version to 3.9.1.

  [ tiff (3.9.4-2) unstable; urgency=high ]

  * Incorporated patch to fix CVE-2010-2233, which fixes a specific
    failure of tif_getimage on 64-bit platforms.

  [ tiff (3.9.4-1) unstable; urgency=low ]

  * New upstream release

  [ tiff (3.9.2-3) unstable; urgency=low ]

  * Depend on libjpeg-dev instead of libjpeg62-dev.  (#569242)
  * Change source format to '3.0 (quilt)'
  * Update standards version to 3.8.4.  No changes required.

  [ tiff (3.9.2-2) unstable; urgency=low ]

  * Include patch from upstream to fix problems with TIFFReadScanline()
    and ycbcr-encoded JPEG images.  (#510792)
  * Fix some manual page spelling errors found by lintian.

  [ tiff (3.9.2-1) unstable; urgency=low ]

  * New upstream release

  [ tiff (3.9.1-1) unstable; urgency=low ]

  * New upstream release

  [ tiff (3.9.0-2) unstable; urgency=low ]

  * Fix critical bug that could cause corrupt files to be written in some
    cases.  (#543079)

  [ tiff (3.9.0-1) unstable; urgency=low ]

  * New upstream release.  All previous security patches have been
    integrated.

  [ tiff (3.9.0beta+deb1-1) experimental; urgency=low ]

  * New upstream release (binary compatible with 3.8.2) -- release based
    on 3.9 branch from upstream CVS; see README.Debian for details.
    (#537118)
  * Updated standards to 3.8.3; no changes required.
  * Stopped using tarball in tarball packaging.  (#538565)

  [ unixodbc (2.2.14p2-1) unstable; urgency=low ]

  * New upstream release (#433312).
    - Fixes compatibility with Oracle driver.  #567521.
    - The txt driver has been dropped upstream.
    - The prototype of odbcinst_system_file_path has changed, so time for
      another package rename to odbcinst1debian2.
    - Touch debian/unixodbc.symbols for new interfaces.
  * Drop build-dependencies on flex-old and bison, no longer used.
  * Build-conflict with unixodbc-dev, to work around libtool's persistent
    relinking problems
  * Build-depend on libqt3-compat-headers instead of patching all of the code;
    if libqt3-compat-headers ever goes away, we should just switch to Qt4
    instead.
  * exe/Makefile.am: don't build dltest, this only works if we're using
    the bundled libtool.
  * Port AC_LIBTOOL_LANG_CXX_CONFIG changes over to the current
    _LT_LANG_CXX_CONFIG macro.
  * Build with --without-pth, we want pthreads even if pth is installed in the
    build env.
  * Fix installation of libnn.so at build time, so we don't ship a dangling
    symlink instead.  #563283.

  [ unixodbc (2.2.11-21) unstable; urgency=low ]

  * Fix short description of odbcinst1debian1 to not refer to the bits that
    have been moved to odbcinst.
  * Build-depend on libreadline-dev instead of libreadline5-dev, for the
    readline6 transition; doesn't interfere with backports, since
    libreadline5-dev already provided libreadline-dev.  #553870.
  * Copy in the setup libraries correctly, so we don't wind up with dangling
    symlinks in the package.  #552161.

  [ unixodbc (2.2.11-20) unstable; urgency=low ]

  * Split binaries out of odbcinst1debian1 into a new odbcinst package, so
    that we aren't in the situation of trying to clean up config files in
    the purge target of a shared library package.

  [ unixodbc (2.2.11-19) unstable; urgency=low ]

  * /etc/odbcinst.ini should not be a conffile.  Create it in the postinst
    on upgrade instead if it doesn't exist, and remove in postrm purge.
    (As a side effect, this means we'll need to split this package for
    multiarch, but we already have to do that due to /usr/bin/odbcinst; we
    just need to do it sooner rather than later, to avoid purging config
    files on library purge...)  #376368.

  [ unixodbc (2.2.11-18) unstable; urgency=low ]

  * Put the headers back in unixodbc-dev; those are kind of important.
    #544438.

  [ unixodbc (2.2.11-17) unstable; urgency=low ]

  * Drop dltest from the package description, because it was dropped from the
    package two years ago; thanks to Pete Boyd for pointing this out.
    #448610.
  * Build-Depend on libltdl-dev instead of libltdl3-dev. #476452.
  * Have unixodbc Suggest: unixodbc-bin, per user request.  #240035.
  * Suggest tdsodbc, not libct1.
  * Update debhelper compat to 7, adding ${misc:Depends} where needed
  * Drop debian/dh_makeshlibs and the .manifest files in favor of the
    now-standard dpkg-gensymbols .symbols files
  * Rename lintian files to *.lintian-overrides so dh_lintian will take care
    of them
  * Migrate from dh_movefiles to dh_install
  * Switch debian/rules to use dh
  * Clean up debian/copyright to be more accurate (and approximate DEP5)
  * Fix up menu files for the current section names (Apps->Applications;
    Databases->Data Management)
  * Neuter the .la files to not net dependency_libs, so that we can
    eventually get rid of them entirely
  * Drop unused debian/odbcinst_psql.ini file
  * Drop unneeded entries in debian/dirs
  * Set LDFLAGS=-Wl,-z,defs in debian/rules, to guard against all undefined
    symbols
  * Fix libodbcinstq1c2's missing dep on libltdl, picked up by the above
    change
  * Fix libodbctxt to not use undefined "stricmp" function
  * Add Homepage field
  * Standards-Version to 3.8.3.

  [ util-linux (2.17.2-3.1) unstable; urgency=high ]

  * Non-maintainer upload.
  * Apply trivial patch by Adam D. Barratt (thanks!): Only attempt to link
    locale-specific files in to the cfdisk-udeb hierarchy if cfdisk-udeb
    is actually being built.  #581725
  * Set urgency to “high” since some packages are waiting for util-linux.

  [ util-linux (2.17.2-3) unstable; urgency=low ]

  [LaMont Jones]

  * Switch from slang2 to ncurses5.  #581631
  * Merge remote branch 'origin/stable/v2.17' into stable/v2.17
  * Restore dropped dep on initscripts.  #581420

  [Sebastian Andrzej Siewior]

  * Add preliminary powerpcspe support.  #579844

  [ util-linux (2.17.2-2) unstable; urgency=low ]

  * should build Depend: dpkg or install-info.  #581579
  * pretty up the removal of /usr/share/info/dir
  * Fix fallocate configure check.  #581358

  [ util-linux (2.17.2-1) unstable; urgency=low ]

  [Pascal Terjan]

  * libblkid: reset BLKID_TINY_DEV flag in blkid_probe_set_device

  [Yoshihiro Takahashi]

  * mount: posix option of vfat is obsolete

  [Jan Kara]

  * mount: update documentation about barrier mount options

  [Karel Zak]

  * sfdisk: confused about disk size
  * mount: fix typo in mount.8
  * fdisk: sleep-after-sync and fsync usage
  * lscpu: add {32,64}-bit CPU modes detection
  * tests: refresh lscpu tests
  * docs: update AUTHORS file
  * docs: update v2.17 ReleaseNotes
  * build-sys: release++ (v2.17)
  * fdisk: don't include scsi.h
  * libblkid: restrict RAID/FS proving for small devices (1.4MiB)
  * libblkid: read() optimization for small devices
  * tests: fix RAIDs tests
  * libblkid: call read() per FAT root dir entry
  * libblkid: set minimal size for jfs, reiser, swap and zfs
  * libblkid: read whole SB buffer (69kB) on large disks
  * libblkid: don't call read() per FAT dir-entry on large disks
  * libblkid: add minimal sizes for OCFS and GFS
  * tests: update FS test images
  * libblkid: rewrite blkid_probe_get_buffer()
  * blkid: probe for PT, don't probe for FS on small whole-disks
  * libblkid: add sanity checks for FAT to DOS PT parser
  * libblkid: don't probe for GPT and Unixware PT on floppies
  * login: don't link PAMed version with libcrypt
  * libblkid: more robust minix probing
  * blkid: add newline when only one value is printed
  * login: check that after tty reopen we still work with a terminal
  * fdisk: use optimal_io_size
  * fdisk: use "optimal I/O size" in warnings
  * wipefs: ignore devices with partition table
  * libblkid: don't return error on empty files
  * fdisk: don't check alignment_offset against geometry
  * fdisk: fix check_alignment()
  * fdisk: cleanup alignment, default to 1MiB offset
  * fdisk: fix default first sector
  * fdisk: cleanup warnings
  * tests: add fdisk alignment tests
  * tests: fix and update old fdisk tests
  * mount: warn users that mtab is read-only
  * cal: fix first day of the week calculation on BE systems
  * build-sys: remove duplicate #includes
  * blkid: fix #ifdef HAVE_TERMIO[S]_H
  * build-sys: add missing tests for libuuid and libblkid
  * mount: advise users to use "modprobe", not "insmod"
  * include: add min/max macros
  * fdisk: use more elegant way to count and check alignment
  * tests: update fdisk tests
  * fdisk: cleanup help, add -h option
  * fdisk: fallback for topology values
  * fdisk: fix ALIGN_UP
  * fdisk: add -c option (switch off DOS mode)
  * fdisk: use 1MiB offset and grain always when possible
  * tests: update fdisk tests
  * fdisk: don't use 1MiB grain on small devices
  * blkid: report open() errors in low-level probing
  * tests: update fdisk tests (add whitespaces)
  * docs: update AUTHORS file
  * docs: add v2.17.1 ReleaseNotes
  * build-sys: release++ (v2.17.1-rc1)
  * swapon: fix swapsize calculation
  * fdisk: swap VTOC values for warning messages
  * docs: update AUTHORS file
  * docs: update v2.17.1 ReleaseNotes
  * build-sys: release++ (v2.17.1)
  * docs: fix small typo in v2.17.1-ReleaseNotes
  * libblkid: support alignment_offset=-1
  * libblkid: more robust minix probing
  * libblkid: fix display of device size
  * swapon: remove " (deleted)" from filenames from /proc/swaps
  * libblkid: remove "0x" prefix from DRBD UUID
  * wipefs: cleanup usage() and man page
  * mount: more explicitly explain fstab usage in mount.8
  * lib: add #ifndef around min() max() macros
  * fdisk: fix -b <sectorsize>
  * docs: update AUTHORS file
  * docs: add v2.17.2 ReleaseNotes
  * build-sys: release++ (v2.17.2)
  * po: merge changes

  [Vladimir Brednikov]

  * namei: fix man page formatting

  [Francesco Cosoleto]

  * cfdisk: set '[Quit]' as default menu item on first run instead of
    '[Bootable]'.
  * cfdisk: set '[New]' as default item on menu for non allocated space
    instead of '[Help]'.

  [Andreas Dilger]

  * libblkid: fix ZSF detection

  [Bastian Friedrich]

  * libblkid: DRBD support for blkid

  [Matthias König]

  * libblkid: fix segfault in drdb

  [Bryn M. Reeves]

  * sfdisk: make sure writes make it to disk in write_partitions()

  [Linus Torvalds]

  * libblkid: disable read-ahead when probing device files

  [Pierre Hauweele]

  * ionice: fix typo

  [Mike Frysinger]

  * pg: command enters infinite loop
  * mount: properly ignore comments in /etc/filesystems

  [LaMont Jones]

  * new upstream
  * lintian cleanup
  * updated symbols file for libblkid1
  * drop use of install-info in postinst, uses triggers now
  * adjust mount.8 manpage to avoid man error

  [Henne Vogelsang]

  * lscpu: fix cpuid opcode detection

  [Yann Droneaud]

  * login: use fd instead of pathname for update tty's owner and permissions

  [Colin Watson]

  * libblkid: fix infinite loop when probe chain bails out early

  [localization folks]

  * po: update id.po (from translationproject.org) (Arif E. Nugroho)
  * po: update ja.po (from translationproject.org) (Makoto Kato)
  * po: update cs.po (from translationproject.org) (Petr Pisar)
  * po: update eu.po (from translationproject.org) (Mikel Olasagasti Uranga)
  * po: update eu.po (from translationproject.org) (Mikel Olasagasti)
  * po: update zh_CN.po (from translationproject.org) (Ray Wang)
  * po: update pl.po (from translationproject.org) (Jakub Bogusz)
  * po: update vi.po (from translationproject.org) (Clytie Siddall)
  * po: update fi.po (from translationproject.org) (Lauri Nurmi)

  [ util-linux (2.17~rc3-1) experimental; urgency=low ]

  [Mike Frysinger]

  * flock: fix hang when parent ignores SIGCHLD

  [Karel Zak]

  * docs: update TODO list
  * docs: update AUTHORS file
  * docs: update v2.17 ReleaseNotes
  * build-sys: release++ (v2.17-rc2)
  * lib: bug (typo) in function MD5Final()
  * docs: add ngettext() into TODO file
  * docs: update v2.17 ReleaseNotes
  * build-sys: release++ (v2.17-rc3)
  * docs: add LGPLv2+ to list of licenses
  * libblkid: fix Adaptec RAID detection
  * libblkid: fix highpoint37x detection
  * libblkid: rename highpoint RAIDs to hpt{37,45}x_raid_member
  * tests: add adaptec RAID test
  * tests: add hpt37x RAID test
  * tests: add hpt45x RAID test
  * tests: add isw RAID test
  * tests: add jmicron RAID test
  * tests: add lsi RAID test
  * tests: add nvidia RAID test
  * tests: add promise RAID test
  * tests: add silicon RAID test
  * mount: disable --no-canonicalize for non-root users
  * umount: add --no-canonicalize
  * po: merge changes
  * po: fix msgid bugs
  * po: merge changes

  [localization folks]

  * po: update pl.po (from translationproject.org) (Jakub Bogusz)
  * po: update cs.po (from translationproject.org) (Petr Pisar)
  * po: update eu.po (from translationproject.org) (Mikel Olasagasti Uranga)

  [ util-linux (2.17~rc1-1) experimental; urgency=low ]

  * New upstream version

  [ util-linux (2.16-3) unstable; urgency=low ]

  [Kel Modderman]

  * hwclockfirst.sh: initscript LSB header in conflict with update-rc.d
    options.  #487196

  [LaMont Jones]

  * hwclock*.sh: one more round of header tweaks.  #520607
  * Acknowledge Aurelien Jarno NMU

  [ xaw3d (1.5+E-18) unstable; urgency=low ]

  * Removed old scripts still around in debian/ tree.
  * Now using dh_prep instead of dh_clean -k.
  * Debhelper level set to 7.
  * Policy bumped to 3.8.4.
  * Added patch XawIm.c to prevent gv segfaulting.
    (#573474)
  * Added ${misc:Depends} to both binary packages to make lintian happy.
  * Added xaw3dg.lintian-overrides to override the
    package-name-doesnt-match-sonames lintian warning.
  * Added debian/README.source.

  [ xbitmaps (1.1.0-1) unstable; urgency=low ]

  [ Andres Salomon ]
  * Test for obj-$(DEB_BUILD_GNU_TYPE) before creating it during build;
    idempotency fix.
  * Run dh_install w/ --list-missing.

  [ Julien Cristau ]
  * Add watch file.
  * Run autoreconf at build time.
  * Bump debhelper compat level to 5.
  * Remove Branden and Fabio from Uploaders.
  * Add Vcs-{Git,Browser} control fields.
  * Build the package in binary-indep, not binary-arch (lintian).
  * Drop Conflicts/Replaces on pre-etch xlibs-data, and Pre-Depends on etch
    x11-common.
  * Bump Standards-Version to 3.8.3.
  * New upstream release.
  * Install the upstream changelog.
  * Install xbitmaps.pc in /usr/share instead of /usr/lib (#551113).
    Thanks, Colin Watson!

  [ xcb-util (0.3.6-1) unstable; urgency=low ]

  * New upstream release
  * Bump standard version

  [ xcursor-themes (1.0.2-1) unstable; urgency=low ]

  [ David Nusinow ]
  * Update xsfbs to 5693792171d885769e58dcccc053c08b11acd12a
  * Put dh_clean -k back where it belongs but use dh_prep instead

  [ Timo Aaltonen ]
  * New upstream release (#561604).

  [ Julien Cristau ]
  * Add build-dep on xutils-dev.
  * Fill in debian/copyright from upstream COPYING.
  * Make debian/rules parallel-safe, parse space-separated DEB_BUILD_OPTIONS.

  [ xcursor-themes (1.0.1-6) unstable; urgency=low ]

  [ Brice Goglin ]
  * Replace xbase-clients with x11-apps in Build-Depends since this is
    where xcursorgen is now.

  [ David Nusinow ]
  * Update xsfbs
  * Add README.Debian explaining how to use these cursors.
    Also includes description of what cursors the package provides. Thanks
    to John Goerzen for reporting this and Hamish for providing the
    README.Debian file.  #365061
  * Clean up the package description a little. #408837
  * Remove Branden and Fabio from the Maintainer list
  * Remove conflicts and replaces on ancient xlibs-data
  * Add support for parallel make
  * Bump standards version to 3.8.3.0
  * Add a watch file
  * autoreconf at build time. Add automake to build-deps.
  * Bump debhelper compat to 7. No changes needed.
  * Fix the copyright notice to point to the right place
  * Remove dh_clean -k and add a dh_prep in configure target

  [ xft (2.1.14-2) unstable; urgency=low ]

  [ Julien Cristau ]
  * Rename the build directory to not include DEB_BUILD_GNU_TYPE for no
    good reason.  Thanks, Colin Watson!
  * Remove myself from Uploaders

  [ Cyril Brulebois ]
  * Add udeb needed for the graphical installer: libxft2-udeb.
  * Version/Bump some B-D to make sure the udeb gets its dependencies on
    the (recently-added) udebs rather than on the libraries:
     - libx11-dev
     - libxrender-dev
  * Bump Standards-Version from 3.8.3 to 3.8.4 (no changes needed).
  * Add ${misc:Depends} to non-udeb binaries, and wrap Depends.
  * Add myself to Uploaders.

  [ xft (2.1.14-1) unstable; urgency=low ]

  [ Timo Aaltonen ]
  * New upstream release.
  * Bump the build-dep on xutils-dev (>= 1:7.5~1).
  * Bump Standards-Version to 3.8.3 (README.source added).
  * Drop pre-dependency on x11-common from libxft-dev. This was needed
    for upgrades from sarge.
  * Move -dbg package to section debug.

  [ xorg (1:7.5+6) unstable; urgency=medium ]

  * Drop radeonhd from xserver-xorg-video-all.  We switched to kernel
    modesetting for radeon, and that clashes with this driver.
  * Drop v4l from xserver-xorg-video-all.  It depends on the obsolete V4L1
    API, see #569103.
  * Add nouveau to xserver-xorg-video-all on linux x86 and powerpc.  Other
    arches can be added later if needed.
  * x11-common.init: don't include /usr/{s,}bin in PATH, since we only depend
    on $local_fs [lintian].

  [ xorg (1:7.5+5) unstable; urgency=low ]

  * Fix typo in Xsession.d/50x11-common_determine-startup, #573899.
  * Bump Standards-Version to 3.8.4, no changes needed.

  [ xorg (1:7.5+4) unstable; urgency=low ]

  * Add Xreset and Xreset.d support, #230422.
  * Improve startup speed of Xsession.d scripts by eliminating all unnecessary
    external program calls, thanks Martin Pitt, #570447.
    - In 20x11-common_process-args, cat $OPTIONFILE once into a variable and
      use POSIX variable substitution in all scripts instead of calling grep
      for every single test.
    - Use shell built in "type" instead of external "which" to test for
      programs.
    - 30x11-common_xresources: Swap the order of tests to keep the most
      unlikely (like "~/.Xresources exists") outside, to avoid running the
      other tests (like "xrdb exists") on systems which don't use Xresources.

  [ xorg (1:7.5+3) unstable; urgency=low ]

  * Remove the obsolete x11proto-evie-dev from xorg-dev dependencies.

  [ xorg (1:7.5+2) unstable; urgency=low ]

  * Fix typo in debian/scripts/vars.hurd-i386.  Thanks, Samuel Thibault!
  * Add fbdev and vmware video drivers to -all on hurd.  Requested by Samuel
    Thibault.
  * Remove myself from Uploaders
  * Kill xorg-dev dependency on x11proto-fontcache-dev.

  [ xorg (1:7.5+1) unstable; urgency=low ]

  * Drop xorg-dev dependency on x11proto-xf86misc-dev and libxxf86misc-dev,
    which are obsolete.
  * Same with x11proto-trap-dev and libxtrap-dev.
  * The call to udevadm trigger has moved to xserver-xorg-core and the
    drivers, remove it from xserver-xorg.postinst.
  * Upload to unstable.

  [ xorg (1:7.5~3) experimental; urgency=low ]

  [ Julien Cristau ]
  * On upgrade, restart hal on kfreebsd and run udevadm trigger on linux to
    make sure we can pick up input devices correctly.
  * Because of the above, move udev and hal from Recommends back to Depends.

  [ Brice Goglin ]
  * Add myself to Uploaders, remove Branden with his permission.

  [ xorg (1:7.5~2) experimental; urgency=low ]

  * Drop xorg-dev dependency on libxkbui-dev, which has no users.
  * Update xorg-dev long description.  There are no static-only X libs
    nowadays.
  * xorg-dev: don't depend on libxevie-dev.
  * xserver-xorg-video-all: don't depend on -intel on non-linux.
  * Switch hal dependency to a recommends, and make it kfreebsd-only (
    #515214).
  * Only install the hal fdi and callout on kfreebsd.
  * Add 'Old Changelog' in debian/changelog to make lintian happy.
  * Add ${misc:Depends} to all packages' Depends fields.
  * Drop dependency on console-setup, xserver-xorg-core now pulls in
    keyboard-configuration (#558236, #523960).
  * Depend on xserver-xorg-core 1.7.
  * xserver-xorg.NEWS: /etc/default/console-setup moved to
    /etc/default/keyboard.  Also note that evdev is Linux-only.
  * x11-common.NEWS: fix syntax (lintian).
  * x11-common.templates: use "for internal use" instead of "internal use
    only" in Description (lintian).
  * Add lintian overrides for xorg, x11-common and xserver-xorg.
  * Bump Standards-Version to 3.8.3.

  [ xorg (1:7.5~1) experimental; urgency=low ]

  [ Julien Cristau ]
  * Depend on xserver 1.7 RC.  Bump video and input driver ABI.

  [ David Nusinow ]
  * Update xsfbs to 5693792171d885769e58dcccc053c08b11acd12a
  * Revert dh_clean change from last upload but use dh_prep instead

  [ xorg (1:7.4+4) unstable; urgency=low ]

  [ Timo Aaltonen ]
  * debian-x11-keymap.fdi: Check for input.keys from info.capabilities.
    (#535291)
  * control: Move xserver-xorg dependency on evdev after -input-all.
    Otherwise only evdev is installed by default.

  [ Julien Cristau ]
  * xserver-wrapper: recognize /usr/bin/X as a path to the wrapper.
  * xserver-wrapper: don't print an error message if Xwrapper.config doesn't
    exist.
  * xserver-wrapper: allow unprivileged -showDefaultModulePath and
    -showDefaultLibPath options
  * xserver-wrapper: don't check the mode of /dev/dri.  It leads to a spurious
    error message in some cases, and isn't necessary.
  Thanks to Pierre-Loup A. Griffais for pointing out the three above items
  (#540932).

  [ David Nusinow ]
  * Bump debhelper compat to v7. No changes necessary.
  * Rename stamps to take advantage of dh_clean v7 handling them automatically
  * Bump standards version to 3.8.2. No changes necessary.

  [ zlib (1:1.2.3.4.dfsg-3) unstable; urgency=low ]

  * Only check for EOF on transparent streams if we have done a zero
    byte read to avoid reporting EOF early to applications.  This was
    breaking R.

  [ zlib (1:1.2.3.4.dfsg-2) unstable; urgency=low ]

  * Revert explict EOF indication to avoid triggering an infinite loop
    in man-db while rebuilding the caches (#562518).

  [ zlib (1:1.2.3.4.dfsg-1) unstable; urgency=low ]

  * New upstream release.
  * This release contains refactored handling of 64 bit types which should
    stop warnings being generated in some configurations (#439980).
  * This release also fixes handling of EOF in gzio (#301283).
  * Fix symbol version for inflateUndermine.
  * Move -dbg to debug section.
  * Add upstream home page.
  * Policy 3.8.3.

  [ zlib (1:1.2.3.3.dfsg-16) unstable; urgency=low ]

  * Concert to 3.0 (quilt) format.

 -- Goswin von Brederlow <goswin-v-b@web.de>  Sun, 05 Sep 2010 18:47:16 +0200

ia32-libs (20100611) unstable; urgency=low

  * Update packages.
  * Drop ia64 package lib32gcc1, it is included in ia32-libs-core now.
  * Add ${misc:Depends}.
  * Switch to debhelper 7.
    - use dh_prep instead of dh_clean -k
  * Update standars to 3.8.4.
  * Drop ia32-libs-dev package.
  * Make it a source version 3.0 "Native" package.
  * Add source/options settings equivalent to ia32-libs-core.

 -- Frederik Schüler <fs@debian.org>  Fri, 11 Jun 2010 12:58:27 +0200

ia32-libs (20090808) unstable; urgency=low

  * Update packages.
  * Automatically generate copyright file.  Closes: #540199, #505625.
  * Add libuuid1.  Closes: #540489, #540339, #539746.
  * Bump shlibs version to 20090808.  Closes: #540184.
  * B-D on dctrl-tools instead of grep-dctrl.  Closes: #505631.
  * Add locale symlink.  Thanks to Martin Pitt.  Closes: #505627.
  * Use ROOT/SUFFIX consistently in debian/rules.  Thanks to Martin Pitt.
    Closes: #505632.

 -- Mark Hymers <mhy@debian.org>  Sat, 08 Aug 2009 18:12:19 +0100

ia32-libs (20090804) unstable; urgency=low

  * Re-upload monolithic package.
  * Drop gdk-imlib1, gdk-imlib11, libcap1, libfusionsound-1.0-0, libxcb-xlib0
  * Bump libdirectfb to 1.2-0 from 1.0-0, libltdl3 to libltdl7
  * Replace libkrb53 with libkrb5support0, libkrb5-3, libk5crypto3,
    libgssapi-krb5-2

 -- Mark Hymers <mhy@debian.org>  Tue, 04 Aug 2009 21:35:25 +0100

ia32-libs (2.7) unstable; urgency=low

  * Freshen packages.
  * Drop libgnutls13 and libopencdk10: removed from lenny.

 -- Frederik Schüler <fs@debian.org>  Wed, 03 Sep 2008 20:40:18 +0200

ia32-libs (2.6) unstable; urgency=low

  [ Goswin von Brederlow ]
  * Fix echo -e bashism in debian/rules (Closes: 484391)

  [ Frederik Schüler ]
  * drop libldap2 and liblzo1.
  * Add libxcb1, libxcb-xlib0, libxcb-render0 and libxcb-render-util0 -
    new dependencies from libaudio2.
  * Replace libcupsys2 with libcups2.
  * Freshen packages.

 -- Frederik Schüler <fs@debian.org>  Wed, 23 Jul 2008 13:36:03 +0200

ia32-libs (2.5) unstable; urgency=low

  [ Arthur Loiret ]
  * Update symlinks for wine build: (Closes: #479662)
    - libpng.so -> libpng12.so.0
    - libgnutls.so -> libgnutls.so.26 (instead of libgnutls.so.13)
    - libXcomposite.so -> libXcomposite.so.1
    - libhal.so -> libhal.so.1
    - libcapi20.so -> libcapi20.so.3
    - libjack.so -> libjack.so.0
    - libcrypto.so -> libcrypto.so.0.9.8
  * Remove broken symlinks:
    - libpulse-browse.so
    - libpulse-mainloop-glib.so
  * Remove gtk2-engines-pixbuf, libglib1.2ldbl, libgtk1.2, libgtk1.2-common.
    - Remove symlinks libgmodule-2.so libgthread-2.so.

  [ Frederik Schüler ]
  * Freshen packages.

 -- Frederik Schüler <fs@debian.org>  Mon, 12 May 2008 23:35:00 +0200

ia32-libs (2.4) unstable; urgency=low

  [ Bdale Garbee ]
  * Change maintainer address to new alioth list

  [ Goswin von Brederlow ]
  * Add libraries:
    + libx86-1 (Closes: #474173)
    + libjack0 (Closes: #473390)
    + libssl0.9.8, libhal1, libxcomposite1, libcapi20-3,
      odbcinst1debian1, unixodbc (Closes: #473590)
    + libfltk1.1 (Closes: #441406)
    + libcap2 (Closes: #459251)
    + libpulse0, libasyncns0 (Closes: #469162)
    + add libselinux1
  * Add libcups.so symlink for wine (Closes: #473586)
  * Make fetch-and-build default to fetching, nobody ever builds
  * Increase shlibs version info to 2.4
  * Switch to gcc-4.3-base
  * Move qt to ia32-libs-gtk due to glib2 dependency.

  [ Frederik Schüler ]
  * Add libcap1 and libgnutls26

 -- Frederik Schüler <fs@debian.org>  Fri, 25 Apr 2008 00:00:16 +0200

ia32-libs (2.3) unstable; urgency=low

  * Filter out udebs from shlib files
  * Change sed expression for shlibs mangling (Closes: #456914)
  * Add new and updated libs:
    - libdirectfb-1.0-0
    - libfusionsound-1.0-0
    - libldap-2.4-2 (Closes: #466186)
    - libxss1 (Closes: #470825, #462337)
    - libpam-ldap (Closes: #411018)
    - libnss-ldap (Closes: #411018)
  * Add SDL and png symlinks for znes (Closes: #448537)

 -- Goswin von Brederlow <goswin-v-b@web.de>  Sat, 29 Mar 2008 18:52:17 +0100

ia32-libs (2.2) unstable; urgency=low

  * Add libsigc++-2.0-0c2a. (Closes: #435057, #434530)
  * Replace libglib1.2 with libglib1.2ldbl.
  * Add libaio1. (Closes: #436445)
  * Add libqt4-core and libqt4-gui.
  * Add libcupsys2. (Closes: #443516)
  * Add new dependencies and updated libs:
    - libcomerr2
    - libdbus-1-3
    - libkeyutils1
    - libkrb53
    - libopencdk10
    - libxdamage1

 -- Frederik Schüler <fs@debian.org>  Tue, 23 Oct 2007 00:05:54 +0200

ia32-libs (2.1) unstable; urgency=low

  * Remove depend on libc6-i386 (>= 2.5-5), ia64 has none
    Depend on libc6-i386 (>= 2.3.6-2) on amd64 comes from libc6-i386.shlibs.

 -- Goswin von Brederlow <brederlo@informatik.uni-tuebingen.de>  Tue, 17 Jul 2007 14:02:40 +0200

ia32-libs (2.0) unstable; urgency=low

  [ Goswin von Brederlow ]
  * Remove libstdc++2.10-glibc2.2, libstdc++2.9-glibc2.1,
    libstdc++3 and libtiff3g

  [ Frederik Schüler ]
  * Update all included packages to the current lenny version
  * Fix libusb.so symlink
  * Add liblzo2-2
  * Depend on libc6-i386 (>= 2.5-5) to match the version from Lenny
  * Add libgl1-mesa-dri. (Closes: #424927)

 -- Frederik Schüler <fs@debian.org>  Sun, 24 Jun 2007 02:35:41 +0200

ia32-libs (1.19) unstable; urgency=low

  * Add libSM.so symlink.
  * Add libXau.so and libXdmcp.so symlinks.
  * rebuild with latest packages from frozen etch.
  * Add freeglut3 and various other libs needed to run WINE on amd64.
    Thanks to Robert Millan <rmh@aybabtu.com> for sorting out the libs.
    (Closes: #394230, #402101)

 -- Frederik Schüler <fs@debian.org>  Wed, 24 Jan 2007 13:56:33 +0100

ia32-libs (1.18) unstable; urgency=low

  [ Goswin von Brederlow ]
  * Some more symlinks for wine building on amd64. (Closes: #394230)

  [ Frederik Schüler ]
  * Add libpopt0.
  * Add Suggests: ia32-libs-gtk.
  * Add some more compatibility symlinks.

 -- Frederik Schüler <fs@debian.org>  Fri, 10 Nov 2006 20:05:48 +0100

ia32-libs (1.17) unstable; urgency=low

  * Conflict with and Replace nvidia-glx-ia32 << 1.0.8774-7. 
    (Closes: #393193, #392923)

 -- Frederik Schüler <fs@debian.org>  Tue, 17 Oct 2006 00:06:17 +0200

ia32-libs (1.16) unstable; urgency=medium

  * Do not ship symlinks in /lib/ldconfig. (Closes: #388163)
  * Fix ldd on ia64, thanks to Ian Wienand for the hint. (Closes: #392718)
  * Add wine compatibility symlinks. (Closes: #351730)

 -- Frederik Schüler <fs@debian.org>  Fri, 13 Oct 2006 12:51:33 +0200

ia32-libs (1.15) unstable; urgency=low

  * Add libsvga1 to satisfy libsdl1.2debian-alsa dependencies.
    (Closes: #381909)
  * Add libdrm2 to allow DRM acceleration of 32bit applications.
    (Closes: #381700)
  * Updated to latest etch versions: coreutils libacl1 libpng12-0
    libstdc++2.10-glibc2.2 libwmf0.2-7 libxml2 libxv1 zlib1g

 -- Frederik Schüler <fs@debian.org>  Tue,  8 Aug 2006 16:35:35 +0200

ia32-libs (1.14) unstable; urgency=low

  [ Frederik Schüler ]
  * Add libxinerama1. (Closes: #376271)

  [ Goswin von Brederlow ]
  * Add Pre-Depends on dpkg from etch. (Closes: #371162)

 -- Frederik Schüler <fs@debian.org>  Thu, 20 Jul 2006 11:28:32 +0200

ia32-libs (1.13) unstable; urgency=low

  * Really fix lib32gcc1 doc dir. (Closes: 367435)
  * Add new libs: libcairo2, libusb, libpng12-0 (Closes: #369931, #370191)
  * Update Xorg libraries to 7.0

 -- Frederik Schüler <fs@debian.org>  Tue, 18 Jul 2006 17:59:32 +0200

ia32-libs (1.12) unstable; urgency=low

  [ Goswin von Brederlow ]
  * Mangle /usr/share/lintian/overrides/libgcc1 into
    /usr/share/lintian/overrides/lib32gcc1 and append
    debian/lib32gcc1.overrides to it. (Closes: #367435)
  * Correctly mangle shlibs file for lib32gcc1.

 -- Goswin von Brederlow <brederlo@informatik.uni-tuebingen.de>  Sat, 27 May 2006 01:52:13 +0200

ia32-libs (1.11) unstable; urgency=low

  [ Frederik Schüler ]
  * Make the package Priority: extra.

  [ Goswin von Brederlow ]
  * Insert the ia32-libs version before the binNMU tag in lib32gcc1.
    Closes: #367435
  * Support sources.list.local for fetch-and-build runs to avoid
    accidental sources.list.deb changes in the svn repository.

 -- Goswin von Brederlow <brederlo@informatik.uni-tuebingen.de>  Tue, 16 May 2006 22:08:13 +0200

ia32-libs (1.10) unstable; urgency=low

  * [amd64] depend on lib32ncurses5, instead of shipping it. 
    Closes: #365544

 -- Frederik Schüler <fs@debian.org>  Tue,  2 May 2006 21:21:59 +0200

ia32-libs (1.9) unstable; urgency=low

  [ Frederik Schüler ]
  * Depend on lib32asound2 instead of shipping libasound2.
  * Include libxv1. Closes: #364061

  [ Goswin von Brederlow ]
  * fetch-and-build: Fail on download failure or missing source
  * fetch-and-build: Correct source version for bin-NMUs

 -- Frederik Schüler <fs@debian.org>  Sun, 23 Apr 2006 21:52:12 +0200

ia32-libs (1.8) unstable; urgency=low

  * Depend on lib32stdc++6 instead of shipping libstdc++6. Closes: #362600

 -- Frederik Schüler <fs@debian.org>  Sun, 16 Apr 2006 21:28:43 +0200

ia32-libs (1.7) unstable; urgency=low

  [ Frederik Schüler ]
  * Add gdk-imlib11 to fix dangling symlinks.
  * add libsdl1.2debian-alsa and it's dependency libasound2 to support SDL
    applications.
  * Add libstdc++6, libxcursor1 and libxxf86vm1. Closes: #317845, #356682
  * Add gcc-4.1-base.

 -- Frederik Schüler <fs@debian.org>  Thu, 13 Apr 2006 17:23:44 +0200

ia32-libs (1.6) unstable; urgency=low

  * New maintainer team: Bdale Garbee, Goswin von Brederlow, Frederik Schüler.

  [ Aurelien Jarno ]
  * Don't ship the glibc on amd64. Closes: #354380, #328949
  * Make ia32-libs depends on libc6-i386 and ia32-libs-dev on libc6-dev-i386.
    Closes: #355591, #310103, #341919
  * Don't make a symlink /usr/lib32 -> /emul/ia32-linux.

  [ Goswin von Brederlow ]
  * Update sources and debs
    - xlibmesa-glu -> libglu1-xorg
    - libxft1 -> libxft2
    - libdps1 is no more
    - libpam0g needed by vmware
  * Rewrite fetch-and-build. Closes: #355766
    - Don't fetch the first source building a package but the one
      having the deb in Debian.
    - Check that local sources are newer than or not in Debian.
    - Download all debs in one go. They may not conflict so apt
      can't fail or skip any.
    - Sanity check all debs (including local) to have matching sources.
  * Don't mess with /etc/ld.so.conf but use /lib/ldconfig/ links.
    Closes: #317887
  * Cleanup /etc/ld.so.conf on upgrades from old versions.
  * Don't divert ldd on amd64 as we don't ship it anymore.
  * Use DEB_HOST_ARCH, the arch we build _for_.
  * Drop ia32-libs-dev on amd64 (it is empty).
  * Split install into lib, dev and libgcc1 packages. Closes: #311423
  * Fix dpkg-divert errors. Remove diversion on amd64 and on remove.

  [ Frederik Schüler ]
  * Join all patches from Aurelien Jarno and Goswin von Brederlow in the BTS
    in order to address all open RC bugs.
  * Updated all included packages to latest testing version.

 -- Frederik Schüler <fs@debian.org>  Fri, 10 Mar 2006 13:53:39 +0100

ia32-libs (1.5) unstable; urgency=low

  * Update zlib to 1.2.3 (closes: #317971).
  * On amd64, do not include libz, but depend on the lib32 packages.
    Closes: #334346, #335910.

 -- Matthias Klose <doko@debian.org>  Sat, 12 Nov 2005 11:34:13 +0000

ia32-libs (1.4) unstable; urgency=high

  * Correctly adjust the GROUP commands in linker scripts this time.
    Thanks to Goswin von Brederlow for the patch.   This also means we
    don't mangle random libraries either.  Closes: #305122, #306512.
  * Ship /usr/lib32 as a symlink to /emul/ia32-linux/usr/lib.  This makes
    gcc -m32 happy again on amd64.  Closes: #307521
  * We're not doing anything clever with ia32-libs-dev.{preinst,postrm},
    so don't pretend to either.

 -- Tollef Fog Heen <tfheen@debian.org>  Thu,  5 May 2005 14:37:55 +0200

ia32-libs (1.3) unstable; urgency=low

  * Adjust linker scripts too, closes: #305122
  * Adjust section for ia32-libs-dev
  * Depend on lib32gcc1, closes: #305975
  * Add replaces for ia32-libs-openoffice.org, closes: #304971

 -- Tollef Fog Heen <tfheen@debian.org>  Mon, 25 Apr 2005 01:19:06 +0000

ia32-libs (1.2) unstable; urgency=low

  * Make sure we don't ship files in /usr/bin, closes: #304408
  * Make the removal of an obsolete alternative quiet.

 -- Tollef Fog Heen <tfheen@debian.org>  Thu, 14 Apr 2005 11:14:29 +0000

ia32-libs (1.1) unstable; urgency=high

  * Put Bdale back as the maintainer, sorry to both Bdale and Daniel for
    the confusion.
  * Update the README.build too.
  * Bump urgency, since this fixes an RC bug so we want to get it in
    quickly.
  * Make sure to include the ia32-libs version number too in the lib32gcc1
    package version.
  
 -- Tollef Fog Heen <tfheen@debian.org>  Tue, 12 Apr 2005 06:55:17 +0000

ia32-libs (1) unstable; urgency=low

  * Merge the Debian and Ubuntu versions of this package.
  * Now provide source, closes: #291952.
  * Add zlib, closes: #269497.
  * Add lesstif2, closes: #255787.
  * Add Xrender libs, closes: #287241.
  * Add libexpat1, libfontconfig1, closes: #291743.
  * Add libgcc1 on ia64, closes: #294322.
  * Add note about runnin ldconfig to README.Debian, closes: #294510
  
 -- Tollef Fog Heen <tfheen@debian.org>  Mon, 11 Apr 2005 16:22:08 +0200

ia32-libs (0.7) unstable; urgency=medium

  * incorporate work by Matthias Klose on 0.6 into my source tree
  * freshen to latest packages in Debian testing
  * mostly-cosmetic updates to rules, README.Debian, etc
  * make the -dev package build correctly, and add a Manifest file
  * add libacl1, libattr1

 -- Bdale Garbee <bdale@gag.com>  Thu, 12 Aug 2004 16:53:54 -0600

ia32-libs (0.6) unstable; urgency=low

  * Build ia32-libs-dev package, needed as a build dependency for an
    biarch compiler.
  * Add libc6-dev package to the archive.
  * Make /usr/lib32 a symlink to /emul/ia32-linux/usr/lib. Ugly, but doesn't
    get in the way with existing (/usr/lib) and future (/usr/i486-linux/lib)
    links.

 -- Matthias Klose <doko@debian.org>  Thu, 12 Aug 2004 15:45:31 +0000

ia32-libs (0.5ubuntu3) hoary; urgency=low

  * Build libgcc1, but only ship it if uname -m == ia64.

 -- Tollef Fog Heen <tfheen@debian.org>  Sun, 29 Aug 2004 11:18:56 +0200
	
ia32-libs (0.5ubuntu2) warty; urgency=low

  * Don't ship libstdc++, it's provided by the lib32stdc++5 package,
    built by gcc-3.3

 -- Tollef Fog Heen <tfheen@debian.org>  Sun, 29 Aug 2004 11:18:56 +0200

ia32-libs (0.5ubuntu1) warty; urgency=medium

  * Make sure we include source, basically hacked from amd64-libs, by
    Daniel Jacobowitz.

 -- Tollef Fog Heen <tfheen@raw.no>  Sun, 29 Aug 2004 10:00:44 +0200

ia32-libs (0.5) unstable; urgency=low

  * add amd64 to the architecture list, closes: #252762
  * freshen to latest packages in Debian testing

 -- Bdale Garbee <bdale@gag.com>  Wed,  9 Jun 2004 11:47:59 -0600

ia32-libs (0.4) unstable; urgency=low

  * document in README.Debian how to use dpkg -X to add packages to the 
    /emul/ia32-linux tree.  Thanks to Torsten Werner for this.
  * add more libraries and a uname binary, closes: #162093
  * freshen to latest packages in Debian testing, closes: #171449
  * add more libstdc++ versions, closes: #216978

 -- Bdale Garbee <bdale@gag.com>  Wed, 10 Dec 2003 15:23:43 -0700

ia32-libs (0.3) unstable; urgency=low

  * add libstdc++2.9-glibc2.1_2.91.66-4_i386.deb to the set of libraries
    delivered

 -- Bdale Garbee <bdale@gag.com>  Mon, 18 Feb 2002 01:29:50 -0700

ia32-libs (0.2) unstable; urgency=high

  * put ld-linux.so.2 in the right place, closes: #123231
  * improve handling of /etc/ld.so.conf in postinst/postrm
  * freshen set of ia32 libs delivered
  * don't mash permissions in /emul/ia32-linux during packaging
  * mark this urgency high since initial version didn't work at all... /o\

 -- Bdale Garbee <bdale@gag.com>  Fri, 15 Feb 2002 21:11:37 -0700

ia32-libs (0.1) unstable; urgency=low

  * Initial Release.  Debian-specific, ia64-only package.

 -- Bdale Garbee <bdale@gag.com>  Fri, 23 Nov 2001 14:17:02 -0700
