diffoscope - Debian Package Tracker

general

source: diffoscope (main)
version: 316
maintainer: Reproducible builds folks (archive) (DMD)
uploaders: Chris Lamb [DMD] – Holger Levsen [DMD] – Mattia Rizzolo [DMD]
arch: all
std-ver: 4.7.3
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 177
oldstable: 240+deb12u1
stable: 297+deb13u1
stable-bpo: 306~bpo13+1
testing: 315
unstable: 316

versioned links

177: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
240+deb12u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
297+deb13u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
306~bpo13+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
315: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
316: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

diffoscope (29 bugs: 0, 12, 17, 0)
diffoscope-minimal (1 bugs: 0, 0, 1, 0)

action needed

Marked for autoremoval on 08 May due to libguestfs: #1131838 high

Version 315 of diffoscope is marked for autoremoval from testing on Fri 08 May 2026. It depends (transitively) on libguestfs, affected by #1131838. You should try to prevent the removal by fixing these RC bugs.

Created: 2026-04-01 Last update: 2026-04-03 10:02

lintian reports 1 error and 1 warning high

Lintian reports 1 error and 1 warning about this package. You should make the package lintian clean getting rid of them.

Created: 2026-04-03 Last update: 2026-04-03 07:30

Depends on packages which need a new maintainer normal

The packages that diffoscope depends on which need a new maintainer are:

db-defaults (#1055344)
- Recommends: db-util db-util
- Build-Depends: db-util

Created: 2019-11-22 Last update: 2026-04-03 10:02

version in VCS is newer than in repository, is it time to upload? normal

vcswatch reports that this package seems to have a new changelog entry (version 317, distribution UNRELEASED) and new commits in its VCS. You should consider whether it's time to make an upload.

Here are the relevant commit messages:

commit fef5068efbfffde714bb13378d6ba89d1a4937a2
Author: Chris Lamb <lamby@debian.org>
Date:   Thu Apr 2 10:32:36 2026 -0700

    Open new changelog entry for version 317.
    
    Gbp-Dch: ignore

Created: 2019-05-22 Last update: 2026-04-02 22:02

9 open merge requests in Salsa normal

There are 9 open merge requests for this package on Salsa. You should consider reviewing and/or merging these merge requests.

Created: 2025-08-19 Last update: 2026-01-23 23:32

1 low-priority security issue in bookworm low

There is 1 open security issue in bookworm.

1 issue left for the package maintainer to handle:

CVE-2024-25711: (needs triaging) diffoscope before 256 allows directory traversal via an embedded filename in a GPG file. Contents of any file, such as ../.ssh/id_rsa, may be disclosed to an attacker. This occurs because the value of the gpg --use-embedded-filenames option is trusted.

You can find information about how to handle this issue in the security team's documentation.

Created: 2024-02-10 Last update: 2026-04-03 00:48

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.7.4 instead of 4.7.3).

Created: 2026-03-31 Last update: 2026-04-03 01:30

testing migrations

excuses:
- Migration status for diffoscope (315 to 316): Waiting for test results or another package, or too young (no action required now - check later)
- Issues preventing migration:
- ∙ ∙ Autopkgtest for diffoscope/316: amd64: Pass, arm64: Pass, i386: Pass, ppc64el: Test triggered, riscv64: Pass, s390x: Test triggered
- ∙ ∙ Autopkgtest for reprotest/0.7.32: amd64: Pass, arm64: Pass, i386: Pass, ppc64el: Test triggered, riscv64: Pass, s390x: Test triggered
- ∙ ∙ Autopkgtest for rsync/3.4.1+ds1-7: amd64: Pass, arm64: Pass, i386: Pass, ppc64el: Test triggered, riscv64: Pass, s390x: Test triggered
- ∙ ∙ Autopkgtest for sbuild/0.91.5: arm64: Pass ♻, i386: Pass ♻ (reference ♻)
- ∙ ∙ Autopkgtest for sbuild/0.91.7: amd64: Pass, ppc64el: Test triggered, riscv64: Pass, s390x: Test triggered
- ∙ ∙ Too young, only 0 of 5 days old
- Additional info (not blocking):
- ∙ ∙ Piuparts tested OK - https://piuparts.debian.org/sid/source/d/diffoscope.html
- ∙ ∙ Reproduced on amd64
- ∙ ∙ Reproduced on arm64
- ∙ ∙ Reproduced on armhf
- ∙ ∙ Reproduced on i386
- ∙ ∙ Reproduced on ppc64el
- Not considered

news

[rss feed]

[2026-04-02] Accepted diffoscope 316 (source) into unstable (Chris Lamb)
[2026-03-24] diffoscope 315 MIGRATED to testing (Debian testing watch)
[2026-03-20] Accepted diffoscope 315 (source) into unstable (Chris Lamb)
[2026-03-17] diffoscope 314 MIGRATED to testing (Debian testing watch)
[2026-03-13] Accepted diffoscope 314 (source) into unstable (Chris Lamb)
[2026-02-24] diffoscope 313 MIGRATED to testing (Debian testing watch)
[2026-02-20] Accepted diffoscope 313 (source) into unstable (Chris Lamb)
[2026-02-10] diffoscope 312 MIGRATED to testing (Debian testing watch)
[2026-02-06] Accepted diffoscope 312 (source) into unstable (Chris Lamb)
[2026-01-26] diffoscope 311 MIGRATED to testing (Debian testing watch)
[2026-01-23] Accepted diffoscope 311 (source) into unstable (Chris Lamb)
[2026-01-14] diffoscope 310 MIGRATED to testing (Debian testing watch)
[2026-01-09] Accepted diffoscope 310 (source) into unstable (Chris Lamb)
[2025-12-20] Accepted diffoscope 297+deb13u1 (source) into proposed-updates (Debian FTP Masters) (signed by: Chris Lamb)
[2025-11-18] diffoscope 309 MIGRATED to testing (Debian testing watch)
[2025-11-14] Accepted diffoscope 309 (source) into unstable (Chris Lamb)
[2025-11-10] diffoscope 308 MIGRATED to testing (Debian testing watch)
[2025-11-07] Accepted diffoscope 308 (source) into unstable (Chris Lamb)
[2025-11-03] diffoscope 307 MIGRATED to testing (Debian testing watch)
[2025-11-01] Accepted diffoscope 306~bpo13+1 (source all) into stable-backports (Debian FTP Masters) (signed by: Mattia Rizzolo)
[2025-10-31] Accepted diffoscope 307 (source) into unstable (Chris Lamb)
[2025-10-29] diffoscope 306 MIGRATED to testing (Debian testing watch)
[2025-10-28] diffoscope REMOVED from testing (Debian testing watch)
[2025-09-11] diffoscope 306 MIGRATED to testing (Debian testing watch)
[2025-09-07] Accepted diffoscope 306 (source) into unstable (Chris Lamb)
[2025-08-25] diffoscope 305 MIGRATED to testing (Debian testing watch)
[2025-08-22] Accepted diffoscope 305 (source) into unstable (Chris Lamb)
[2025-08-22] Accepted diffoscope 304 (source) into experimental (Chris Lamb)
[2025-08-01] Accepted diffoscope 303 (source) into experimental (Chris Lamb)
[2025-07-25] Accepted diffoscope 302 (source) into experimental (Chris Lamb)

bugs [bug history graph]

all: 32 33
RC: 0
I&N: 12
M&W: 20 21
F&P: 0
patch: 0

links

homepage
lintian (1, 1)
buildd: logs, reproducibility
popcon
browse source code
edit tags
other distros
security tracker
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 314