chromium (146.0.7680.177-1) unstable; urgency=high
 .
   [ Andres Salomon ]
   * New upstream security release.
     - CVE-2026-5272: Heap buffer overflow in GPU.
       Reported by inspector-ambitious.
     - CVE-2026-5273: Use after free in CSS. Reported by Anonymous.
     - CVE-2026-5274: Integer overflow in Codecs.
       Reported by heapracer (@heapracer).
     - CVE-2026-5275: Heap buffer overflow in ANGLE.
       Reported by c6eed09fc8b174b0f3eebedcceb1e792.
     - CVE-2026-5276: Insufficient policy enforcement in WebUSB.
       Reported by Ariel Simon.
     - CVE-2026-5277: Integer overflow in ANGLE.
       Reported by c6eed09fc8b174b0f3eebedcceb1e792.
     - CVE-2026-5278: Use after free in Web MIDI.
       Reported by c6eed09fc8b174b0f3eebedcceb1e792.
     - CVE-2026-5279: Object corruption in V8.
       Reported by Hyeonjun Ahn (@_deayzl).
     - CVE-2026-5280: Use after free in WebCodecs.
       Reported by heapracer (@heapracer).
     - CVE-2026-5281: Use after free in Dawn.
       Reported by 86ac1f1587b71893ed2ad792cd7dde32.
     - CVE-2026-5282: Out of bounds read in WebCodecs.
       Reported by c6eed09fc8b174b0f3eebedcceb1e792.
     - CVE-2026-5283: Inappropriate implementation in ANGLE.
       Reported by sweetchip.
     - CVE-2026-5284: Use after free in Dawn.
       Reported by 86ac1f1587b71893ed2ad792cd7dde32.
     - CVE-2026-5285: Use after free in WebGL.
       Reported by c6eed09fc8b174b0f3eebedcceb1e792.
     - CVE-2026-5286: Use after free in Dawn. Reported by sweetchip.
     - CVE-2026-5287: Use after free in PDF. Reported by Syn4pse.
     - CVE-2026-5288: Use after free in WebView. Reported by Google.
     - CVE-2026-5289: Use after free in Navigation. Reported by Google.
     - CVE-2026-5290: Use after free in Compositing. Reported by Google.
     - CVE-2026-5291: Inappropriate implementation in WebGL.
       Reported by heapracer (@heapracer).
     - CVE-2026-5292: Out of bounds read in WebCodecs. Reported by Google.
   * d/patches:
     - upstream/Fix-blink-compilation-for-platforms-other-than-x86-and-arm.patch:
       drop, merged upstream.
     - ungoogled/disable-ai.patch: resync with u-c.
 .
   [ Daniel Richard G. ]
   * d/copyright: Exclude *.pb (protobuf) binary files.
   * d/patches: Various ungoogled-chromium-related updates.
     - disable/glic.patch: Drop, replaced with disable-ai.patch from the
       ungoogled-chromium project.
     - ungoogled/disable-ai.patch: Import new patch from ungoogled-chromium
       that zaps glic, screen_ai, and various other adjacent AI-based features.
     - ungoogled/disable-mei-preload.patch: Import patch to allow building
       without *.pb files.
     - ungoogled/disable-privacy-sandbox.patch: Update imported patch.
 .
   [ Timothy Pearson ]
   * d/patches/ppc64le:
     - third_party/0005-blink-add-audio-vector-support.patch: Fix FBTFS from
       upstream adding vector-accelerated audio delay functions
 .
   [ Jianfeng Liu ]
   * d/patches/upstream:
     - Fix-blink-compilation-for-platforms-other-than-x86-and-arm.patch: Fix
       FBTFS from upstream for blink audio delay function on loong64
chromium (146.0.7680.164-1) unstable; urgency=high
 .
   [ Andres Salomon ]
   * New upstream security release.
     - CVE-2026-4673: Heap buffer overflow in WebAudio.
       Reported by c6eed09fc8b174b0f3eebedcceb1e792.
     - CVE-2026-4674: Out of bounds read in CSS. Reported by Syn4pse.
     - CVE-2026-4675: Heap buffer overflow in WebGL.
       Reported by 86ac1f1587b71893ed2ad792cd7dde32.
     - CVE-2026-4676: Use after free in Dawn.
       Reported by 86ac1f1587b71893ed2ad792cd7dde32.
     - CVE-2026-4677: Out of bounds read in WebAudio.
       Reported by c6eed09fc8b174b0f3eebedcceb1e792.
     - CVE-2026-4678: Use after free in WebGPU. Reported by Google.
     - CVE-2026-4679: Integer overflow in Fonts.
       Reported by GF, Un3xploitable Of DeadSec.
     - CVE-2026-4680: Use after free in FedCM. Reported by Shaheen Fazim.

debputy (0.1.85) unstable; urgency=medium
 .
   * migrate-from-dh:
     - remove `tmpfile`, not `tmpfiles` when they are identical
 .
   * d/copyright: Remove (now) obsolete stanza
   * debputy: Fix crash when building `udeb` packages.
     Thanks to Nicolas Boulenguez <nicolas@debian.org> (Closes: #1132014)

libmicrohttpd (1.0.3-1) unstable; urgency=medium
 .
   * [8eaf79a] New upstream version 1.0.3
   * [3188c64] d/copyright: adjust for new upstream release
   * [8ee8bd5] d/patches/: removed as all patches are part of upstream
   * [9300cf9] d/libmicrohttpd12t64.symbols: add new upstream symbol
   * [3c6c48d] d/control: drop now-obsolete fields Priority and RRR
   * [cfbc67b] d/control: Standards-Version: 4.7.4 (no further changes
     required)

rust-profiling-procmacros (1.0.16-1) unstable; urgency=medium
 .
   * Package profiling-procmacros 1.0.16 from crates.io using debcargo 2.7.7
rust-profiling-procmacros (1.0.16-1) unstable; urgency=medium
 .
   * Team upload.
   * Package profiling-procmacros 1.0.16 from crates.io using debcargo 2.7.7
rust-profiling-procmacros (1.0.14-1) unstable; urgency=medium
 .
   * Package profiling-procmacros 1.0.14 from crates.io using debcargo 2.6.1

snapper-gui (0git.960a94834f-6.1) unstable; urgency=medium
 .
   * Non-maintainer upload.
   * Add missing dependency on python3-pkg-resources (Closes: #1098266).
snapper-gui (0git.960a94834f-6) unstable; urgency=medium
 .
   [ Debian Janitor ]
   * [e1d59d3c] debian/copyright: use spaces rather than tabs to start continuation lines.
   * [99656373] Bump debhelper from old 11 to 13.
   * [3d66a01b] Set debhelper-compat version in Build-Depends.
   * [522d9c97] Set upstream metadata fields: Repository-Browse.
 .
   [ Ritesh Raj Sarraf ]
   * [75175d26] Handle file open modes of python 3.11
snapper-gui (0git.960a94834f-5) unstable; urgency=medium
 .
   * [77d49344] Add patch to fix desktop file
snapper-gui (0git.960a94834f-4) unstable; urgency=medium
 .
   [ Ondřej Nový ]
   * d/control: Remove ancient X-Python3-Version field
 .
   [ Ritesh Raj Sarraf ]
   * [e97b3895] Add explicit runtime dependency on python3-dbus.
     Thanks to Daniel Leidert (Closes: 1008811)
snapper-gui (0git.960a94834f-3.1) unstable; urgency=medium
 .
   * Non maintainer upload by the Reproducible Builds team.
   * No source change upload to rebuild on buildd with .buildinfo files.
snapper-gui (0git.960a94834f-3) unstable; urgency=medium
 .
   * [f8a1b1cc] Add snapper to depends.
     Thanks to Jean-Luc Coulon (Closes: #909177)
snapper-gui (0git.960a94834f-2) unstable; urgency=medium
 .
   * [8ff17da5] Explain the reason for disabling tests.
     Thanks to Chris Lamb (Closes: #905314)
   * [260a61f0] Add dependency on gir1.2-gtksource-3.0.
     Thanks to Mykola Nikishov (Closes: #905338)
   * [c853fad4] Add debian/gbp.conf file
snapper-gui (0git.960a94834f-1) unstable; urgency=medium
 .
   * Initial release (Closes: #904563)

tseries (0.10-61-1) unstable; urgency=medium
 .
   * New upstream release
 .
   * debian/control: Set Build-Depends: to current R version
   * debian/watch: Stick with version 4 for now

tzdata (2026a-3) unstable; urgency=medium
 .
   * Also test leapseconds exiry during build (using changelog timestamp)
tzdata (2026a-2) unstable; urgency=medium
 .
   * Add autopkgtest to check for outdated leap-seconds.list (LP: #2140307)
   * Bump Standards-Version to 4.7.4