Path: csiph.com!fu-berlin.de!bofh.it!news.nic.it!robomod
From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Newsgroups: linux.debian.changes
Subject: Accepted php8.2 8.2.31-1~deb12u1 (source) into oldstable-proposed-updates
Date: Sat, 09 May 2026 10:40:02 +0200
Message-ID: <MSLo6-3ObX-33@gated-at.bofh.it>
X-Original-To: debian-changes@lists.debian.org
X-Mailbox-Line: From debian-changes-request@lists.debian.org  Sat May  9 08:35:03 2026
Old-Return-Path: <envelope@ftp-master.debian.org>
X-Spam-Flag: NO
X-Spam-Score: -110.29
X-Dak: dak process-policy
X-Debian: DAK
X-Debian-Package: php8.2
Debian: DAK
Debian-Changes: php8.2_8.2.31-1~deb12u1_source.changes
Debian-Source: php8.2
Debian-Version: 8.2.31-1~deb12u1
Debian-Architecture: source
Debian-Suite: oldstable-proposed-updates
Debian-Archive-Action: accept
MIME-Version: 1.0
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="===============4137433171764399149=="
X-Debian-Message: from DAK
Reply-To: debian-devel@lists.debian.org
Mail-Followup-To: debian-devel@lists.debian.org
X-Mailing-List: <debian-changes@lists.debian.org> archive/latest/18342
List-ID: <debian-changes.lists.debian.org>
List-URL: <https://lists.debian.org/debian-changes/>
List-Archive: https://lists.debian.org/msgid-search/E1wLd9B-000000039AY-1s1t@fasolo.debian.org
Approved: robomod@news.nic.it
Lines: 93
Organization: linux.* mail to news gateway
Sender: robomod@news.nic.it
X-Original-Date: Sat, 09 May 2026 08:34:53 +0000
X-Original-Message-ID: <E1wLd9B-000000039AY-1s1t@fasolo.debian.org>
Xref: csiph.com linux.debian.changes:13724

--===============4137433171764399149==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 08 May 2026 09:20:38 +0200
Source: php8.2
Architecture: source
Version: 8.2.31-1~deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: Debian PHP Maintainers <team+pkg-php@tracker.debian.org>
Changed-By: Ond=C5=99ej Sur=C3=BD <ondrej@debian.org>
Changes:
 php8.2 (8.2.31-1~deb12u1) bookworm-security; urgency=3Dhigh
 .
   * New upstream version 8.2.31
    + [CVE-2026-6735]: XSS within status endpoint
    + [CVE-2026-7259]: Null pointer dereference in php_mb_check_encoding()
      via mb_ereg_search_init()
    + [CVE-2025-14179]: SQL injection via NUL bytes in quoted strings
    + [CVE-2026-6722]: Stale SOAP_GLOBAL(ref_map) pointer with Apache Map
    + [CVE-2026-7261]: Use-after-free after header parsing failure with
      SOAP_PERSISTENCE_SESSION
    + [CVE-2026-7262]: Broken Apache map value NULL check
    + [CVE-2026-7568]: Signed integer overflow of char array offset
    + [CVE-2026-7258]: Consistently pass unsigned char to ctype.h functions
Checksums-Sha1:
 e6ad9c8ec1be92fce76041b255f81e499181e7d1 5726 php8.2_8.2.31-1~deb12u1.dsc
 4fa90b733e6a5f15a4ea97ca97adba561959f26b 12160520 php8.2_8.2.31.orig.tar.xz
 9ccd66cc9cffec9674ac1bccdcbbfb6df9638712 833 php8.2_8.2.31.orig.tar.xz.asc
 977f38ee4d5e2718c4f019aa93a494534c5f5301 70904 php8.2_8.2.31-1~deb12u1.debia=
n.tar.xz
 15839697be77cd0b3a9e6c40464261c3c3ecdfc6 35098 php8.2_8.2.31-1~deb12u1_amd64=
.buildinfo
Checksums-Sha256:
 96854a85bb6e4cad248210810c22a5ceaaecc96e1c910d2eab113062880d4d41 5726 php8.2=
_8.2.31-1~deb12u1.dsc
 95eae411d594fe6f6e5678b76645dc13ae47d3c0a5325c1d969b58dea56ee45a 12160520 ph=
p8.2_8.2.31.orig.tar.xz
 0531c7f681a552366956526d1fe84ffc2172a74aefa7adba1d0c78d5792464ef 833 php8.2_=
8.2.31.orig.tar.xz.asc
 4bb88921a5d9ce5846f1ce6f6e518e8326206cc6177d325a75057f03ebd836ab 70904 php8.=
2_8.2.31-1~deb12u1.debian.tar.xz
 3a79caf0650615f677c82295885c9c4deb7c98217d02c5e2493824ddecfd8b5b 35098 php8.=
2_8.2.31-1~deb12u1_amd64.buildinfo
Files:
 27252ff24e9e4e81883639f2c9da8c60 5726 php optional php8.2_8.2.31-1~deb12u1.d=
sc
 8037f989dc087b0f98456e7fa7e9fc5b 12160520 php optional php8.2_8.2.31.orig.ta=
r.xz
 a3ff1e886cbe72b77afe19e90ee6d7cc 833 php optional php8.2_8.2.31.orig.tar.xz.=
asc
 bc55b4a317a9fc602da3f42ffb6008af 70904 php optional php8.2_8.2.31-1~deb12u1.=
debian.tar.xz
 9f7d9a6dcf20b16db50cba7914ad509b 35098 php optional php8.2_8.2.31-1~deb12u1_=
amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEEw2Gx4wKVQ+vGJel9g3Kkd++uWcIFAmn9mrdfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEMz
NjFCMUUzMDI5NTQzRUJDNjI1RTk3RDgzNzJBNDc3RUZBRTU5QzIACgkQg3Kkd++u
WcJ1zQ/+LgbqqU94ypIVkaYlHeF807wOea2eeE7gHPBvCR6GfXc1bBY+JXtKfasj
z16dihu69trBsNVzVkoVTRa3Zz6wRM+gUxSFOus4HylAi4e0Y+QoX6dOec9UYoKM
w8oQhQQqCZ/m6bWm9dQxNBGJRujL/EvCophuP50v4FhMSKwwYMdmPjs0PKrC4BGN
WlS1Kmdg+jR/SLFuIyINxSrE3E3RVF/w9B1Zef953FGOQpyG5APoGvUjWSkwhGav
6WXxvZfmJUv6U3Bftc6TbUHBRu1L/MAzVF81MJJR1hRUxy2I8sDa2245FYgMyLlW
dvMpMoOjqWDsH+x9ikUw78JIuAbwhoIy87wLiLewCllqfNlL7ShznEPcXyuTSVGm
PGYFToCbtA2dxgaI4joDF6KZUuWX7J5V4Q11wRXqAVRI/gKtQn0lBK+nld0S97Ge
KWTp3hsrzlCkeo6000KUC0qzaoKbUJdi271C6d/7aP3k7VrKtIEnE6krAvqfMcOj
jHcLJHHpJIA3GFHo74eEqvSEOsd73KG8WvFDyLqetamj9yn7cDDrywLNZADKc+E6
RdWuPug8NR1iIKLozQ81RXUERzxMfKDrkVj8E/5gEdNQkoMR8Pqoa4uVFbiBJF6E
yX7aPm0IxPF0uhZAQEtF7MlE7YxSdU+Q/antYiaE+sL3MDdJuFk=3D
=3D6+0d
-----END PGP SIGNATURE-----


--===============4137433171764399149==
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----

iHUEABYIAB0WIQTziqJOuF8J+ZI8pJSb9qggYcy5IQUCaf7xrQAKCRCb9qggYcy5
IagCAP9rXbK2ttraIWwWLvIJNdIujS6OB5BLhfA30eSNz6iXrAD/Zhzzu8NaEqBd
PO1/I+yaK92e0gfafW4uQ8zgJZJ/Hww=
=Ekky
-----END PGP SIGNATURE-----

--===============4137433171764399149==--