dcmtk (3.6.9-4) unstable; urgency=medium
 .
   * Team upload.
   * Reinstate 0007-CVE-2024-47796.patch and 0008-CVE-2024-52333.patch.
     These were not part of dcmtk 3.6.9 upstream and still apply.
     Thanks to Salvatore Bonaccorso
   * 0009-CVE-2025-25475.patch: new: fix CVE-2025-25475. (Closes: #1098373)
   * 0010-CVE-2025-25474.patch: new: fix CVE-2025-25474. (Closes: #1098374)
   * 0011-CVE-2025-25472.patch: new: fix CVE-2025-25472.
dcmtk (3.6.9-3) unstable; urgency=medium
 .
   * d/patches: Remove old unused patches
   * d/doc: Make sure to reference 3.6.9 path
   * d/watch: Properly watch upstream on github
dcmtk (3.6.9-2) experimental; urgency=medium
 .
   * d/t/run-unit-test: Adapt to new installation
dcmtk (3.6.9-1) experimental; urgency=medium
 .
   * New upstream version 3.6.9
   * d/install: Migrate to new SOVERSION
   * d/patches: Refresh patches

h5py (3.13.0-1) unstable; urgency=medium
 .
   * New upstream release

openimageio (2.5.18.0+dfsg-1) unstable; urgency=medium
 .
   * New upstream release
     (Closes: #1094398, #1094408, #1094410, #1094411)
     This release addresses the following security issues:
     CVE-2024-55192, CVE-2024-55193, CVE-2024-55194, CVE-2024-55195

orthanc (1.12.6+dfsg-1) unstable; urgency=medium
 .
   * New upstream version

postgresql-17 (17.4-1) unstable; urgency=medium
 .
   * New upstream version 17.4.
 .
     + Improve behavior of libpq's quoting functions (Andres Freund, Tom Lane)
 .
       The changes made for CVE-2025-1094 had one serious oversight:
       PQescapeLiteral() and PQescapeIdentifier() failed to honor their string
       length parameter, instead always reading to the input string's trailing
       null.  This resulted in including unwanted text in the output, if the
       caller intended to truncate the string via the length parameter.  With
       very bad luck it could cause a crash due to reading off the end of
       memory.
 .
       In addition, modify all these quoting functions so that when invalid
       encoding is detected, an invalid sequence is substituted for just the
       first byte of the presumed character, not all of it.  This reduces the
       risk of problems if a calling application performs additional processing
       on the quoted string.
 .
   * Build-depend on openssl. (Closes: #1096243)
   * Added po-debconf Catalan translation by Carles Pina i Estany, thanks!

rust-diesel-table-macro-syntax (0.2.0-1) unstable; urgency=medium
 .
   * Package diesel_table_macro_syntax 0.2.0 from crates.io using debcargo 2.7.7

rust-pango-sys (0.20.9-1) unstable; urgency=medium
 .
   * Team upload
   * Package pango-sys 0.20.9 from crates.io using debcargo 2.7.6

sight (24.1.0-2) unstable; urgency=medium
 .
   * Team upload.
   * [1d3de11] Add missing build-dep packages.  Closes: #1094050.
   * [f5fe527] Fix usage of itkTypeMacro().  Closes: #1094894.