-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Tue, 27 Feb 2024 21:15:41 +0100 Source: php-phpseclib Architecture: source Version: 2.0.30-2+deb11u2 Distribution: bullseye Urgency: medium Maintainer: Debian PHP PEAR Maintainers <pkg-php-pear@lists.alioth.debian.org> Changed-By: David Prévot <taffit@debian.org> Changes: php-phpseclib (2.0.30-2+deb11u2) bullseye; urgency=medium . * Backport upstream fixes - BigInteger: put guardrails on isPrime() and randomPrime() [CVE-2024-27354] - BigInteger: rm visibility modifiers from static variables - ASN1: limit OID length [CVE-2024-27355] - Tests: updates for phpseclib 2.0 - BigInteger: phpseclib 2.0 updates - BigInteger: fix getLength() Checksums-Sha1: 7e3c0c49a3d44717db4b26675a507f2193d1e1c3 1842 php-phpseclib_2.0.30-2+deb11u2.dsc d65c987f06efc1a5bd00f5b6383715e0dc21591b 170124 php-phpseclib_2.0.30-2+deb11u2.debian.tar.xz 2a7487d8eb2720137504b3baf2724ce6b618f73e 8104 php-phpseclib_2.0.30-2+deb11u2_amd64.buildinfo Checksums-Sha256: 4693eac35c7d4f5376dc135213b1ff5a8112086d25d0e443214f9b78b45b8476 1842 php-phpseclib_2.0.30-2+deb11u2.dsc 7d9d2842b32d9aeddd9a5ea1b6abb8f02ad47c5f23aad6e59b45d96ca5a3a2d6 170124 php-phpseclib_2.0.30-2+deb11u2.debian.tar.xz 0939052a192f9994b81bc416187e3b1a2e7b99e25d95b4c6784cbc1d9d425b4a 8104 php-phpseclib_2.0.30-2+deb11u2_amd64.buildinfo Files: 1bfeb18e466a900c0bf8606c2d356e8d 1842 php optional php-phpseclib_2.0.30-2+deb11u2.dsc f72476ca8a0c394d9d3ee60ac4c147cf 170124 php optional php-phpseclib_2.0.30-2+deb11u2.debian.tar.xz ef5146c66828bbd46758947578d0d99f 8104 php optional php-phpseclib_2.0.30-2+deb11u2_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQFFBAEBCAAwFiEEeHVNB7wJXHRI941mBYwc+UT2vTwFAmXi/vASHHRhZmZpdEBk ZWJpYW4ub3JnAAoJEAWMHPlE9r08jx4H+Ke4rcSjfE1ABelZtxi2i5BfFQR3EChX bo7+J5sTwAB/TrMQ2Q4tPNpv9IcyJ4ow1SAEaui0wV3QAh3hoYzXK5Nf/o7s4anC /mztz6IrkdihuSyTMmQBxvJqnAxPZGaJEkt3pvN+a40dE8K2gL5sVF2YR+P2ZQGM jOR0vygb5UIWXFZdUAgaMnAJkFs7Q8vpyC7JioKqG6fcKTJb2nJk6O0pNfbzXGi6 GZpqG8p1XdcrxBLI4TjZ/XhIGw1h4Zz0gduoR09h+guIXAH2W7iPpWjiGfz+GO6v VLZEi7piu5u3orsprpK8leMwOSt0bc7w8akMX61glp9nDEddQYYcOQ== =Q45y -----END PGP SIGNATURE-----