-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Tue, 14 Apr 2020 12:26:29 +0200 Source: awl Binary: libawl-php awl-doc Architecture: source all Version: 0.57-1+deb9u1 Distribution: stretch-security Urgency: high Maintainer: Davical Development Team <davical-devel@lists.sourceforge.net> Changed-By: Florian Schlichting <fsfs@debian.org> Description: awl-doc - Andrew's Web Libraries - API documentation libawl-php - Andrew's Web Libraries - PHP Utility Libraries Closes: 956650 Changes: awl (0.57-1+deb9u1) stretch-security; urgency=high . * Fix two security vulnerablilites (closes: #956650) + CVE-2020-11728 "Session::__construct() allows use of the current time as a session key" + CVE-2020-11729 "LSIDLogin() is insecure and can allow user impersonation" Checksums-Sha1: 66a6c7e2aa7c3269e160237ff25557b18a64eb76 1967 awl_0.57-1+deb9u1.dsc da26f4933a4e734a153a5e789c0bb69d6ad6a986 101236 awl_0.57.orig.tar.xz 22469fe2ecb96089e032df9f1af07860c9c2b991 9508 awl_0.57-1+deb9u1.debian.tar.xz 7e520434ed7757e42cafcb9e7e26a5b82a9ccfa3 252686 awl-doc_0.57-1+deb9u1_all.deb 34f6d816bd786a5b2f81ae03ee3f14f9f9b8131c 8083 awl_0.57-1+deb9u1_amd64.buildinfo 5bde4787e0176b600fb9436ef736bc77908196f4 97468 libawl-php_0.57-1+deb9u1_all.deb Checksums-Sha256: 61852a8e4799fd827e1a35ca83072c2f14cb7362d2ebcb72ce14762b943ae310 1967 awl_0.57-1+deb9u1.dsc af9400a5c792eae170f4f14214f065482e2c3817833825cbd48e5a19f86daafc 101236 awl_0.57.orig.tar.xz 16038a4b49a5950b60e1a4d57b801cc5928b353bc98314074c78182b79b89dce 9508 awl_0.57-1+deb9u1.debian.tar.xz a5f712d9d3f236e3e1dfebce63c66dedb12375b06eee480438268dba9c802130 252686 awl-doc_0.57-1+deb9u1_all.deb 6458599c20d0208f09605e1fd4560d46511b2ff258364532fcb3b076750c23a0 8083 awl_0.57-1+deb9u1_amd64.buildinfo ca4f77a1098c52bfdfa4ff00692d83b99bb5d30641fe509479316383c28941bf 97468 libawl-php_0.57-1+deb9u1_all.deb Files: 87b684fe5041a73b2de7b3c088d4a9ba 1967 php extra awl_0.57-1+deb9u1.dsc 7d0a403288d04aac487a643da18b4914 101236 php extra awl_0.57.orig.tar.xz 595f3f6eb97dc82bbf9c26aa5edb8a25 9508 php extra awl_0.57-1+deb9u1.debian.tar.xz 65729754d2230f81ff8915dbe0b19d58 252686 doc extra awl-doc_0.57-1+deb9u1_all.deb b208f6facfb75af719c2a9e7ebbd9b7b 8083 php extra awl_0.57-1+deb9u1_amd64.buildinfo 82c70eb8cd84a5194f20118f9010a17e 97468 php extra libawl-php_0.57-1+deb9u1_all.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEMLI8i05qOwnqprZSEpc7bnLcB7UFAl6dQVUACgkQEpc7bnLc B7VtVg//aA2NWsepZctOk9rATERaxyffGhRdZjDBZDp1D9Ono4ztpbr+Wri/fVET TWjkD1r8vJgCXhYGfyn1nPzlUoPpefQlufFrvmb8CNGs5zAH9Qcy8cr2MEuiQYe2 K4stS3BmtkRkSdEASappaw7NgyljUDb+GUf3m2x7+LOxHrd8dPEgOqcdBq/3Z92M yyTw59EeEtnDYyfbrvUpWMGxBYV64v0aiOYvll3NRS/L2OkKLdyBWr38/piL7l9b Im2Z0zJAQhhejg0sHshjLaCUBXrcUYCnOMCKmKOsUKgbEPgy8/F7HphsdeohPIsZ PN9gvo4x7CL1HuuwMA6iMMBCbdVBu/uCX6Wz0SzY2qyi4INZzDhmHZSSI+wjrcqA EpCCVg/W4ljQqQX52z+Nls/X1QRcPMGFoSDTd29ilArI3V+yB/o5tbYN8xM0O7M6 sIqZAfiDq+hXCPPLA0W4/bkfaZg995I2iVGeWtC+6LNdeiT/GNB8at+URi0WCFQ7 J9FVfE6RYGdtDBt/RklAlMbf3o8eAQAzDZBB5BixLJKgg+lqcA08AKuQY0wKxwFs S316w9SnLHJ+qsZ7/kyN7zrfNAD/4FoRGNANMqLBG4GAKZatnO9cUpfb00ZDTivF atFSjGqVL924tVy6eYe3c0lU4JGBUilCtBh18ckcrwJTjIVWWws= =a9BB -----END PGP SIGNATURE-----