[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Accepted php8.2 8.2.24-1~deb12u1 (source) into proposed-updates



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 27 Sep 2024 06:16:10 +0200
Source: php8.2
Architecture: source
Version: 8.2.24-1~deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: Debian PHP Maintainers <team+pkg-php@tracker.debian.org>
Changed-By: Ondřej Surý <ondrej@debian.org>
Changes:
 php8.2 (8.2.24-1~deb12u1) bookworm-security; urgency=high
 .
   * New upstream version 8.2.24
    + [CVE-2024-8926]: Bypass of CVE-2024-4577, Parameter Injection
      Vulnerability
    + [CVE-2024-8927]: cgi.force_redirect configuration is bypassable due
      to the environment variable collision
    + [CVE-2024-8927]: Logs from FPM childrens may be altered
    + [CVE-2024-8925]: Erroneous parsing of multipart form data
Checksums-Sha1:
 55d65f97602743a30724b0b9e7ca52059feefcf8 5726 php8.2_8.2.24-1~deb12u1.dsc
 02297c35cca13de4a5d1aee841f1faeb70740c9f 12110000 php8.2_8.2.24.orig.tar.xz
 94083664dafa297e200c8ad781d84de41cbe36ca 858 php8.2_8.2.24.orig.tar.xz.asc
 d20573e65da7524c8d7876b3fb6d09d241212ec1 70008 php8.2_8.2.24-1~deb12u1.debian.tar.xz
 540a6a4a613ffa41cc9ee7ec0aa60c1010a885e6 34586 php8.2_8.2.24-1~deb12u1_amd64.buildinfo
Checksums-Sha256:
 01b8bc0e7d6ff502f49ee296cf2c0104e4121444a8d8c8a3d73c589282f977a3 5726 php8.2_8.2.24-1~deb12u1.dsc
 80a5225746a9eb484475b312d4c626c63a88a037d8e56d214f30205e1ba1411a 12110000 php8.2_8.2.24.orig.tar.xz
 e9772a68ba37080260ec8a839074b46552db807bb8dfc18a00d7a47f46edbc50 858 php8.2_8.2.24.orig.tar.xz.asc
 83a301e2306dcae6916d021d07a08ed88c6a90a8a315e94948b866c5e9a70a38 70008 php8.2_8.2.24-1~deb12u1.debian.tar.xz
 13b9db91575769cb245092151c5c1153454ef4770aeb02e95548334890957e02 34586 php8.2_8.2.24-1~deb12u1_amd64.buildinfo
Files:
 157e7dfd329bd038be7a55104b1c6528 5726 php optional php8.2_8.2.24-1~deb12u1.dsc
 fff29ce84f5b4ddfc2063f7b2021fce2 12110000 php optional php8.2_8.2.24.orig.tar.xz
 79cd78f08e27826f00e81389b5962b15 858 php optional php8.2_8.2.24.orig.tar.xz.asc
 a0fb44a95c02952c6d8321de7d2a38d2 70008 php optional php8.2_8.2.24-1~deb12u1.debian.tar.xz
 c1f41641c92f832e49835cdc942aa9ea 34586 php optional php8.2_8.2.24-1~deb12u1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEEw2Gx4wKVQ+vGJel9g3Kkd++uWcIFAmb2dVtfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEMz
NjFCMUUzMDI5NTQzRUJDNjI1RTk3RDgzNzJBNDc3RUZBRTU5QzIACgkQg3Kkd++u
WcIO8hAApV/eAROelDeXOkBFkaSh6Mi+tA3yuyFXmIPWzBQmtDrTDad5sxRzKEoL
Gt4TPuvUQscV1XVhdMX3Ty/hgbJs2rhPmQQUARY7d0q3tTUeQ90PnBP/Mx76FTCR
M9Hq+UmKqGliPm824SkQV2ENWZTjd50+7ZUjYTKLflSTpsYKKjJYvVM8MIRrF7qp
5e7L0JiR7k8gSpO8EXwqSwfHlcNew7Cz4ltzaOzQSFQc7xoIyD8U3mk4rHoKvGqj
27Paw/Rq757jkQxtisokgTaL73NEbIPilKqhBBiqBTxKdpSyany3btB/SnhQVo7Y
MREQ1Pj+DEAS/Bg5Osm6bResEDGxOGcgw+QNvQeXduvTtbJXz2G+aNeEjUn9BbQg
Zq/nvadHnVk1CHSlU+e8mwUd7w3Edz+rZhx3asyi7VJwhcG33DT/IopAemJrhoQX
AVgJSmjsrxZjxvPf2jAFyj6Ic99ESPsjuzEntkFlVk970qCKR7HvE0HhYHsBiphJ
cRsFsbsBAWn0jZzvUqz/FpAxBV7AKCTB+z/2bUWDXP9NDY/A/ET7I07czpqpOgH4
j7oLzlvWAV5BGCNipv6y0IlY3ViS+voNlGGnMyFuP6KTgY3jhC79DVeXf4SbydCl
eaf8S4X/PHkwvvKqBW5WYvotDLXy+MzLJdlMIj+OzkkkK3B/vOg=
=gNWG
-----END PGP SIGNATURE-----

Attachment: pgpWtz9qICZOQ.pgp
Description: PGP signature


Reply to: