dkimpy (1.1.1-1) unstable; urgency=medium
 .
   * New upstream release
   * Bump standards-version to 4.6.2 without further change
   * Add lintian overrides for test files

eterm (0.9.6-7) unstable; urgency=medium
 .
   * Fix FTBFS with imlib2 1.9.1. Closes: #1018023.
     Thanks to Matthew Vernon for pointing me to the patch used by netbsd.

golang-gopkg-h2non-filetype.v1 (1.1.3+ds1-1) unstable; urgency=medium
 .
   [ Debian Janitor ]
   * Set debhelper-compat version in Build-Depends.
   * Set upstream metadata fields: Bug-Database, Bug-Submit.
   * Update standards version to 4.1.5, no changes needed.
 .
   [ Anthony Fok ]
   * New upstream version 1.1.3+ds1
   * debian/gbp.conf: Set debian-branch to debian/sid for DEP-14 conformance
   * Update debian/watch so that it can detect new versions on GitHub again
   * Reorder fields in debian/control and debian/copyright
     and make minor edits
   * Change Section from devel to golang
   * Update Maintainer email address to team+pkg-go@tracker.debian.org
   * Adopt package from Alexandre Viau.  Thank you for all the great work
     you have done in maintaining this package, aviau!  (Closes: #940444)
   * Add "Rules-Requires-Root: no" to debian/control
   * Bump debhelper build-dependency to debhelper-compat (= 13)"
   * Use dh-sequence-golang instead of dh-golang and --with=golang
   * Invoke dh with --builddirectory=_build
   * Bump Standards-Version to 4.6.2 (no change)
   * Set upstream metadata fields: Repository, Repository-Browse
   * Adjust for the new github.com/h2non/filetype canonical name:
     Change debian/golang-gopkg-h2non-filetype.v1-dev.links
     so that gopkg.in/h2non/filetype.v1 becomes a symlink instead,
     and add debian/golang-gopkg-h2non-filetype.v1-dev.maintscript
     for the symlink_to_dir and dir_to_symlink transition.

gourmand (1.1.0+really1.1.0~rc3-3) unstable; urgency=medium
 .
   * Add upstream patch to fix "unable to add an ingredient"
     (Closes: #1030027)

libreswan (4.10-2) unstable; urgency=medium
 .
   * Reach NSPR mipsel workaround for #854472
libreswan (4.10-1) unstable; urgency=medium
 .
   * new upstream version
     - fixes CVE-2023-23009 (Closes: #1031821)
     - fixes some IKEv1 overdeletion
libreswan (4.9-2) unstable; urgency=medium
 .
   * Fix CVE-2023-23009
     (this is an attempted fix, upstream has not confirmed it yet
     at https://github.com/libreswan/libreswan/issues/954)
libreswan (4.9-1) unstable; urgency=medium
 .
   [ Daniel Kahn Gillmor ]
   * New upstream release
     - upstream fixed LTO (Closes: #1015517)
   * d/upstream/signing-key.asc: update with better bindings
   * Standards-Version: bump to 4.6.2 (no changes needed)
 .
   [ Vagrant Cascadian ]
   * debian/rules: Pass OBJDIR to avoid embedding hostname. (Closes: #1020736)
 .
   [ Daniel Kahn Gillmor ]
   * refresh patches
   * d/copyright: remove reference to upstream-deleted BSDKAME code
   * update lintian overrides
   * d/copyright: update years to relevant years

packagekit-qt (1.1.1-1) unstable; urgency=medium
 .
   * New upstream bugfix release: 1.1.1
     - Fixes update notifications not being shown because frontends
       may get confused by a new transaction property (Closes: #1027831)
     - Fixes a crash that occurs if a transaction role is not yet
       known or the transaction is not initialized (Closes: #1026062)

passt (0.0~git20230309.7c7625d-1) unstable; urgency=medium
 .
   * New upstream version 0.0~git20230309.7c7625d
   * Fix cross-build and armhf build reproducibility by using the
     target declared by the compiler to build seccomp profiles, not
     the current machine type
   * Fix build on sh4 by correcting the AUDIT_ARCH target name
   * Fix signedness warning reported on 32-bit architectures
   * Terminate gracefully if open files quota is reached
   * Fix inbound TCP Maximum Segment Size used to queue data to tap
     interface, in pasta mode
   * Fix accidental gap in slirp4netns compatibility by introducing
     trivial options to actually set outbound interfaces and addresses

php-guzzlehttp-psr7 (2.4.4-1) unstable; urgency=medium
 .
   [ Tim Düsterhus ]
   * Remove the need for `AllowDynamicProperties` in LazyOpenStream (#547)
 .
   [ Graham Campbell ]
   * Release 2.4.4 (#550)
 .
   [ David Prévot ]
   * Update standards version to 4.6.2, no changes needed.

py7zr (0.11.3+dfsg-5) unstable; urgency=medium
 .
   [ YOKOTA Hiroshi ]
   * debian/patches/0003-Fix-sanity-check-for-path-traversal-attack.patch
     - backport upstream fix for CVE-2022-44900; Closes: #1032091

pydle (0.9.4-4) unstable; urgency=medium
 .
   * Team upload.
   * Patch: Remove Deprecated Marker from WHOIS. (Closes: #1031974)
   * Patch: Remove not used coroutine import.
   * Patch: Fixup irccat.py example.

rails (2:6.1.7.3+dfsg-1) unstable; urgency=medium
 .
   * Team upload.
   * New upstream version 6.1.7.3+dfsg. Closes: #1030050.
     + This is a security-only release from a rails stable branch.
       Upstream changelogs:
       https://github.com/rails/rails/releases/tag/v6.1.7.1
       https://github.com/rails/rails/releases/tag/v6.1.7.2
       https://github.com/rails/rails/releases/tag/v6.1.7.3
       Fixed CVEs: CVE-2023-22796 CVE-2023-22794 CVE-2022-44566 CVE-2023-22795
       CVE-2023-22792 CVE-2023-28120 CVE-2023-23913
     + All reverse dependencies and build-dependencies have been
       tested using the ruby team's tooling. No regressions were found.

ruby-rack (2.2.6.4-1) unstable; urgency=medium
 .
   * Team Upload
   * New upstream version 2.2.6.4 (Fixes: CVE-2023-27530, CVE-2023-27539)
   * Refresh patches (remove patches applied upstream)