Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-devel-changes@lists.debian.org>
Subject: Accepted php8.2 8.2.24-1 (source) into unstable
Date: Fri, 27 Sep 2024 05:22:24 +0000
Signed by: Ondřej Surý <ondrej@debian.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 27 Sep 2024 05:52:57 +0200
Source: php8.2
Architecture: source
Version: 8.2.24-1
Distribution: unstable
Urgency: medium
Maintainer: Debian PHP Maintainers <team+pkg-php@tracker.debian.org>
Changed-By: Ondřej Surý <ondrej@debian.org>
Changes:
 php8.2 (8.2.24-1) unstable; urgency=medium
 .
   * New upstream version 8.2.24
    + [CVE-2024-8926]: Bypass of CVE-2024-4577, Parameter Injection
      Vulnerability
    + [CVE-2024-8927]: cgi.force_redirect configuration is bypassable due
      to the environment variable collision
    + [CVE-2024-8927]: Logs from FPM childrens may be altered
    + [CVE-2024-8925]: Erroneous parsing of multipart form data
Checksums-Sha1:
 7eff278cbfe6024dcaffbb713a00956376d62b1f 5656 php8.2_8.2.24-1.dsc
 02297c35cca13de4a5d1aee841f1faeb70740c9f 12110000 php8.2_8.2.24.orig.tar.xz
 94083664dafa297e200c8ad781d84de41cbe36ca 858 php8.2_8.2.24.orig.tar.xz.asc
 01b3281e99101eb0b78f176283ff5150e7f6feb1 70748 php8.2_8.2.24-1.debian.tar.xz
 509f901bf3bc8a3441abd31d72a0558e75596ccf 34466 php8.2_8.2.24-1_amd64.buildinfo
Checksums-Sha256:
 f8914a50d55239a227565b1ecde58762f4afd286719fbf8c786e5e096e561eac 5656 php8.2_8.2.24-1.dsc
 80a5225746a9eb484475b312d4c626c63a88a037d8e56d214f30205e1ba1411a 12110000 php8.2_8.2.24.orig.tar.xz
 e9772a68ba37080260ec8a839074b46552db807bb8dfc18a00d7a47f46edbc50 858 php8.2_8.2.24.orig.tar.xz.asc
 b5ef1acad4ea8a6c65cc6491468d36a9b0a87bc0d222aecb22ef5364fdb120a8 70748 php8.2_8.2.24-1.debian.tar.xz
 36ab9983c7ae8bb06a9a8f51fe5bd27e26fe69ffd52c6bcdbc1deda3fee411be 34466 php8.2_8.2.24-1_amd64.buildinfo
Files:
 883600d1247adad94cc5d024c656676a 5656 php optional php8.2_8.2.24-1.dsc
 fff29ce84f5b4ddfc2063f7b2021fce2 12110000 php optional php8.2_8.2.24.orig.tar.xz
 79cd78f08e27826f00e81389b5962b15 858 php optional php8.2_8.2.24.orig.tar.xz.asc
 26d3821c24e747350ddb3feb620a9261 70748 php optional php8.2_8.2.24-1.debian.tar.xz
 6aebeed8a605db09d5f07abb85422180 34466 php optional php8.2_8.2.24-1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEEw2Gx4wKVQ+vGJel9g3Kkd++uWcIFAmb2OotfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEMz
NjFCMUUzMDI5NTQzRUJDNjI1RTk3RDgzNzJBNDc3RUZBRTU5QzIACgkQg3Kkd++u
WcJr6Q/+JYf3ebb6JbvphDNUB8Gwp+XzVSRpKTE+nUynU+YCN5tXY5L43KOxYuzp
Z9v5yAAjCIuJLI12RV8R905gHavJo+SVHNMuKk4SUfPLdQClSqHr8FfrAeBES/Yc
8dFZE9JWDbMe2E6P41wiC1fk5X4bUB2zr2IB944ollzMrP7Rukk1NGOnY5rhoYbQ
ju+AP7VOEqtQ+i+hsrXApgdu8qHrUMtWc+c29BpWh3XNMBoNelFWH0yoz0QRui7X
3DSuDAQbiPavprJUxa0ja44QSk+WElUvO5tAWlit038e0+kawk1U/KiZCLhjiimw
qDAem+KcoJOt4BgHZ5d3gOBlNKSJKM6Byyhcg1GZQDIGOhB0+gFuWADyNZgTumtY
u4L7HtMPGNgST7//dlHUwuSstFhlDPXWPA58r90WIe2sorrPKoZI5/H50i8VEt+R
UnCjlEggKjjWaZN1X05sZ6JuJPoPZJ8mgpPIMuJr6jSQz9/FKEtnTW1a8douBeAX
xZuIUC8/wpqmIj0dFdvQBS4EIux02oHvD/5/kJ/mpuAuYqDKumWeKR8/2Kg9Ac76
pi+7XEsTx4i1ZWsZtQbAf/jjlIfsMmR26XtayWReH2M3hATy3WFA2iGtWRVk/Ogr
knr8j5V4ipVrAmVUdkWqs6BjkMlK9Z+nt4Mw6ZheDCo2uLEUWck=
=xsPB
-----END PGP SIGNATURE-----
News for package php8.2
