-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 25 Nov 2024 18:21:51 +0100
Source: php8.2
Architecture: source
Version: 8.2.26-1~deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: Debian PHP Maintainers <team+pkg-php@tracker.debian.org>
Changed-By: Ondřej Surý <ondrej@debian.org>
Changes:
 php8.2 (8.2.26-1~deb12u1) bookworm-security; urgency=high
 .
   * New upstream version 8.2.26
    + Heap-Use-After-Free in sapi_read_post_data Processing in CLI SAPI Interface.
    + [CVE-2024-8929]: Leak partial content of the heap through heap buffer
      over-read.
    + [CVE-2024-8932]: OOB access in ldap_escape.
    + [CVE-2024-11233]: Single byte overread with
      convert.quoted-printable-decode filter.
    + [CVE-2024-11234]: Configuring a proxy in a stream context might allow
      for CRLF injection in URIs.
    + [CVE-2024-11236]: Integer overflow in the dblib quoter causing OOB
      writes.
    + [CVE-2024-11236]: Integer overflow in the firebird quoter causing OOB
      writes.
   * Revert "ext/gmp: gmp_pow fix FPE with large values" upstream patch
Checksums-Sha1:
 d7a665d5468c2642ddabf1563c35633441366407 5726 php8.2_8.2.26-1~deb12u1.dsc
 6d930bd37b7e513bbc8e27da03f478168a960614 12138868 php8.2_8.2.26.orig.tar.xz
 6bdf7052a3d85882d8ccb4b359d6555474f13d57 858 php8.2_8.2.26.orig.tar.xz.asc
 89272e76bf7e7a751ac022474e75aa33c2c4bbc8 71316 php8.2_8.2.26-1~deb12u1.debian.tar.xz
 a96864e146e729f179d1a9fa40d521dbc0af9336 34628 php8.2_8.2.26-1~deb12u1_amd64.buildinfo
Checksums-Sha256:
 bfe887c4418c62e47038a065c82f5090927827dcd90e9af1565a46eac7bb6564 5726 php8.2_8.2.26-1~deb12u1.dsc
 54747400cb4874288ad41a785e6147e2ff546cceeeb55c23c00c771ac125c6ef 12138868 php8.2_8.2.26.orig.tar.xz
 ea2ef0dcdcec97a56fe23b8a5ab00033029548e0a45dbdbc1fcb45a89e62f41d 858 php8.2_8.2.26.orig.tar.xz.asc
 d941806f1eca3c322ff7d89602493c9a87166e498b75339885f0040131eec181 71316 php8.2_8.2.26-1~deb12u1.debian.tar.xz
 7c41963e984fdad40f431bfe1fa69c80c43d1fafa3e7e409fcf00dc583b24662 34628 php8.2_8.2.26-1~deb12u1_amd64.buildinfo
Files:
 224a7840af709edfdc2a9b8ed38b1e0a 5726 php optional php8.2_8.2.26-1~deb12u1.dsc
 8c3b0663f8ab02464a0c64bbd5a4b877 12138868 php optional php8.2_8.2.26.orig.tar.xz
 2b17755eab5f4db6005c12cacf91b781 858 php optional php8.2_8.2.26.orig.tar.xz.asc
 5d0ecedf9a1b6af2770c976a15bdc6aa 71316 php optional php8.2_8.2.26-1~deb12u1.debian.tar.xz
 a951c98e5879ca1ef74347a108378a76 34628 php optional php8.2_8.2.26-1~deb12u1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEEw2Gx4wKVQ+vGJel9g3Kkd++uWcIFAmdFiAFfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEMz
NjFCMUUzMDI5NTQzRUJDNjI1RTk3RDgzNzJBNDc3RUZBRTU5QzIACgkQg3Kkd++u
WcJdwxAAkeItFg7ViIfJ9ysLWajG8Vs9YeJoO6mO15XPQVLJ/mwZ7ML5t9//APIS
biU0bDGBM5t1VS+MdtjIHV5Zd8/u7oAz+IhD/BZnBxwlo2pqSwZBCEMyNNnrBCeW
c4guSkY7lQJWPYQws3YRNs29XBPuV7dTXFe/Td1a0J16RmCGb32n2ndfHyjUWgDH
oGmIVYbAb2iyqN8P57uq5H1K0wtLO3Au2PA0r+9pgQdCRWBrBvbaZDEQkLjuq19w
a5Me3zlN2ocFWlwa7e2VhHSZCluYwEFC5UXazlRuIAuPf7nL6YP11ECKExJUrhV7
p3Th1R05uvnpzGWn5w/AcJDM1a8sXQXbemxlNHRtOBOdIryPrsNKsYJXkHoEVyrN
ud8FbKgAEQWhpQc3ysCi1woiibx6+Uo63G9ZvU4NKQRiKCyy5YySjdlthY33YoW1
u9qoI0omxrWK5jVIjjdnJMt2JLHSAgihMPmpd7+GPJWLXoOVTMl8x//qAoklIjWs
Zq1bYgzT4Zo7OIaPeo7DOi2smtBL4+sMD/6q1vxR9PWuPqHGpEEoXXN8hQ8MxBp4
4FZuhubYlhLDG8D7nRt7ELTCWj3oj7RZ+CZGXxnnJrsMEDXOx+ASqRH5UQTFLuch
nTasgSbSRWcMyKpmzw8NyRwSQ6dbu6dgZkxEFs7LaMXJCBKtL0s=
=4WxE
-----END PGP SIGNATURE-----