libpgjava (42.7.7-1) [PTS] [DDPO]

OK: VCS matches the version in the archive

Git: https://salsa.debian.org/java-team/libpostgresql-jdbc-java.git
JSON
Enter a full Vcs-* header, supported schemes are: Vcs-Bzr, Vcs-Cvs, Vcs-Darcs, Vcs-Git, Vcs-Hg, Vcs-Mtn, Vcs-Svn.
For Vcs-Git append -b branch to select the branch name; append [subdir] if the debian/ directory is not in the repository root.
The next upload will reset the information from the source package headers.
Branch: master
Path: debian/changelog
Repo size: 3362816
Browser: https://salsa.debian.org/java-team/libpostgresql-jdbc-java
Last scan: 2025-07-14 12:51:07+00
Next scan: 2025-07-21 13:17:00+00
CI pipeline status: success

Debian changelog in Git:

libpgjava (42.7.7-1) unstable; urgency=medium

  * New upstream version 42.7.7.
    Fixes CVE-2025-49146: When the PostgreSQL JDBC driver is configured with
    channel binding set to required (default value is prefer), the driver
    would incorrectly allow connections to proceed with authentication methods
    that do not support channel binding (such as password, MD5, GSS, or SSPI
    authentication). This could allow a man-in-the-middle attacker to
    intercept connections that users believed were protected by channel
    binding requirements.

 -- Christoph Berg <myon@debian.org>  Fri, 13 Jun 2025 15:26:53 +0200

This branch is even with tag debian/42.7.7-1