Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <dispatch@tracker.debian.org> , <debian-lts-changes@lists.debian.org>
Subject: Accepted php-phpseclib 2.0.30-2~deb10u3 (source) into oldoldstable
Date: Tue, 05 Mar 2024 13:20:19 +0000
Signed by: Guilhem Moulin <guilhem@debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 05 Mar 2024 13:30:10 +0100
Source: php-phpseclib
Architecture: source
Version: 2.0.30-2~deb10u3
Distribution: buster-security
Urgency: high
Maintainer: Debian PHP PEAR Maintainers <pkg-php-pear@lists.alioth.debian.org>
Changed-By: Guilhem Moulin <guilhem@debian.org>
Changes:
 php-phpseclib (2.0.30-2~deb10u3) buster-security; urgency=high
 .
   * Non-maintainer upload by the LTS Security Team.
   * Fix CVE-2024-27354: An attacker can construct a malformed certificate
     containing an extremely large prime to cause a denial of service.
   * Fix CVE-2024-27355: When processing the ASN.1 object identifier of a
     certificate, a sub identifier may be provided that leads to a denial of
     service.
Checksums-Sha1:
 37c98a8911f0e91a486152d48f1527391bae423a 2173 php-phpseclib_2.0.30-2~deb10u3.dsc
 ac43e7cf9a66414781a0d58937abb098c576d20a 169624 php-phpseclib_2.0.30-2~deb10u3.debian.tar.xz
 54908115eea76e493be7516bd668f7cb2d0e3c41 7665 php-phpseclib_2.0.30-2~deb10u3_amd64.buildinfo
Checksums-Sha256:
 4c175869c83585de2a2bcc3097658a8e9daa64980319c6240341b695257e8a9f 2173 php-phpseclib_2.0.30-2~deb10u3.dsc
 59080097ace85b6e9fe88681caf4b2184cc733bb093e38e06b33e794f908b555 169624 php-phpseclib_2.0.30-2~deb10u3.debian.tar.xz
 c79113ce7a3639d1f90c1ae5b1f1c5224e0b0fedda30f2435632dd5fb8456c46 7665 php-phpseclib_2.0.30-2~deb10u3_amd64.buildinfo
Files:
 8fd73c05cd85f764d383f8f106423b2e 2173 php optional php-phpseclib_2.0.30-2~deb10u3.dsc
 0dce4210cd16375d94101741b52b5614 169624 php optional php-phpseclib_2.0.30-2~deb10u3.debian.tar.xz
 14a3cdf196e0a634374f003352b7e4b7 7665 php optional php-phpseclib_2.0.30-2~deb10u3_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEERpy6p3b9sfzUdbME05pJnDwhpVIFAmXnE7oACgkQ05pJnDwh
pVLsEg/+O9EwRY8hPrSsL9PXgl1ufXGk0kapUyLqVBs0gPom48SMrBG6/O8Xloww
pxoHxyfDxHpl0ToriAlf6J51cfVTfloGEbSYN1qj+SXvndXivq2Bqjqv6Th/W8Em
YOVg2fq5fIep0ltTkXyk2DwoKMO4ilZ82loQVGwm4jWy+S4bth3EmP4GasUHbUV6
cLiyB/KVaTpW8sQ0GMhTPXEsw2Nj0/TNgmKgCnmOtC2bZNVXkOAwKd1rY1aOL5gJ
03fKfL7rOztb7zSmBahPHCAAMtpoQOckn+0aLSt1ElMBWU7uGcLmZjzCGSWFWVRi
gwfumzP7XfwX7J2pgUIhynBXfTxELMifHezqiLiC8AVoHEtIIT+znRxAzI+1+whL
CeTqEUhS8UtH1VDUwCp/NK3GBf90BKHhN2Y8esWO6hLy3ZrRXZ32LFfvp2q4mBQF
gtDuo/39b4TA9okIkqBm74D+RqrvAIFXlmJiNwinJCktvh4QwADwxMv4K3RagAnM
I9B7AUQQfdwILbhc+d5/SP1q/fNVTN4e0niX2cuqW2Po5G77o/05rqdVl+HHPuQ4
r5PDy5B7yV+rMQ778WWJYmeJwuVM8kKUDUODsn7UoDb1NhbZSBbnJgmqswc2BUFJ
teQJPswJx4mu4jHnnzIygSQPMnP+AMWhm4iqBrwtInZbUM3+d4k=
=TYcT
-----END PGP SIGNATURE-----

News for package php-phpseclib