Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-changes@lists.debian.org>
Subject: Accepted php7.4 7.4.25-1+deb11u1 (source) into proposed-updates->stable-new, proposed-updates
Date: Sat, 30 Oct 2021 22:17:14 +0000
Signed by: Ondřej Surý <ondrej@debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 23 Oct 2021 23:53:50 +0200
Source: php7.4
Architecture: source
Version: 7.4.25-1+deb11u1
Distribution: bullseye-security
Urgency: high
Maintainer: Debian PHP Maintainers <team+pkg-php@tracker.debian.org>
Changed-By: Ondřej Surý <ondrej@debian.org>
Changes:
 php7.4 (7.4.25-1+deb11u1) bullseye-security; urgency=high
 .
   * New upstream version 7.4.25
    + CVE-2021-21706: ZipArchive::extractTo extracts outside of destination
    + CVE-2021-21703: PHP-FPM oob R/W in root process leading to privilege
      escalation
Checksums-Sha1:
 3958ad8ca92248f0fa3575ea7950e80216147ab9 5581 php7.4_7.4.25-1+deb11u1.dsc
 c873eabab28db07412a198ccc3482af6fbc6ab92 10376304 php7.4_7.4.25.orig.tar.xz
 7737ee0f93440934649f5d7344aa18573a02e920 68452 php7.4_7.4.25-1+deb11u1.debian.tar.xz
 515f5eb1a214031170588a098f5cfe2e537bcf70 34848 php7.4_7.4.25-1+deb11u1_amd64.buildinfo
Checksums-Sha256:
 20067e01c19c48d576fe38c6965e6fe67fdffcd868b8e8250c9bfdf986be5601 5581 php7.4_7.4.25-1+deb11u1.dsc
 12a758f1d7fee544387a28d3cf73226f47e3a52fb3049f07fcc37d156d393c0a 10376304 php7.4_7.4.25.orig.tar.xz
 479ed2022f706da443d30d941703cc5f8fbce9399713eef4222e50cd75442174 68452 php7.4_7.4.25-1+deb11u1.debian.tar.xz
 03e48838b3ed9ffed781bc3fc40e6cad4d9fe73772ff0802bdfddfc7c3fd2dc7 34848 php7.4_7.4.25-1+deb11u1_amd64.buildinfo
Files:
 01663b87602a5f242b1830e6533be319 5581 php optional php7.4_7.4.25-1+deb11u1.dsc
 89fbd3c0f8d4831125bc6985c5aa275c 10376304 php optional php7.4_7.4.25.orig.tar.xz
 27b8a14580c34f33a454c9c99144d93a 68452 php optional php7.4_7.4.25-1+deb11u1.debian.tar.xz
 22e2aad718bde892511beb783b7466b7 34848 php optional php7.4_7.4.25-1+deb11u1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEEw2Gx4wKVQ+vGJel9g3Kkd++uWcIFAmF1hPJfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEMz
NjFCMUUzMDI5NTQzRUJDNjI1RTk3RDgzNzJBNDc3RUZBRTU5QzIACgkQg3Kkd++u
WcL2iQ/+LlbDhlXxhKjdSeE2I8QQxGDvAKFWUfB6yEmuUWfwgkPA8Xkhts6rRp1s
HEHUOJ0dY9veB9I+s+A7LVpsFBU/3b0lWjWCCp05Qmr8EemJdyLt1BlHinSIwJbj
NjwP/fITaq1dCAqo6c+mBwCZGYGjfewBqwxEN5Yn5YxkQvmJHjojHSp15R86KONa
S3Bzqc8SpoMzWU6L4o9/ENYfPN3bnvg/5eup90SVsF23U3kjJ4KWoIydYN2cVn8U
7JiwjiR63Q62IVeJ4ODFGvOumqX+gMdncXGDlIyOzYF8PdMHlAMCvtZAqqOoY14t
UfzFliVtwBol1IO12FiIP4QQlF622ZhOKAYBcCBE4KmhrcGt/TijtMpxn+WhqR1+
IXsQilZvpU7s6Ma+3Z7b8TarPB2MfLtk7KDjTGSFcJotp+bGzL/55Kjln3hUVBkM
9TA1XVuQf2agGMgUK1RJLqHHI9gYgbQdpMGXgoyG+z2sxG0AQksdnXX6wG6k0ZjR
NNPqZpnfmA1ap/MRoO5Ih/dUx8b1mXTSBdCqo9TRC8PElinxq/Kuu/7J9JcqvH3w
t9pJ9CmcvKNZs+FoH409E63+uSIUkulDlGwVyrlSa3UpKhKBMldCwVeVEWwJGCYF
RMZ75nT9AJRMSqO1Y5b7xO69r8x+g1nTQ0FZ2Fzycm+iOBIkZXo=
=pATW
-----END PGP SIGNATURE-----

News for package php7.4