commit dab6c51e5eeb0489b2160b521566b2c1ebe8f4d4
Author: Santiago Ruano Rincón <santiago@debian.org>
Date: Sun May 31 16:58:34 2026 -0300
Mark some packages as non supported in bookworm LTS
By the input from the security team, these packages are difficult to
support for the LTS period of bookworm:
- lxd: has open vulnerabilities whose fixes are too complex to be
backported.
- mbedtls: crytpo library difficult to support in the long term
- mimetex: upstream project no longer exists
- opennds: open vulnerabilities whose fixes are too complex to be
backported.
- ruby-saml: was introduced for gitlab, and no reverse dependencies
remain in bookworm
- smb4k: open vulnerabilities whose fixes are too complex to be
backported.
- wolfssl: crypto library difficult to support in the long term.
Closes: #1138294
Signed-off-by: Santiago Ruano Rincón <santiago@debian.org>
(cherry picked from commit 7552a90904acd5295ed6ec9db15ccfc405a076d0)
Signed-off-by: Holger Levsen <holger@layer-acht.org>
commit ee9c9eabf6612a284ccf0ef45e4e64911f42427c
Author: Santiago Ruano Rincón <santiago@debian.org>
Date: Thu May 28 22:31:42 2026 -0300
Mark webkit2gtk in bullseye with limited support instead of non-supported
Based on Emilio's comment: Traditionally we have considered webkit as
"limited support": i.e. it is fine to be used for trusted content. E.g.
apps like yelp (GNOME's help viewer), devhelp (GNOME's API viewer) are
fine to use, but not full web views (e.g. epiphany with untrusted
content).
Signed-off-by: Santiago Ruano Rincón <santiago@debian.org>
commit ff2d74fe2893003be957010ffa7f5c96efc36aad
Author: Santiago Ruano Rincón <santiago@debian.org>
Date: Thu May 28 22:30:42 2026 -0300
Mark webkit2gtk in bookworm with limited support instead of non-supported
Based on Emilio's comment: Traditionally we have considered webkit as
"limited support": i.e. it is fine to be used for trusted content. E.g.
apps like yelp (GNOME's help viewer), devhelp (GNOME's API viewer) are
fine to use, but not full web views (e.g. epiphany with untrusted
content).
Signed-off-by: Santiago Ruano Rincón <santiago@debian.org>
commit 97bb378bcfe2432566efb4e9148bfeed6fc1aab5
Author: Santiago Ruano Rincón <santiago@debian.org>
Date: Thu Apr 30 14:17:37 2026 -0300
Mark suricata as non-supported in bullseye
Upstream security support ended in Aug 2024 and backporting fixes is now unfeasible
Signed-off-by: Santiago Ruano Rincón <santiago@debian.org>
commit c2ad87fee7896170212a9acf71a58431495fc81d
Author: Santiago Ruano Rincón <santiago@debian.org>
Date: Thu Apr 30 14:14:03 2026 -0300
Mark suricata as non-supported in bookworm
Upstream security support ended in Aug 2024 and backporting fixes is now
unfeasible
Closes: #1134367
Signed-off-by: Santiago Ruano Rincón <santiago@debian.org>
commit 90e5caac963166e4a0329d24ced71a2b6c04726e
Author: Alexandre Detiste <tchet@debian.org>
Date: Fri May 15 21:33:41 2026 +0200
use dh-cruft to register & purge /var/lib/debian-security-support/ (Closes: #1135845, #990432)
commit eb439c7dff88bc4540cb7fa4519e18566144cddb
Author: Holger Levsen <holger@layer-acht.org>
Date: Thu May 7 11:58:23 2026 +0200
Start 1:14+2026.05.08 development.
d/changelog entries will be written on release
using the git commit messages.
Use 'gbp dch --since 1%14+2026.05.07 --multimaint-merge'
to write d/changelog entries since that last release.
Gbp-Dch: ignore
Signed-off-by: Holger Levsen <holger@layer-acht.org>
Automatic checks made by the Debian l10n team found some issues with the translations contained in this package. You should check the l10n status report for more information.
Issues can be things such as missing translations, problematic translated strings, outdated PO files, unknown languages, etc.
![[bug history graph]](https://qa.debian.org/data/bts/graphs/d/debian-security-support.png){kind=link}