gdk-pixbuf (2.42.12+dfsg-3) unstable; urgency=high
 .
   * Team upload
   * d/p/lzw-Fix-reporting-of-bytes-written-in-decoder.patch:
     Add patch from upstream to fix LZW error reporting.
     Setting the reported output size to the full buffer length rather than
     the actual number of written bytes can cause uninitialized memory
     contents to be disclosed. (CVE-2025-6199; Closes: #1107994)
   * Set high urgency for security fix

glib2.0 (2.84.3-1) unstable; urgency=medium
 .
   * New upstream stable release
     - Move an ineffective string length overflow check to a location where it
       will be effective, fixing a possible buffer overflow when working with
       multi-gigabyte strings (CVE-2025-6052, Closes: #1107797; unlikely to be
       exploitable in practice)
   * d/control: Update Homepage (Closes: #1087982)

whois (5.6.2) unstable; urgency=medium
 .
   * Updated the .post and .in (and related IDN TLDs) TLD servers.
   * Removed 1 new gTLDs which is no longer active.
   * Build-Depend on libcrypt-dev. (Closes: #1106977)