From: Raspbian automatic forward porter <root@raspbian.org>
Date: Sat, 23 May 2026 00:07:19 +0000 (+0100)
Subject: Merge version 0.22.0-3+rpi1 and 0.23.0-3 to produce 0.23.0-3+rpi1
X-Git-Tag: archive/raspbian/0.23.0-3+rpi1^0
X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=9132872e811cf4d16ca7366c994629ad41d099cb;p=thrift.git

Merge version 0.22.0-3+rpi1 and 0.23.0-3 to produce 0.23.0-3+rpi1
---

9132872e811cf4d16ca7366c994629ad41d099cb
diff --cc debian/changelog
index 80d460b,258bdb1..57935e9
--- a/debian/changelog
+++ b/debian/changelog
@@@ -1,9 -1,38 +1,45 @@@
- thrift (0.22.0-3+rpi1) forky-staging; urgency=medium
++thrift (0.23.0-3+rpi1) forky-staging; urgency=medium
 +
 +  [changes brought forward from 0.13.0-5+rpi1 by Peter Michael Green <plugwash@raspbian.org> at Sun, 22 Nov 2020 14:00:47 +0000]
 +  * Link with libatomic on armhf too for raspbian.
 +
-  -- Raspbian forward porter <root@raspbian.org>  Sat, 17 Jan 2026 06:15:25 +0000
++ -- Raspbian forward porter <root@raspbian.org>  Sat, 23 May 2026 00:07:19 +0000
++
+ thrift (0.23.0-3) unstable; urgency=medium
+ 
+   * Upload to Sid.
+ 
+  -- Laszlo Boszormenyi (GCS) <gcs@debian.org>  Sat, 09 May 2026 13:29:42 +0000
+ 
+ thrift (0.23.0-2) experimental; urgency=medium
+ 
+   * Fix 32 bit Golang FTBFS.
+ 
+  -- Laszlo Boszormenyi (GCS) <gcs@debian.org>  Wed, 06 May 2026 22:03:17 +0200
+ 
+ thrift (0.23.0-1) experimental; urgency=medium
+ 
+   * New major upstream release (closes: #1135348):
+     - fixes CVE-2025-48431: mismatched memory management routines
+       vulnerability,
+     - fixes CVE-2026-41602: integer overflow or wraparound vulnerability,
+     - fixes CVE-2026-41603: improper validation of certificate with host
+       mismatch vulnerability,
+     - fixes CVE-2026-41606: uncontrolled recursion vulnerability,
+     - fixes CVE-2026-41607: out of bounds read vulnerability.
+   * Rename related packages to -0.23.0 suffix.
+   * Build without deprecated Qt5 (closes: #1133038).
+   * Update copyright file.
+   * Update watch file.
+ 
+  -- Laszlo Boszormenyi (GCS) <gcs@debian.org>  Fri, 01 May 2026 15:26:07 +0200
+ 
+ thrift (0.22.0-4) unstable; urgency=medium
+ 
+   * Do not try to link with Boost System library anymore.
+   * Fix type formatting in Go tests (closes: #1129168).
+ 
+  -- Laszlo Boszormenyi (GCS) <gcs@debian.org>  Fri, 01 May 2026 11:01:01 +0200
  
  thrift (0.22.0-3) unstable; urgency=medium