kodi (2:21.1+dfsg-3) unstable; urgency=critical
 .
   * workarounds/pcre: Drop CFTPParse port

mariadb (1:11.4.3-1) unstable; urgency=medium
 .
   [ Otto Kekäläinen ]
   * New upstream version 11.4.3. Includes fixes for several severe regressions
     as noted at https://mariadb.com/kb/en/mariadb-11-4-3-release-notes/. This
     release is not known to include any CVE assigned security fixes.
   * Add Lintian override for metadata_lock_info.so not linked against libc
   * Update Lintian overrides and MTR skiplists after 11.4.3 import
   * Update server trace to include new parameters and values
   * Refactor import * with only required imports
   * Import upstream debian/ changes from MDEV-33750
   * Pre-depend on 'procps' in mariadb-server
   * Use /usr/lib/lsb/init-functions instead of old /lib location
   * Rewrite the NEWS item to match latest status in MariaDB 11.4.3
   * Extend gbp.conf and update maintainer READMEs to make git-buildpackage
     and in general building and maintaining this package easier and more
     approachable by new contributors
 .
   [ Bastien Roucariès ]
   * Add NEWS file

python-django (3:4.2.15-1) unstable; urgency=high
 .
   * New upstream security release. (Closes: #1078074)
 .
     - CVE-2024-41989: Memory exhaustion in django.utils.numberformat.
 .
       The floatformat template filter is subject to significant memory
       consumption when given a string representation of a number in
       scientific notation with a large exponent.
 .
     - CVE-2024-41990: Potential denial-of-service in django.utils.html.urlize.
 .
       The urlize() and urlizetrunc() template filters are subject to a
       potential denial-of-service attack via very large inputs with a specific
       sequence of characters.
 .
     - CVE-2024-41991: Potential denial-of-service vulnerability in
       django.utils.html.urlize() and AdminURLFieldWidget
 .
       The urlize and urlizetrunc template filters, and the AdminURLFieldWidget
       widget, are subject to a potential denial-of-service attack via certain
       inputs with a very large number of Unicode characters.
 .
     - CVE-2024-42005: Potential SQL injection in QuerySet.values() and
       values_list()
 .
       QuerySet.values() and values_list() methods on models with a JSONField
       are subject to SQL injection in column aliases via a crafted JSON object
       key as a passed *arg.
 .
     <https://www.djangoproject.com/weblog/2024/aug/06/security-releases/>

ruby-build (20240727-2) unstable; urgency=medium
 .
   * Only run YJIT autopkgtest on supported arches
   * Run bats in dh_auto_test
ruby-build (20240727-1) unstable; urgency=medium
 .
   * New upstream version 20240727 (Closes: #1075929)
   * Bump Standards-Version to 4.7.0
   * Rework patch for updated ruby-build version
   * Don't run new Makefile in dh_build
   * Add new Ruby build dependencies to Depends
   * Update my email address and copyright year
   * Update debian/watch GitHub URL
   * Forward patch upstream
   * Add Upstream-Contact to d/copyright
   * Run licenserecon in CI
   * Use upstream man page
   * Use pristine-tar
   * Test building Rubies in autopkgtest
   * Add overrides for overzealous lintian checks