Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <dispatch@tracker.debian.org> , <debian-lts-changes@lists.debian.org>
Subject: Accepted php7.4 7.4.33-1+deb11u7 (source) into oldstable-security
Date: Sun, 08 Dec 2024 12:20:23 +0000
Signed by: Guilhem Moulin <guilhem@debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 07 Dec 2024 23:44:42 +0100
Source: php7.4
Architecture: source
Version: 7.4.33-1+deb11u7
Distribution: bullseye-security
Urgency: high
Maintainer: Debian PHP Maintainers <team+pkg-php@tracker.debian.org>
Changed-By: Guilhem Moulin <guilhem@debian.org>
Closes: 1088688
Changes:
 php7.4 (7.4.33-1+deb11u7) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the LTS Team.
   * Fix CVE-2024-8929: Partial content leak of the heap through heap buffer
     over-read in mysqlnd. (Closes: #1088688)
   * Fix CVE-2024-8932: Out-of-bound write in ldap_escape(). (Closes: #1088688)
   * Fix CVE-2024-11233: Single byte overread with
     convert.quoted-printable-decode filter. (Closes: #1088688)
   * Fix CVE-2024-11234: Configuring a proxy in a stream context might allow
     for CRLF injection in URIs. (Closes: #1088688)
   * Fix CVE-2024-11236: Out-of-bound writes in in the firebird and dblib
     quoters due integer overflow. (Closes: #1088688)
   * Fix GHSA-4w77-75f9-2c8w: Heap-Use-After-Free in sapi_read_post_data()
     Processing in CLI SAPI Interface.
Checksums-Sha1:
 deb2d7919650d44668038cbbcb1bc47c8fff435f 5698 php7.4_7.4.33-1+deb11u7.dsc
 4f3e3bea8415cfdaefedc1a475921c3ffa15b3d4 105156 php7.4_7.4.33-1+deb11u7.debian.tar.xz
 56972e9bab2a908d3ed2e2d9c8d5021dc66775fb 35542 php7.4_7.4.33-1+deb11u7_amd64.buildinfo
Checksums-Sha256:
 461678b0292f35a104a1a4c5e8cc60a8a97dedce34072fcd8af371a7b8091695 5698 php7.4_7.4.33-1+deb11u7.dsc
 37d4c35da951235acc523345671b637fb69d3fc270bb353b846fecfc08611b14 105156 php7.4_7.4.33-1+deb11u7.debian.tar.xz
 58b6ec17656d8fa0d572f2bdee7de74c8f1c4aed9a304cfd62f10736b79e8f26 35542 php7.4_7.4.33-1+deb11u7_amd64.buildinfo
Files:
 01267419c8fee174d5092965e284162c 5698 php optional php7.4_7.4.33-1+deb11u7.dsc
 bf82af06afb6ac0934543c1dd30d3e69 105156 php optional php7.4_7.4.33-1+deb11u7.debian.tar.xz
 40e174d19265302a4d2fb79d1464e201 35542 php optional php7.4_7.4.33-1+deb11u7_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEERpy6p3b9sfzUdbME05pJnDwhpVIFAmdU6IMACgkQ05pJnDwh
pVJu/hAAk7W2yIywp3/fFjRETAcUSMWhw/io6HYQAlOCN+AM8IzCuGcI8K7KICQh
FTTnFWCaDmXZJXGGuMGmzdJhM/2Y4haDhHMtEyeQ8qyr99esaSvUXIbROPoNbXFO
nVkblOwSjqWV/2DTbaYdHsVUgSBE0/PgAEpqRIwekaOMFJ363VNekdUWPbXhptBp
GDX1Mv8i3KBxwYUZtH6aHMY2cbLVqFH3NcLJXVjIL/WzR50BzxecThosXRy+ILfa
+kDWVvV5rLr2R/V1Zg1L8AyDSmBJf4WYi6m5OIsvbnx75JXENZqHNfWW7tSpKD57
OJ0kQO0mQBTStt6BrD2iEdds4UlJmPfvyz42sQYyzb8rvD23HeVxdJ0SyWKaVeOo
6cTgK8D1tpXk/hNZfm4qonIR4/SEfojesmAucINkBrsXaquWoP4bZ1pLM2kDspFr
MSULxg5Os2l85GZz1AHUxTqQp6tdILpWRmaFLdxHms9SA5G4Wu2EW3KUlg2HliCl
ZbsqobR30BcVp1OCq5TBGCORAkupg0QMIpNVdLIBOF6qLr0xt9VIeC7KfM9E2HSG
fBXSg3Pm6DKwShREFYumZg110FKy5FcmVuXKhL5vYf7ifJo0iRpkByES+HnP2vwn
jNt1u+3FuW/VfOVvRwB+ulaPaal1zBe7eJOtjKYub64Fkam418w=
=KCk/
-----END PGP SIGNATURE-----

News for package php7.4