diff -Nru qpdf-11.3.0/debian/changelog qpdf-11.3.0/debian/changelog
--- qpdf-11.3.0/debian/changelog	2023-02-25 17:24:01.000000000 -0500
+++ qpdf-11.3.0/debian/changelog	2023-10-19 07:09:54.000000000 -0400
@@ -1,3 +1,16 @@
+qpdf (11.3.0-1ubuntu1) lunar; urgency=medium
+
+  * Fix data loss bug introduced in 11.0.0 and fixed in 11.6.3. The bug
+    causes the qpdf tokenizer to discard the character after a one-digit
+    or two-digit quoted octal string. Most writers don't create these, and
+    they are rare outside of content streams. By default, qpdf doesn't
+    parse content streams. The most common place for this to occur would
+    be in a document's /ID string, but in the worst case, this bug could
+    cause silent damage to some strings in a PDF file's metadata, such as
+    bookmark names or form field values.
+
+ -- Jay Berkenbilt <qjb@debian.org>  Thu, 19 Oct 2023 07:09:54 -0400
+
 qpdf (11.3.0-1) unstable; urgency=medium
 
   * New upstream release.
diff -Nru qpdf-11.3.0/debian/patches/series qpdf-11.3.0/debian/patches/series
--- qpdf-11.3.0/debian/patches/series	2023-02-25 17:24:01.000000000 -0500
+++ qpdf-11.3.0/debian/patches/series	2023-10-19 07:09:54.000000000 -0400
@@ -0,0 +1 @@
+tokenizer-1ecc6bb2 -p1
diff -Nru qpdf-11.3.0/debian/patches/tokenizer-1ecc6bb2 qpdf-11.3.0/debian/patches/tokenizer-1ecc6bb2
--- qpdf-11.3.0/debian/patches/tokenizer-1ecc6bb2	1969-12-31 19:00:00.000000000 -0500
+++ qpdf-11.3.0/debian/patches/tokenizer-1ecc6bb2	2023-10-19 07:09:54.000000000 -0400
@@ -0,0 +1,34 @@
+Description: data loss in qpdf lexical layer
+ This was fixed upstream in 11.6.3.
+Author: Jay Berkenbilt <ejb@ql.org>
+Bug: https://github.com/qpdf/qpdf/issues/1050
+Bug-Debian: http://bugs.debian.org/1054158
+
+--- a/libqpdf/QPDFTokenizer.cc.orig	2023-10-17 07:19:31.829119946 -0400
++++ a/libqpdf/QPDFTokenizer.cc	2023-10-17 07:20:55.689510562 -0400
+@@ -739,17 +739,22 @@
+ void
+ QPDFTokenizer::inCharCode(char ch)
+ {
++    bool handled = false;
+     if (('0' <= ch) && (ch <= '7')) {
+         this->char_code = 8 * this->char_code + (int(ch) - int('0'));
+         if (++(this->digit_count) < 3) {
+             return;
+         }
+-        // We've accumulated \ddd.  PDF Spec says to ignore
+-        // high-order overflow.
++        handled = true;
+     }
++    // We've accumulated \ddd or we have \d or \dd followed by other
++    // than an octal digit. The PDF Spec says to ignore high-order
++    // overflow.
+     this->val += char(this->char_code % 256);
+     this->state = st_in_string;
+-    return;
++    if (!handled) {
++        inString(ch);
++    }
+ }
+ 
+ void