Accepted php7.4 7.4.33-1+deb11u5 (source) into oldstable-proposed-updates

Sat, 20 Apr 2024 04:20:18 -0700 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 12 Apr 2024 02:02:16 +0200
Source: php7.4
Architecture: source
Version: 7.4.33-1+deb11u5
Distribution: bullseye-security
Urgency: high
Maintainer: Debian PHP Maintainers <team+pkg-...@tracker.debian.org>
Changed-By: Ondřej Surý <ond...@debian.org>
Changes:
 php7.4 (7.4.33-1+deb11u5) bullseye-security; urgency=high
 .
   * Backported from 8.0.30
    + CVE-2023-3823: Fixed bug GHSA-3qrf-m4j2-pcrr (Security issue with
      external entity loading in XML without enabling it).
    + CVE-2023-3824: Fixed bug GHSA-jqcx-ccgc-xwhv (Buffer mismanagement in
      phar_dir_read()).
   * Backported from 8.1.28
    + CVE-2024-1874: Fixed bug GHSA-pc52-254m-w9w7 (Command injection via
      array-ish $command parameter of proc_open).
    + CVE-2024-2756: Fixed bug GHSA-wpj3-hf5j-x4v4 (__Host-/__Secure-
      cookie bypass due to partial CVE-2022-31629 fix).
    + CVE-2024-3096: Fixed bug GHSA-h746-cjrr-wfmr (password_verify can
      erroneously return true, opening ATO risk).
Checksums-Sha1:
 301bf3cc2628ee304cccb1f7dedbd32625fee9c9 5825 php7.4_7.4.33-1+deb11u5.dsc
 4d3152b2339332b4eef2c12931931d4a1245fdab 10420144 php7.4_7.4.33.orig.tar.xz
 1701962351f13c1af1f29bde45eb9515747bc4ee 833 php7.4_7.4.33.orig.tar.xz.asc
 cb805baa3a9b78314918ffe53441e0b5203fc6aa 86144 
php7.4_7.4.33-1+deb11u5.debian.tar.xz
 f821bb4c5afdfb79ef53aabc5f726a4b65f91616 35600 
php7.4_7.4.33-1+deb11u5_amd64.buildinfo
Checksums-Sha256:
 0f374b4b07791304f4b366a7526e69e0ba9d85d7a6612890b9d34be5193df269 5825 
php7.4_7.4.33-1+deb11u5.dsc
 924846abf93bc613815c55dd3f5809377813ac62a9ec4eb3778675b82a27b927 10420144 
php7.4_7.4.33.orig.tar.xz
 569a01c7c605a4571fdf7dfadfff4215cc4a63ea5d474c7ec92bd7b4fecfffcb 833 
php7.4_7.4.33.orig.tar.xz.asc
 21885cc1308575eb8661d1d58e8249b74254f3991ebf52b631863b09240c1c21 86144 
php7.4_7.4.33-1+deb11u5.debian.tar.xz
 125521a73fdf33b467902adc8ca4d036226dbb1a2ed6dd92bda6a7c608e315aa 35600 
php7.4_7.4.33-1+deb11u5_amd64.buildinfo
Files:
 31e5306f6927b8062fd2b480abddaff6 5825 php optional php7.4_7.4.33-1+deb11u5.dsc
 f098632163cd47f2c1ffe2bdc6ef1ff2 10420144 php optional 
php7.4_7.4.33.orig.tar.xz
 306dca821388f20fa55324960d82f427 833 php optional php7.4_7.4.33.orig.tar.xz.asc
 796af6ecede1911e24b56eed838e5702 86144 php optional 
php7.4_7.4.33-1+deb11u5.debian.tar.xz
 19ecc77951c3f76960a9d97aeedaa09c 35600 php optional 
php7.4_7.4.33-1+deb11u5_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEEw2Gx4wKVQ+vGJel9g3Kkd++uWcIFAmYYhIFfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEMz
NjFCMUUzMDI5NTQzRUJDNjI1RTk3RDgzNzJBNDc3RUZBRTU5QzIACgkQg3Kkd++u
WcLd4xAAsdFj9pIINSbb251PXGxILn5Jgg4FfZprFo5Gu1JsjEiE2zETB/o72x6V
6l8E0ga4YZvvomnPVmmRWI5hdYUwwA7eFrZ/tcLEH34LNMBOkMxaktlTZgPD/JkW
O9Gnju6vF8KYlmXw9LdqU/62CpAGwsJ/sFiRoSUtX48eED9mpfaHFlcCEiDybHOd
ibknvrFfIiyO+/pHzERp2eUppXGrKqB4sh1I1+6H7co3gHOhHj6VtIlGsFq/rAK1
09yuHRnO7L8teSfnKqfXYXluwLhlhxNCoK4qj1KQlDoJMhKD+F9fwN840U2E0ez9
kogO+7wTH8Nl/j8gFpUEYBy8xBnADesy/TVyMgGDSvxRHeL1JOsId1X8ewr67jcx
zIVm9nk0UmCALh+AJELEqeJ9fQH/NAHO9fe692SOvz6g//iMl9S+F6TCksI50efg
kV4cJPIqr0XdigdHwlLGobZ6pR92u3qBjwNsMDYh3SmNjxUoCmT+jLKRCY78VBIX
hxqjAv6qiDYXJue4UV5FeVumCSpT4xyUKYV3BAE8/wl/JAYYwEXSNBoekiz0m2NH
rmNdhuwy8hom1kQhQp7a7ZtnfS0I39ExjYWXqsYTush+uDaNBo1DyID648C/7G3r
nsvvcXD9sJshHvisAHI2UN2atsiH6fbFhgPz9NygzTrIL81LA/Q=
=BsZo
-----END PGP SIGNATURE-----

Attachment: pgp9KJimvqVk_.pgp
Description: PGP signature

Reply via email to