lcms2 (2.19.1-1) [PTS] [DDPO]

OK: VCS matches the version in the archive

Git: https://salsa.debian.org/debian/lcms2.git
JSON
Enter a full Vcs-* header, supported schemes are: Vcs-Bzr, Vcs-Cvs, Vcs-Darcs, Vcs-Git, Vcs-Hg, Vcs-Mtn, Vcs-Svn.
For Vcs-Git append -b branch to select the branch name; append [subdir] if the debian/ directory is not in the repository root.
The next upload will reset the information from the source package headers.
Branch: master
Path: debian/changelog
Repo size: 311296
Browser: https://salsa.debian.org/debian/lcms2
Last scan: 2026-05-11 18:25:19+00
Next scan: 2026-05-19 13:41:00+00
CI pipeline status: failed

Debian changelog in Git:

lcms2 (2.19.1-1) unstable; urgency=medium

  * New upstream version 2.19.1
    - CVE-2026-41254: integer overflow in CubeSize() (Closes: #1134335)
    - CVE-2026-42798: integer overflow in ParseCube() (Closes: #1135320)
  * Refresh patches
  * Remove patches (applied upstream):
    - 0001-Fix-integer-overflow-in-CubeSize.patch
    - 0002-check-for-overflow.patch
  * Update doc-base files for new 2.19 upstream version
  * Bump standards version to 4.7.4, no changes needed
  * Update symbols file
  * Move from pkg-config to pkgconf in the testsuite.
    Thanks to Lintian
  * Acknowledge NMU
    Thanks to Adrian Bunk <bunk@debian.org>

 -- Thomas Weber <tweber@debian.org>  Thu, 07 May 2026 23:33:40 +0200

This branch is even with tag debian/2.19.1-1