-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 13 Jun 2026 11:44:25 +0200
Source: libcrypt-pbkdf2-perl
Architecture: source
Version: 0.261630-1~deb13u1~deb12u1
Distribution: bookworm
Urgency: medium
Maintainer: Debian Perl Group <pkg-perl-maintainers@lists.alioth.debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Closes: 1139867
Changes:
 libcrypt-pbkdf2-perl (0.261630-1~deb13u1~deb12u1) bookworm; urgency=medium
 .
   * Rebuild for bookworm
 .
 libcrypt-pbkdf2-perl (0.261630-1~deb13u1) trixie; urgency=medium
 .
   * Rebuild for trixie
   * Revert "Annotate test-only build dependencies with <!nocheck>."
   * Revert "Remove «Priority: optional», which is the current default."
   * Revert "Declare compliance with Debian Policy 4.7.4."
 .
 libcrypt-pbkdf2-perl (0.261630-1) unstable; urgency=medium
 .
   * Team upload.
   * Import upstream version 0.261630.
     - Change the default hash algorithm to HMAC-SHA256, and increase the
       default number of iterations to 600,000 (CVE-2026-9641).
     - Generate salts using Crypt::URandom instead of perl's builtin `rand()`
       (CVE-2026-9638).
     - Use a constant-time comparison in `validate` to avoid timing attacks
       (CVE-2017-20240).
     Closes: #1139867
   * Update debian/upstream/metadata.
   * Update years of upstream copyright.
   * debian/control: update build/test/runtime dependencies.
   * Declare compliance with Debian Policy 4.7.4.
   * Remove «Priority: optional», which is the current default.
   * Annotate test-only build dependencies with <!nocheck>.
Checksums-Sha1: 
 fad42c21848cc5c2db12b9f445145feab64569ca 2645 libcrypt-pbkdf2-perl_0.261630-1~deb13u1~deb12u1.dsc
 e13f51e8c7c4207f3a3388037bdd7220ab43a3da 3144 libcrypt-pbkdf2-perl_0.261630-1~deb13u1~deb12u1.debian.tar.xz
Checksums-Sha256: 
 f4ec042834364d8d21b4911418f87481ff74f3929f34d2ddceef6ba163e92738 2645 libcrypt-pbkdf2-perl_0.261630-1~deb13u1~deb12u1.dsc
 e0d246652b45fc2df5bd53dccfadb98ec112ebb3f9c1c3e4fa54625d5296e1b3 3144 libcrypt-pbkdf2-perl_0.261630-1~deb13u1~deb12u1.debian.tar.xz
Files: 
 49b0155894f7edc8c75392c4359dd265 2645 perl optional libcrypt-pbkdf2-perl_0.261630-1~deb13u1~deb12u1.dsc
 a521da6cfd7fdb61d3c5b9f69d9fc6f9 3144 perl optional libcrypt-pbkdf2-perl_0.261630-1~deb13u1~deb12u1.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmotcRdfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89E8YYP/jef3lpIjhs7Z9LpitYZzV0vBzo5FmkC
9WP0vvfkp8qSg0AIRF+UVYXFZU8YIwVqcwkUKwV+DftEoqh+qyPgUxudnTnc0Tzq
+jSxPf8NjhUoti6Gc/CPhnnNSycz2qy7ntUE967Gwew4llsoIz0yhhFHdbEXushk
wohlzqOUU+3T2GfXFvQd9KAeUTb73W3VppMdLiXkDP+BrKitftPp5Kg4WSS0zN4k
hzkbfZiwusdBdeUoFxu0pqUMvJJIz3bWEi0ntQn24OxXhECJcDRrVjMs8zmGAWyG
9P4OjAS3o6NWv/0zZpjGixB6abnn5fEO5rCHZ+64HISYhUhph/84yoKrNu2+IoPu
jvcrepGi8x0FeFUSoilg+VE5afSPDnQYZwYcvDT3JK402LuoWqxiYcuIx//3lJs8
FctWkOOqPM3kmJo1aexWFdH7hfDGOROtx1w4IL/MVN7j6cRVI/Rsj1An3DY4/Cwf
WGg2IYj/fiVUAb2tEi76SeJp9vTOhXx5O+qpc0xs45oFc2yQOeukezT1zkfy/1S8
X3/aShy+JSZHpKAiTF/TX1YjLszwqjkV6t0YxQPIQAA0c3UR1T3jDX6xGaXCCq5L
LIJMLZKWuuwRWKNFBy9i18V6skEwGJM2ZJzyd3eBvl3W8WTHzbmfp75Yo+Uu1gH8
SGAeUig0hzq1
=KBUR
-----END PGP SIGNATURE-----