Your message dated Sat, 09 May 2026 17:40:12 +0000
with message-id <[email protected]>
and subject line Bug#1136054: fixed in php8.4 8.4.21-1
has caused the Debian Bug report #1136054,
regarding php8.4: CVE-2025-14179 CVE-2026-6104 CVE-2026-6722 CVE-2026-6735
CVE-2026-7258 CVE-2026-7259 CVE-2026-7261 CVE-2026-7262 CVE-2026-7263
CVE-2026-7568
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1136054: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1136054
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: php8.4
Version: 8.4.20-1
Severity: grave
Tags: security upstream
Justification: user security hole
X-Debbugs-Cc: [email protected], Debian Security Team <[email protected]>
Hi,
The following vulnerabilities were published for php8.4.
CVE-2025-14179[0]
CVE-2026-6104[1]
CVE-2026-6722[2]
CVE-2026-6735[3]
CVE-2026-7258[4]
CVE-2026-7259[5]
CVE-2026-7261[6]
CVE-2026-7262[7]
CVE-2026-7263[8]
CVE-2026-7568[9]
Filling the bug as they are already fixed instable but not yet in
unstable and so fork.
If you fix the vulnerabilities please also make sure to include the
CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2025-14179
https://www.cve.org/CVERecord?id=CVE-2025-14179
[1] https://security-tracker.debian.org/tracker/CVE-2026-6104
https://www.cve.org/CVERecord?id=CVE-2026-6104
[2] https://security-tracker.debian.org/tracker/CVE-2026-6722
https://www.cve.org/CVERecord?id=CVE-2026-6722
[3] https://security-tracker.debian.org/tracker/CVE-2026-6735
https://www.cve.org/CVERecord?id=CVE-2026-6735
[4] https://security-tracker.debian.org/tracker/CVE-2026-7258
https://www.cve.org/CVERecord?id=CVE-2026-7258
[5] https://security-tracker.debian.org/tracker/CVE-2026-7259
https://www.cve.org/CVERecord?id=CVE-2026-7259
[6] https://security-tracker.debian.org/tracker/CVE-2026-7261
https://www.cve.org/CVERecord?id=CVE-2026-7261
[7] https://security-tracker.debian.org/tracker/CVE-2026-7262
https://www.cve.org/CVERecord?id=CVE-2026-7262
[8] https://security-tracker.debian.org/tracker/CVE-2026-7263
https://www.cve.org/CVERecord?id=CVE-2026-7263
[9] https://security-tracker.debian.org/tracker/CVE-2026-7568
https://www.cve.org/CVERecord?id=CVE-2026-7568
Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: php8.4
Source-Version: 8.4.21-1
Done: Ondřej Surý <[email protected]>
We believe that the bug you reported is fixed in the latest version of
php8.4, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Ondřej Surý <[email protected]> (supplier of updated php8.4 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Thu, 07 May 2026 20:39:09 +0200
Source: php8.4
Architecture: source
Version: 8.4.21-1
Distribution: unstable
Urgency: medium
Maintainer: Debian PHP Maintainers <[email protected]>
Changed-By: Ondřej Surý <[email protected]>
Closes: 1136054
Changes:
php8.4 (8.4.21-1) unstable; urgency=medium
.
* New upstream version 8.4.21 (Closes: #1136054)
Checksums-Sha1:
28b66c66ccb7b1454343976d2d45fc299a27787d 5661 php8.4_8.4.21-1.dsc
f8a4690b8b3f1c231c111aaf70c7018f07d85dc9 13718684 php8.4_8.4.21.orig.tar.xz
d5029b47e5df829630ee2df4693dffa9426aea8c 265 php8.4_8.4.21.orig.tar.xz.asc
fc86f7fb29c16b57ba0eafd936cc5da0df166bfb 79620 php8.4_8.4.21-1.debian.tar.xz
db837b1bc77678feca1bac8b5facef1d1a97aa80 33107 php8.4_8.4.21-1_amd64.buildinfo
Checksums-Sha256:
6d143bc7624a8c4a207717c1d75ef4abdd8bb3d007e228a4ae49bafe73eeb67b 5661
php8.4_8.4.21-1.dsc
7cf5d8ab12c3b2016875bcfaec71bef1ef0b07bed6148f2c447577074431f984 13718684
php8.4_8.4.21.orig.tar.xz
d881c47bbbe1d6e8f4ef1b247894dc67ece6127e91661ca0903a81143bfe4a25 265
php8.4_8.4.21.orig.tar.xz.asc
e5793bfe438b3e28911eb8bd9fc7f99923256082571404afd4122b3abb83dcbe 79620
php8.4_8.4.21-1.debian.tar.xz
b9adfcde75e89a40b275d798d8b0024411f5387be59b020225382a2d0348bfdb 33107
php8.4_8.4.21-1_amd64.buildinfo
Files:
81c89b782fee89252dea2355fa57d396 5661 php optional php8.4_8.4.21-1.dsc
60dc752b6bb6ab1c8e8fd930d94c199f 13718684 php optional
php8.4_8.4.21.orig.tar.xz
3b47a8c0c849b79200cb5d78ddfccced 265 php optional php8.4_8.4.21.orig.tar.xz.asc
398fb2c0dcdce6a6c29177e0a1627663 79620 php optional
php8.4_8.4.21-1.debian.tar.xz
3b38179786bb48dc7a8b1c409269ed97 33107 php optional
php8.4_8.4.21-1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEEw2Gx4wKVQ+vGJel9g3Kkd++uWcIFAmn/LJFfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEMz
NjFCMUUzMDI5NTQzRUJDNjI1RTk3RDgzNzJBNDc3RUZBRTU5QzIACgkQg3Kkd++u
WcLZ+BAAhUTJymkuhcNKL1EEaEyoQsijjnAfYfTccMeWYKXsr9lyPuAOm7vIzbX3
eg15Q/ks+twwVIflly3SfbBOrnVP1iIk575mpLzGPPPIUdNKVNnnvtG7ZeK7hitn
+nHKAaC4TQLFuxgwsjc8gcnlc+cUjqxVTl5Ve0pfh+hCJtsORFsKO8bw85RHL+RA
J9xWoVt3PFNIi7w8Nf569nUUT+Su5XTt5jNfx3j0DQ+hA6FoUDo7Gcv0EK0tYjY7
SpIEUAIXKzWsgj+K+cIdoWrYi91YT3iadajzhJFq7i3ftD0DrlMclk3BPU7QvrvP
G27LDyzlW2Gh/otbz+NU2phwPEma1bceg+a/s1k/p9y4cO7MX6Ut10FeyhfI7SlD
nZ2/94UR4xVkt46ip3z9kyyPFVw+EjJD3EplQ3lZLplYJfmvB6gz9SR7IqFlFzqW
+GRzBH1pvh8pGY1NF+KO0d7dsjuuxsehfpFxV/m976d/PVKxWFpVf+4Msf/zFKct
zTvp9y/FMA4ODYTgU3vgmPn+cl42JDtmndoHG/T96oi/erTTQucp0Crcgi23vofF
ew0pJBEdDEOlR8fOk7iQSOAtK7cwAN9WwNAjFW0CeGxSnnwWt2pD3W4Ovb0QEjSu
ExpEcMgW0vpz3GuxGBqdDK3ub360i9InM/xyauaHal+A9dMewfc=
=QJKu
-----END PGP SIGNATURE-----
pgpw0ZbQh673e.pgp
Description: PGP signature
--- End Message ---
