Sorry, the changelog is wrong, it was actually not removed, just changed location:
--- a/debian/libmariadb-dev.install +++ b/debian/libmariadb-dev.install @@ -8,4 +8,4 @@ usr/lib/*/libmysqlservices.a usr/share/aclocal/mysql.m4 usr/share/man/man1/mysql_config.1 usr/lib/pkgconfig/libmariadb.pc usr/lib/${DEB_HOST_MULTIARCH}/pkgconfig/ -usr/share/pkgconfig/mariadb.pc usr/lib/${DEB_HOST_MULTIARCH}/pkgconfig/ +usr/lib/*/pkgconfig/mariadb.pc So upstream adopted our view of what the location should be, so the move was removed. End result is that location is exactly the same. This is the correct changelog: mariadb-10.3 (1:10.3.23-0+deb10u1) buster; urgency=high * SECURITY UPDATE: New upstream version 10.3.23. Includes fixes for the following security vulnerabilities (Closes: #961849): - CVE-2020-2752 - CVE-2020-2760 - CVE-2020-2812 - CVE-2020-2814 - CVE-2020-13249 * Backport upstream patch to fix regression in RocksDB ZSTD detection which prevents a serious bug and also autopkgtest detectable regression. * Update libmariadb symbols for upstream release 3.1.8. Upstream added one new symbol and it needs to be tracked in the symbols file. -- Otto Kekäläinen <o...@debian.org> Sat, 04 Jul 2020 15:31:51 +0300 Since the amendment is so small I will not attach a new debdiff. Latest source always visible at https://salsa.debian.org/mariadb-team/mariadb-10.3/-/tree/buster