* Merge from Debian testing. Remaining changes: - Install run-time libraries into /lib rather than /usr/lib, since dbus-daemon is in /bin and links to libexpat. * debian/control (Depends): Fixed debhelper-but-no-misc-depends. * debian/patches/560901_CVE_2009_3560.dpatch: Adjusted. - lib/xmlparse.c (doProlog): Revised patch for CVE-2009-3560 after regressions have been detected (closes: #561658). Many thanks to Niko Tyni and Karl Waclawek for their help and the fix. * debian/patches/560901_CVE_2009_3560.dpatch: Added. - lib/xmlparse.c (doProlog): Fix DoS vulnerability CVE-2009-3560 (closes: #560901). * debian/patches/00list: Adjusted. * debian/control (Standards-Version): Bumped to 3.8.3. (Priority, Section): Fixed binary-control-field-duplicates-source. (Description): Fixed extended-description-is-probably-too-short and duplicate-long-description. * debian/rules (CFLAGS): Drop useless '-pthread -D_REENTRANT' from version 1.95-8-1 (closes: #551079). * debian/README.source: Added for policy compliance. * debian/patches/551936_CVE_2009_2625.dpatch: Added. - lib/xmltok_impl.c (updatePosition): Fix DoS vulnerability CVE-2009-2625 and CVE-2009-3720 (closes: #551936). * debian/patches/00list: Adjusted.