Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <dispatch@tracker.debian.org> , <debian-lts-changes@lists.debian.org>
Subject: Accepted php-pear 1:1.10.1+submodules+notgz-9+deb9u2 (source all) into oldstable
Date: Mon, 23 Nov 2020 11:20:12 +0000
Signed by: Chris Lamb <lamby@debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Mon, 23 Nov 2020 11:07:45 +0000
Source: php-pear
Binary: php-pear
Architecture: source all
Version: 1:1.10.1+submodules+notgz-9+deb9u2
Distribution: stretch-security
Urgency: high
Maintainer: Debian PHP PEAR Maintainers <pkg-php-pear@lists.alioth.debian.org>
Changed-By: Chris Lamb <lamby@debian.org>
Description:
 php-pear   - ${phppear:summary}
Changes:
 php-pear (1:1.10.1+submodules+notgz-9+deb9u2) stretch-security; urgency=high
 .
   * CVE-2020-28948, CVE-2020-28949: Prevent a filename sanitisation issue where
     local files could have been overwritten with PHAR archives.
Checksums-Sha1:
 5c53f81a73e50a74af5dcb1515f8de7be5cbb866 2087 php-pear_1.10.1+submodules+notgz-9+deb9u2.dsc
 2068ba0928735d7f66640509c2aa5eadd9dfcf58 2177157 php-pear_1.10.1+submodules+notgz.orig.tar.gz
 a8aec4bc2ca5ceb349d597698c2cc4367849df1e 6780 php-pear_1.10.1+submodules+notgz-9+deb9u2.debian.tar.xz
 73923c5540b2d0489cc36e86c8b4445c6d295487 282582 php-pear_1.10.1+submodules+notgz-9+deb9u2_all.deb
 d0c0555be0b633b03334c09cea62d1a6e65970c9 6393 php-pear_1.10.1+submodules+notgz-9+deb9u2_amd64.buildinfo
Checksums-Sha256:
 95faf1428f67d2fa82e24aedd36cb01ae82d7553596f6404e69960a2b9cc6645 2087 php-pear_1.10.1+submodules+notgz-9+deb9u2.dsc
 a9ec24292beb2a8caf1b42c0ed801d0105afc63c7dcc57449f12e54caecc815c 2177157 php-pear_1.10.1+submodules+notgz.orig.tar.gz
 7eed54902cb9f8c9a5602768c1048da0d8bc5d5c6d35f76a2110b85b19e87ef7 6780 php-pear_1.10.1+submodules+notgz-9+deb9u2.debian.tar.xz
 8af907f4f837ad0b27551e39e0fc9556fa546c263e04411f86c110eb74087280 282582 php-pear_1.10.1+submodules+notgz-9+deb9u2_all.deb
 bcb3979ada7772c30661fac2cfd21144897ae86747c566c9353420e9c200f29f 6393 php-pear_1.10.1+submodules+notgz-9+deb9u2_amd64.buildinfo
Files:
 20adfefcf9123ec3ebf62f38447501fc 2087 php optional php-pear_1.10.1+submodules+notgz-9+deb9u2.dsc
 e73efe8df9b6824fb1d1759cc5311012 2177157 php optional php-pear_1.10.1+submodules+notgz.orig.tar.gz
 e94023cba498ff7e107786b9f415547c 6780 php optional php-pear_1.10.1+submodules+notgz-9+deb9u2.debian.tar.xz
 4d3ba22a91e7677173b158b87067fc05 282582 php optional php-pear_1.10.1+submodules+notgz-9+deb9u2_all.deb
 615e56e46787cc839123803f8de109fa 6393 php optional php-pear_1.10.1+submodules+notgz-9+deb9u2_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAl+7mYAACgkQHpU+J9Qx
HlhuwRAAnQ9SYwuV2560HTtElseCu32geO4WsmpRVXXWmOU/Lf1SlqkYn1/Hrp96
9UnKMbaIR5mTXBa5zaq7cz1NuuQnqH4WOqX89+bzGPCU0p6JP/UoScyQsmBtaRKL
12+9pbFNrys1MWF7RzmoIqb2uKiLtY5TKhzu7HbhqYexMywSFiJsiDFFNQyojHeW
9+JD3plY+Npby1i85MrYv309JVCRwcA8S4wQij4u4wzI0dPiWlHzKNBxpt2hXNwq
/4jhodc7qrVvpmFcfF8DQxLiRalDusBZg1rRxirJ8mijnKbRTrJPYBC2K2shxMH2
K2rLRTon3kAx5yJS+MxArp5Pz+DLKADW4EVhrnG7wAFhq5RQUxjMkoKF8KBnxqNL
AXxM19a9isMXLPYaRDknieDsUO2vkJQg55fWcZgzqCwqWAHHPKjC5zTBXIJatPQ/
uUbsKPvvFEy9qEfvnCjjK+mx6wnNlo4K59BI5bkOWXJw6s4ilifQ5JwqtTfRTga7
R0wvBMxO0IIFoOthH7uyvR94H267xkyaG+JzpFvWGL1Az2o63mG9MMuJ0AHOFx7a
Zu40kpjklwziKVd068IvbGpSk+2YKPZL09YUkqu0eM6erVrSptj1/QtkQ01j1Van
yBGGDvoKGEkqpNB92Z4+2ykP4t/p6xmylK9mc2Xkkb2hZYT0bww=
=9e3D
-----END PGP SIGNATURE-----

News for package php-pear