-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Tue, 30 Jun 2020 10:44:28 +0200 Source: php-horde-trean Architecture: source Version: 1.1.10-1 Distribution: unstable Urgency: medium Maintainer: Horde Maintainers <team+debian-horde-team@tracker.debian.org> Changed-By: Mike Gabriel <sunweaver@debian.org> Closes: 955019 Changes: php-horde-trean (1.1.10-1) unstable; urgency=medium . [ Juri Grabowski ] * New upstream version 1.1.10 * SECURITY: The Trean application of the Horde Application Framework contained a directory traversal vulnerability (CVE-2020-8865) resulting from insufficient input sanitization. An authenticated remote attacker could use this flaw to execute code in the context of the web server user. (Closes: #955019). . [ Mike Gabriel ] * d/salsa-ci.yml: Add file with salsa-ci.yml and pipeline-jobs.yml calls. * d/control: Bump DH compat level to version 13. * d/control: Add to Uploaders: Juri Grabowski. Checksums-Sha1: b03e50b532a3bb81f2e962e4c8a291eb8a6cd006 2090 php-horde-trean_1.1.10-1.dsc ecd495cf90e5a262e4417bfd6585e901f2fbb2af 664691 php-horde-trean_1.1.10.orig.tar.gz 7cb3d1e0dfca2cae0fce86cb179c48796e25375e 4164 php-horde-trean_1.1.10-1.debian.tar.xz 5909516ca2f5e7e4f2d89c34e5c3e9ab7eb08e93 7059 php-horde-trean_1.1.10-1_source.buildinfo Checksums-Sha256: c835e7d1d23a15130fb6dd76861b0331ae4f1507acda20c874164debcd186f79 2090 php-horde-trean_1.1.10-1.dsc c1a24d64b4a88976005eea21c9e5939572e8e957e159e73698a9a042868738d5 664691 php-horde-trean_1.1.10.orig.tar.gz ea401d05c48e0aed29b152823e65333449a8d9f9f6bffafd29c81333b792de5b 4164 php-horde-trean_1.1.10-1.debian.tar.xz f8763b22092d826c76f96d345f30b6675adb72dbf3d2a51f041c67ee547a77ef 7059 php-horde-trean_1.1.10-1_source.buildinfo Files: fbb831901636eae7ab043ffdd7841b29 2090 php optional php-horde-trean_1.1.10-1.dsc f85a80bef474994f27622beb3563d94c 664691 php optional php-horde-trean_1.1.10.orig.tar.gz 8f732c539bfe4ebf1e8c1d6e6efaf491 4164 php optional php-horde-trean_1.1.10-1.debian.tar.xz 2344708d5c5bfe55c22bc6f91c12b584 7059 php optional php-horde-trean_1.1.10-1_source.buildinfo -----BEGIN PGP SIGNATURE----- iQJJBAEBCAAzFiEEm/uu6GwKpf+/IgeCmvRrMCV3GzEFAl76/FkVHHN1bndlYXZl ckBkZWJpYW4ub3JnAAoJEJr0azAldxsxkfUQAIU/peLlgdD3DwE0pLRtykStMl7w 00Wfw/gPJYcEXbyenzwoKzZasRikbPKZKQDsquQhzag9ZNYJUo/ZCPZ1QXufDOUX gRki6n9stYnNAyn3L/flOrUVachKQ8buVEomk1ZDNwuZ0UboqSRr1jYZHI8NnBLg 7CvTzozzZQs6mfji4nzoqHZ4Q5b4JhH/n3dPCtdS6oaDEEA1bvhBUVqb9ZJDWAy1 Hz2U9gDwsuXAS+yHjsnSeBuP/8oE0wOrDIRgqMA67EzSkrg8OnO818ma7IeFQk7M Bbg8LkgFWhnacd+set89qlNdDckOOWHEZ5M+cYAgvyOCIEh1KqY86S6RvNHzMnLM R/VqvJtEkIEoOfrKGuF8EBEdlXFDcgfsi2oPTzTYk5NDWxYbb6EYUcPndTSNHVAC VlJYL2LEvcoefti+nalVw1P5jkLeBdCZrMq0VaJxTGUCce7GwO0n7FoV4fKK7hwh scVRB+Rj1aZXi8i8SfxB0iTjWePfWA4VuNjK+Wes9HsG8b4De7J+gZ+WFAg3eHNA WVaRFtIp4DV4Ydg4xacbiJLv3+3rTy5TdP9hgCWPZMZ0lZ5bSx9lHcppK4HKM3aB kByKbAaLapPrrPAcUx5JpkUUwsLVVYWmM3j5xnwje2zflCSzkg6B5di1KVGFvxHh iZlt8R0vf3NUWfxv =gJHo -----END PGP SIGNATURE-----