Version in base suite: 13+2025.07.16

Base version: debian-security-support_13+2025.07.16
Target version: debian-security-support_13+2026.01.04
Base file: /srv/ftp-master.debian.org/ftp/pool/main/d/debian-security-support/debian-security-support_13+2025.07.16.dsc
Target file: /srv/ftp-master.debian.org/policy/pool/main/d/debian-security-support/debian-security-support_13+2026.01.04.dsc

 debian/changelog       |   13 +++++++++++++
 security-support.deb11 |    1 +
 security-support.deb12 |    2 ++
 security-support.deb13 |    3 +++
 4 files changed, 19 insertions(+)

dpkg-source: warning: cannot verify inline signature for /srv/release.debian.org/tmp/tmp514soi1d/debian-security-support_13+2025.07.16.dsc: no acceptable signature found
dpkg-source: warning: cannot verify inline signature for /srv/release.debian.org/tmp/tmp514soi1d/debian-security-support_13+2026.01.04.dsc: no acceptable signature found
diff -Nru debian-security-support-13+2025.07.16/debian/changelog debian-security-support-13+2026.01.04/debian/changelog
--- debian-security-support-13+2025.07.16/debian/changelog	2025-07-16 12:09:24.000000000 +0000
+++ debian-security-support-13+2026.01.04/debian/changelog	2026-01-04 12:09:01.000000000 +0000
@@ -1,3 +1,16 @@
+debian-security-support (1:13+2026.01.04) trixie; urgency=medium
+
+  [ Holger Levsen ]
+  * deb13: mark wpewebkit as unsupported. Closes: #1118273.
+
+  [ Jochen Sprickerhof ]
+  * deb13+12+11: mark hdf5 as limited supported. Closes: 1117607.
+
+  [ Moritz Muehlenhoff ]
+  * deb13+12: mark zabbix as limited support. Closes: #1124558.
+
+ -- Holger Levsen <holger@debian.org>  Sun, 04 Jan 2026 13:09:01 +0100
+
 debian-security-support (1:13+2025.07.16) unstable; urgency=medium
 
   [ Santiago Ruano Rincón ]
diff -Nru debian-security-support-13+2025.07.16/security-support.deb11 debian-security-support-13+2026.01.04/security-support.deb11
--- debian-security-support-13+2025.07.16/security-support.deb11	2025-07-12 10:36:57.000000000 +0000
+++ debian-security-support-13+2026.01.04/security-support.deb11	2026-01-04 12:08:38.000000000 +0000
@@ -23,6 +23,7 @@
 gobgp                            limited  See https://www.debian.org/releases/bullseye/amd64/release-notes.en.txt (Section 5.2.1.3)
 golang.*                         limited  See https://www.debian.org/releases/bullseye/amd64/release-notes.en.txt (Section 5.2.1.3)
 gpac                             non-supported   1.0.1+dfsg1-4+deb11u3            2024-08-08  https://lists.debian.org/debian-lts/2024/08/msg00007.html
+hdf5                             limited  Not covered by security support, only suitable for trusted content, see #1117722
 intel-mediasdk                   non-supported   21.1.0-1                         2024-11-07  abandoned upstream, upstream does not publish enough information to fix issues.
 iotjs                            non-supported   1.0+715-1                        2024-08-15  https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1078334
 jython                           non-supported   2.7.2+repack1-3                  2024-09-29  Includes python2.7 stdlib https://lists.debian.org/debian-lts/2024/08/msg00057.html
diff -Nru debian-security-support-13+2025.07.16/security-support.deb12 debian-security-support-13+2026.01.04/security-support.deb12
--- debian-security-support-13+2025.07.16/security-support.deb12	2025-07-12 10:35:35.000000000 +0000
+++ debian-security-support-13+2026.01.04/security-support.deb12	2026-01-04 12:08:38.000000000 +0000
@@ -20,6 +20,7 @@
 gnupg1                      limited  See #982258 and https://www.debian.org/releases/stretch/amd64/release-notes/ch-whats-new.en.html#modern-gnupg
 gobgp                       limited  See https://www.debian.org/releases/bookworm/amd64/release-notes/ch-information.en.html#golang-static-linking
 golang.*                    limited  See https://www.debian.org/releases/bookworm/amd64/release-notes/ch-information.en.html#golang-static-linking
+hdf5                        limited  Not covered by security support, only suitable for trusted content, see #1117722
 intel-mediasdk              non-supported   22.5.4-1  2024-11-21  abandoned upstream, upstream does not publish enough information to fix issues.
 jython                      limited  Includes python2.7 stdlib, support limited until Py3 port, see #975058 and https://lists.debian.org/debian-lts/2024/08/msg00027.html
 kde4libs                    limited  khtml has no security support upstream, only for use on trusted content
@@ -42,4 +43,5 @@
 tiles                       limited  Only supported for building packages, #1057343
 vte                         limited  Not covered by security support, only used by debian-installer, #1082885
 wpewebkit                   non-supported   2.38.6-1  2023-05-09  https://bugs.debian.org/1035794
+zabbix                      limited  The WEB UI is only supported for access by trusted users, no security updates issued for it, #1124558
 zoneminder                  limited  See README.Debian.security, only supported behind an authenticated HTTP zone, #922724
diff -Nru debian-security-support-13+2025.07.16/security-support.deb13 debian-security-support-13+2026.01.04/security-support.deb13
--- debian-security-support-13+2025.07.16/security-support.deb13	2025-07-12 09:44:36.000000000 +0000
+++ debian-security-support-13+2026.01.04/security-support.deb13	2026-01-04 11:55:18.000000000 +0000
@@ -20,6 +20,7 @@
 gnupg1                      limited  See #982258 and https://www.debian.org/releases/stretch/amd64/release-notes/ch-whats-new.en.html#modern-gnupg
 gobgp                       limited  See https://www.debian.org/releases/trixie/release-notes/issues.en.html#go-and-rust-based-packages
 golang.*                    limited  See https://www.debian.org/releases/trixie/release-notes/issues.en.html#go-and-rust-based-packages
+hdf5                        limited  Not covered by security support, only suitable for trusted content, see #1117722
 isc-dhcp                    non-supported   4.4.3-P1-2       2023-07-05  https://lists.isc.org/pipermail/dhcp-users/2022-October/022786.html
 jython                      limited  Includes python2.7 stdlib, support limited until Py3 port, see #975058 and https://lists.debian.org/debian-lts/2024/08/msg00027.html
 kde4libs                    limited  khtml has no security support upstream, only for use on trusted content
@@ -39,4 +40,6 @@
 sql-ledger                  limited  Only supported behind an authenticated HTTP zone
 tiles                       limited  Only supported for building packages, #1057343
 vte                         limited  Not covered by security support, only used by debian-installer, #1082885
+wpewebkit                   non-supported   2.38.6-1  2026-01-04  wpewebkit is generally unsupported from bookworm onwards, see #1118273, #1035997 and #1035794
+zabbix                      limited  The WEB UI is only supported for access by trusted users, no security updates issued for it, #1124558
 zoneminder                  limited  See README.Debian.security, only supported behind an authenticated HTTP zone, #922724