7zip-rar (26.01-1) unstable; urgency=medium
 .
   * Drop version mangle for new upstream version
   * New upstream version 26.01
   * Rediff patches

cdsetool (0.3.1-1) unstable; urgency=medium
 .
   [ Bas Couwenberg ]
   * Bump Standards-Version to 4.7.4, no changes.
   * Update lintian overrides.
   * Drop Rules-Requires-Root: no, default since dpkg 1.22.13.
   * Use test-build-validate-cleanup instead of test-build-twice.
   * Drop Priority: optional, default since dpkg 1.22.13.
 .
   [ Antonio Valentino ]
   * New upstream release.
   * Update d/copyrigth.

libpgjava (42.7.11-1) unstable; urgency=medium
 .
   * New upstream version 42.7.11.
   * Limit SCRAM PBKDF2 iterations accepted from the server.
     pgjdbc was vulnerable to a client-side denial of service in SCRAM-SHA-256
     authentication, where a malicious or compromised PostgreSQL server could
     specify an extremely large PBKDF2 iteration count, causing the client to
     consume unbounded CPU and potentially exhaust connection pools. The fix
     introduces a new scramMaxIterations connection property (defaulting to
     100,000) to cap iteration counts before computation begins.
     (CVE-2026-42198)

lua-filesystem (1.9.0-2) unstable; urgency=medium
 .
   * d/salsa-ci.yml
   * support Lua5.5
   * Standards-Version 4.7.4, no changes needed
   * lintian-overrides