Merge version 1.0.11-0+deb11u3+rpi1 and 1.0.11-0+deb11u4 to produce 1.0.11-0+deb11u4...

diff --cc debian/changelog
index 6cab4929d24411ed6e3ef9429e7cf723c7f95e96,afe6b48432413db0f9784de60d63f7283139c7ec..0d20532ece36b0cfbb8165b1afd9a37473a73844
--- 1/debian/changelog
--- 2/debian/changelog
+++ b/debian/changelog
@@@ -1,9 -1,11 +1,18 @@@
- libde265 (1.0.11-0+deb11u3+rpi1) bullseye-staging; urgency=medium
++libde265 (1.0.11-0+deb11u4+rpi1) bullseye-staging; urgency=medium
 +
 +  [changes brought forward from 1.0.2-1+rpi1 by Peter Michael Green <plugwash@raspbian.org> at Sun, 04 Oct 2015 21:44:10 +0000]
 +  * Disable neon.
 +
-  -- Raspbian forward porter <root@raspbian.org>  Thu, 15 Feb 2024 21:06:55 +0000
++ -- Raspbian forward porter <root@raspbian.org>  Tue, 28 Apr 2026 14:42:49 +0000
++
+ libde265 (1.0.11-0+deb11u4) bullseye-security; urgency=high
+ 
+   * Non-maintainer upload by the LTS Security Team.
+   * CVE-2023-51792: check validity of conformance window parameters
+   * CVE-2026-33164 + CVE-2026-33165: fix reallocation of metadata array...
+     ... when ctb size changes (Closes: #1131468, #1131469)
+ 
+  -- Andreas Henriksson <andreas@fatal.se>  Thu, 23 Apr 2026 12:45:20 +0200
  
  libde265 (1.0.11-0+deb11u3) bullseye; urgency=high
  

diff --cc debian/patches/series
index 3a7f904ceed8d6c67a7fda357466d7b0a292183c,2e532212aa11de52515f65417153ecb009384535..ca3102657f17653ea6297b1b47a0a3d1abab3658
--- 1/debian/patches/series
--- 2/debian/patches/series
+++ b/debian/patches/series
@@@ -11,4 -10,5 +10,6 @@@ CVE-2023-47471.patc
  CVE-2023-49465.patch
  CVE-2023-49467.patch
  CVE-2023-49468.patch
+ 0013-check-validity-of-conformance-window-parameters-fixe.patch
+ 0014-fix-reallocation-of-metadata-array-when-ctb-size-cha.patch
 +disable-neon.patch