openssh (1:9.9p2-1) unstable; urgency=medium
 .
   * New upstream release:
     - CVE-2025-26465: ssh(1) in OpenSSH versions 6.8p1 to 9.9p1 (inclusive)
       contained a logic error that allowed an on-path attacker (a.k.a MITM)
       to impersonate any server when the VerifyHostKeyDNS option is enabled.
       This option is off by default.
     - CVE-2025-26466: sshd(8) in OpenSSH versions 9.5p1 to 9.9p1 (inclusive)
       is vulnerable to a memory/CPU denial-of-service related to the
       handling of SSH2_MSG_PING packets. This condition may be mitigated
       using the existing PerSourcePenalties feature.
     - ssh(1), sshd(8): fix regression in Match directive that caused
       failures when predicates and their arguments were separated by '='
       characters instead of whitespace (bz3739).
     - sshd(8): fix the "Match invalid-user" predicate, which was matching
       incorrectly in the initial pass of config evaluation.



REMOVED: calamares-extensions 3.3.12-1
REMOVED: heudiconv 1.3.2-1
REMOVED: calamares-settings-mobian 0.3.6
REMOVED: mlpack 4.5.1-1
REMOVED: runsnakerun 2.0.5-3
REMOVED: python-asv-bench-memray 0.1.2-2
REMOVED: ensmallen 2.21.1-1
REMOVED: custodia 0.6.0-5.1
REMOVED: datalad 1.1.4-1
REMOVED: datalad-container 1.2.5-1
REMOVED: python-memray 1.15.0+dfsg-1
REMOVED: datalad-next 1.5.0-1
REMOVED: python-returns 0.24.0-1
REMOVED: pep8 1.7.1-11
REMOVED: textual 1.0.0-1