* SECURITY UPDATE: acceptance of hosts not listed in specified known_hosts file during SSH-based transfers - debian/patches/CVE-2025-15079.patch: Set both knownhosts options to same file and fix surprises caused by libssh exposing separate KNOWNHOSTS and GLOBAL_KNOWNHOSTS options. - CVE-2025-15079 * Regenerate Server-localhost-lastSAN-sv test certificate with SHA-256 - debian/patches/regenerate-lastSAN-cert-sha256.patch: Fix "ca md too weak" error with OpenSSL 1.1.1+ by replacing SHA-1 signed certificate with SHA-256. Also fixes Makefile.am bug for lastSAN target. * Update failed test - debian/patches/26_CVE-2021-22876.patch: Update test to avoid using unsupported commands * Update failed test - debian/patches/fix-test323-errorcode.patch: two valid error codes now * Disable some tests - debian/rules: add option to disable tests marked as flaky, fail the build if any test fails - debian/patches/add-flaky-to-test1592.patch: mark test1592 as flaky - debian/patches/disable-nss-failing-tests.patch: libnsspem.so is not available on Debian 10 * Remove unsupported test: - debian/patches/test8-verify-that-ctrl-byte-cookies-are-ignored.patch: no ctrl-byte-cookies are supported