Accepted php8.2 8.2.24-1~deb12u1 (source) into proposed-updates

To: debian-changes@lists.debian.org
Subject: Accepted php8.2 8.2.24-1~deb12u1 (source) into proposed-updates
From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Date: Sun, 06 Oct 2024 16:36:56 +0000
Message-id: <[🔎] E1sxUFc-00Cr96-7L@fasolo.debian.org>
Mail-followup-to: debian-devel@lists.debian.org
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 27 Sep 2024 06:16:10 +0200
Source: php8.2
Architecture: source
Version: 8.2.24-1~deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: Debian PHP Maintainers <team+pkg-php@tracker.debian.org>
Changed-By: Ondřej Surý <ondrej@debian.org>
Changes:
 php8.2 (8.2.24-1~deb12u1) bookworm-security; urgency=high
 .
   * New upstream version 8.2.24
    + [CVE-2024-8926]: Bypass of CVE-2024-4577, Parameter Injection
      Vulnerability
    + [CVE-2024-8927]: cgi.force_redirect configuration is bypassable due
      to the environment variable collision
    + [CVE-2024-8927]: Logs from FPM childrens may be altered
    + [CVE-2024-8925]: Erroneous parsing of multipart form data
Checksums-Sha1:
 55d65f97602743a30724b0b9e7ca52059feefcf8 5726 php8.2_8.2.24-1~deb12u1.dsc
 02297c35cca13de4a5d1aee841f1faeb70740c9f 12110000 php8.2_8.2.24.orig.tar.xz
 94083664dafa297e200c8ad781d84de41cbe36ca 858 php8.2_8.2.24.orig.tar.xz.asc
 d20573e65da7524c8d7876b3fb6d09d241212ec1 70008 php8.2_8.2.24-1~deb12u1.debian.tar.xz
 540a6a4a613ffa41cc9ee7ec0aa60c1010a885e6 34586 php8.2_8.2.24-1~deb12u1_amd64.buildinfo
Checksums-Sha256:
 01b8bc0e7d6ff502f49ee296cf2c0104e4121444a8d8c8a3d73c589282f977a3 5726 php8.2_8.2.24-1~deb12u1.dsc
 80a5225746a9eb484475b312d4c626c63a88a037d8e56d214f30205e1ba1411a 12110000 php8.2_8.2.24.orig.tar.xz
 e9772a68ba37080260ec8a839074b46552db807bb8dfc18a00d7a47f46edbc50 858 php8.2_8.2.24.orig.tar.xz.asc
 83a301e2306dcae6916d021d07a08ed88c6a90a8a315e94948b866c5e9a70a38 70008 php8.2_8.2.24-1~deb12u1.debian.tar.xz
 13b9db91575769cb245092151c5c1153454ef4770aeb02e95548334890957e02 34586 php8.2_8.2.24-1~deb12u1_amd64.buildinfo
Files:
 157e7dfd329bd038be7a55104b1c6528 5726 php optional php8.2_8.2.24-1~deb12u1.dsc
 fff29ce84f5b4ddfc2063f7b2021fce2 12110000 php optional php8.2_8.2.24.orig.tar.xz
 79cd78f08e27826f00e81389b5962b15 858 php optional php8.2_8.2.24.orig.tar.xz.asc
 a0fb44a95c02952c6d8321de7d2a38d2 70008 php optional php8.2_8.2.24-1~deb12u1.debian.tar.xz
 c1f41641c92f832e49835cdc942aa9ea 34586 php optional php8.2_8.2.24-1~deb12u1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEEw2Gx4wKVQ+vGJel9g3Kkd++uWcIFAmb2dVtfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEMz
NjFCMUUzMDI5NTQzRUJDNjI1RTk3RDgzNzJBNDc3RUZBRTU5QzIACgkQg3Kkd++u
WcIO8hAApV/eAROelDeXOkBFkaSh6Mi+tA3yuyFXmIPWzBQmtDrTDad5sxRzKEoL
Gt4TPuvUQscV1XVhdMX3Ty/hgbJs2rhPmQQUARY7d0q3tTUeQ90PnBP/Mx76FTCR
M9Hq+UmKqGliPm824SkQV2ENWZTjd50+7ZUjYTKLflSTpsYKKjJYvVM8MIRrF7qp
5e7L0JiR7k8gSpO8EXwqSwfHlcNew7Cz4ltzaOzQSFQc7xoIyD8U3mk4rHoKvGqj
27Paw/Rq757jkQxtisokgTaL73NEbIPilKqhBBiqBTxKdpSyany3btB/SnhQVo7Y
MREQ1Pj+DEAS/Bg5Osm6bResEDGxOGcgw+QNvQeXduvTtbJXz2G+aNeEjUn9BbQg
Zq/nvadHnVk1CHSlU+e8mwUd7w3Edz+rZhx3asyi7VJwhcG33DT/IopAemJrhoQX
AVgJSmjsrxZjxvPf2jAFyj6Ic99ESPsjuzEntkFlVk970qCKR7HvE0HhYHsBiphJ
cRsFsbsBAWn0jZzvUqz/FpAxBV7AKCTB+z/2bUWDXP9NDY/A/ET7I07czpqpOgH4
j7oLzlvWAV5BGCNipv6y0IlY3ViS+voNlGGnMyFuP6KTgY3jhC79DVeXf4SbydCl
eaf8S4X/PHkwvvKqBW5WYvotDLXy+MzLJdlMIj+OzkkkK3B/vOg=
=gNWG
-----END PGP SIGNATURE-----

Attachment: pgpWtz9qICZOQ.pgp
Description: PGP signature

Reply to:

Prev by Date: Accepted linux-signed-i386 6.1.112+1 (source) into proposed-updates
Next by Date: Accepted apache2 2.4.62-1~deb12u2 (source) into proposed-updates
Previous by thread: Accepted linux-signed-i386 6.1.112+1 (source) into proposed-updates
Next by thread: Accepted apache2 2.4.62-1~deb12u2 (source) into proposed-updates
Index(es):
- Date
- Thread