-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Sat, 25 Apr 2020 21:51:15 +0200 Source: gosa Architecture: source Version: 2.7.4+reloaded2-13+deb9u3 Distribution: stretch Urgency: medium Maintainer: Debian Edu Packaging Team <debian-edu-pkg-team@lists.alioth.debian.org> Changed-By: Mike Gabriel <sunweaver@debian.org> Changes: gosa (2.7.4+reloaded2-13+deb9u3) stretch; urgency=medium . * debian/patches/1047_CVE-2019-14466-1_replace_unserialize_with_json_ encode+json_decode.patch: + Replace (un)serialize with json_encode/json_decode to mitigate PHP object injection (CVE-2019-14466). Checksums-Sha1: 910971e60b0ee8977e3b46484fb249c563391666 15396 gosa_2.7.4+reloaded2-13+deb9u3.dsc ccdc57de90bf6e4a39ac222cc930b9c48d2e8cc7 79324 gosa_2.7.4+reloaded2-13+deb9u3.debian.tar.xz c7d1bb4a7bffdc2e7f0f3f6be22ca6424c36cf7e 7373 gosa_2.7.4+reloaded2-13+deb9u3_source.buildinfo Checksums-Sha256: 4a4c6c4da144400949e557b1eeae6de657eecd918d7d0db6b22f724b1ff2cd4c 15396 gosa_2.7.4+reloaded2-13+deb9u3.dsc 4121c69e6140eee1babde1154a76cc6947acc7ffcc0a79dc25e66b174f7e8d97 79324 gosa_2.7.4+reloaded2-13+deb9u3.debian.tar.xz 9fd568095ae495c90c691b1e4c06f8d51a18adb2ec5de2253a98b326bae4a27c 7373 gosa_2.7.4+reloaded2-13+deb9u3_source.buildinfo Files: 2c0f9a5e66f7fa944b0109ad9d3db198 15396 web optional gosa_2.7.4+reloaded2-13+deb9u3.dsc b58ea2db934173ede42df873714e09cf 79324 web optional gosa_2.7.4+reloaded2-13+deb9u3.debian.tar.xz 78d2b32dc1f637e4ea8cf4b72ea6047f 7373 web optional gosa_2.7.4+reloaded2-13+deb9u3_source.buildinfo -----BEGIN PGP SIGNATURE----- iQJJBAEBCAAzFiEEm/uu6GwKpf+/IgeCmvRrMCV3GzEFAl6klQMVHHN1bndlYXZl ckBkZWJpYW4ub3JnAAoJEJr0azAldxsxIAoQAK9o+T9P3H71fFWmVDFEN5ZQCup/ L2jLbcZDCiZrJy1zAnsSyE+ZxXlFh8QrpH2IMf/L9NsHDNIO/Ws68GWgMkab6Mdu 8275YuWISB51zoKKq2jTYimDd/5xQh77wiUX4ApjEapkmX2x9UGWsFSzM33LjlWw 8BdX/PkpQ4UQ2zQlpfrcP1OBeDEn1z8otaqmaR9/6iBxcUsO0VTFGWn/JxgtYcug 8GUcYq13M1AQJREekkK7EYZdqV4HP9IX5VPY9W+uPNJVwySSWGwCUZXcAkrw7800 MXjhrOHVAZTurzFrjuYPC+H8ROvTMtZ6+ZmXm3rVF5eMMvz2vl6jHIabTTl1CRPD KlRqgKO+ulV6W65sKFsjZtu1Z3qOaqpr7r5Dz0Pk2NR8HimmaY0H4E42XQcHdQsS bEFB38vn3cUX8CSQJzf8sVNsggumczmQOp5ZykoxlO9bOtSIXw/Xkm+3SZ86H0T7 03dqvPZVf+TXQVYxRSiGhGO11IS0zMm9O/sEz7hJCyACq5wiQI4T26nowTTVm1Wa NRCdWdtEfwHtaUxAxJNl+678Q4EsafgxwwTekVh6NCxP+4mC8MR4ysUXwRae1BZX POJYawCO6pKi5k1YJRHgyjYOGgSeMI4o3T3bf2PqlyPZps51IgFekJTyUh7I4zMt 8j0nxqgx7VCmQCIQ =hwWm -----END PGP SIGNATURE-----