Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-changes@lists.debian.org>
Subject: Accepted php7.3 7.3.27-1~deb10u1 (source) into proposed-updates->stable-new, proposed-updates
Date: Wed, 24 Feb 2021 17:33:00 +0000
Signed by: Ondřej Surý <ondrej@debian.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 13 Feb 2021 17:31:40 +0100
Source: php7.3
Architecture: source
Version: 7.3.27-1~deb10u1
Distribution: buster-security
Urgency: medium
Maintainer: Debian PHP Maintainers <team+pkg-php@tracker.debian.org>
Changed-By: Ondřej Surý <ondrej@debian.org>
Closes: 951834 951857
Changes:
 php7.3 (7.3.27-1~deb10u1) buster-security; urgency=medium
 .
   [ Ondřej Surý ]
   * New upstream version 7.3.27
    + Fixed bug #80672 (Null Dereference in SoapClient). (CVE-2021-21702)
   * New upstream version 7.3.26
    + Fixed bug #77423 (FILTER_VALIDATE_URL accepts URLs with invalid
      userinfo). (CVE-2020-7071)
   * New upstream version 7.3.23
    + Fixed bug #79699 (PHP parses encoded cookie names so malicious
      `__Host-` cookies can be sent). (CVE-2020-7070)
    + Fixed bug #79601 (Wrong ciphertext/tag in AES-CCM encryption for a 12
      bytes IV). (CVE-2020-7069)
   * New upstream version 7.3.21
    + Fixed bug #79797 (Use of freed hash key in the phar_parse_zipfile
      function). (CVE-2020-7068)
   * Disable the MySQL extension testing as it's too complicated and prone
     to breakages
   * In phpize, copy the foreign files from their respective packages
     (libtool, pkg-config, shtool, pkg.m4) instead of having a built-time
     copy in the package
 .
   [ Pino Toscano ]
   * Disable AppArmor support on non-Linux archs (Closes: #951857)
   * Enable systemd integration only on Linux archs (Closes: #951834)
Checksums-Sha1:
 a0c6b949b9dc6e7d6cd62ad6aaab444011a15980 5997 php7.3_7.3.27-1~deb10u1.dsc
 637c2ebe12cb3347b9e8b37893569dc542010e50 12137924 php7.3_7.3.27.orig.tar.xz
 1a5667cb370f5a1b4276f911bf20a407aea77a30 850 php7.3_7.3.27.orig.tar.xz.asc
 e5de8848b08fd3cf7b40f096128013006a716bf2 67008 php7.3_7.3.27-1~deb10u1.debian.tar.xz
Checksums-Sha256:
 cbac79e35cffda828fe0d7f1260d5bb43cbcbb8012e1035b5c178b08bca813f1 5997 php7.3_7.3.27-1~deb10u1.dsc
 65f616e2d5b6faacedf62830fa047951b0136d5da34ae59e6744cbaf5dca148d 12137924 php7.3_7.3.27.orig.tar.xz
 6c8f3d033e6a6b6d86b6ed6680385f157fbdfb6ceba6172f74822e6da02d2f8d 850 php7.3_7.3.27.orig.tar.xz.asc
 7529005b6d5547789c0074415e28baf8f95472197d958defa2fdc658196700ad 67008 php7.3_7.3.27-1~deb10u1.debian.tar.xz
Files:
 308081d311fa37388f6edd31b01e12eb 5997 php optional php7.3_7.3.27-1~deb10u1.dsc
 f43ed3ac572a0ec7452be15f4ae7c28c 12137924 php optional php7.3_7.3.27.orig.tar.xz
 b39d01f61c201052ee87475efcdda977 850 php optional php7.3_7.3.27.orig.tar.xz.asc
 8581cd46991e2c02e58acf8bbb80ab80 67008 php optional php7.3_7.3.27-1~deb10u1.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEEw2Gx4wKVQ+vGJel9g3Kkd++uWcIFAmApIwhfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEMz
NjFCMUUzMDI5NTQzRUJDNjI1RTk3RDgzNzJBNDc3RUZBRTU5QzIACgkQg3Kkd++u
WcJB2Q/7BAb1Ab5z8OVwKia6MCx2Gv2FOhwQVgrMP9xrjbAf7jLA77AdaGoN4g+S
9BfvoWR8OCoOB5OkoN045lDZHuaZnOmd3eKz4eijW+SVLPw58g+RYv3hui3jIVGy
8v8E+DElB69N2RmGqjo6CaTGxq7fcHxvTbYqYLBp1at1fQku0pWdHGxX1n9Cykou
gOSsAvo30+3YJklTDH0dYbE2SKnUJd+Cw/aqqa/WG1Ir4D6kmDY3RAztm+gfwmZ5
FEYwCP3yTKHqIib1wKwdMAOQaFLhDLEdtefL8y6BJzUhyeL7Vy6qGlJ/W4PeT2ZI
kCzkxT6m3OI4/E/d5JFJlqF8KBl9SVTZCZ7klHm1yUX4oEBBqZj0wBgWbYN3QFgD
s7k1qh6D8cxu2Xl3OXaXSbSbai5aqxpR1/ryPy9ZQjNMFEQAVEPvXIZy6gekq8uo
1zlSGKW1aesIavJsErqts2k8Ix0gKHuTuiW9GXUe0k7AC+B2Un1o/367Oe70op+g
Zx3lm4jSoUi1qVEzYVwRJ1MqcCsXU69mPzXEYgoIdGrw76OUtfdtbJoV7Q28DnE/
D/zTSsZA8jDHo/E4+AHm5qHL/6oBDJp7XZV2YJvPJTMBIws27dTlbGiKPMnZVpr9
VH3QrkJe3NpiCw3sveoYR5HH1cgAsFVgpxWezApStazeKRBQ9Xo=
=Pola
-----END PGP SIGNATURE-----
News for package php7.3
