this package seems to have new commits in its VCS but has
not yet updated debian/changelog. You should consider updating
the Debian changelog and uploading this new version into the archive.
Here are the relevant commit logs:
Author: Sebastian Ramacher <email@example.com>
Date: Tue Aug 20 20:38:31 2019 +0200
Also mention another CVE