Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > linux.debian.changes > #13766

Accepted php8.4 8.4.21-1~deb13u1 (source) into proposed-updates

From Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Newsgroups linux.debian.changes
Subject Accepted php8.4 8.4.21-1~deb13u1 (source) into proposed-updates
Date 2026-05-16 21:40 +0200
Message-ID <MVt1D-5Du6-3@gated-at.bofh.it> (permalink)
Organization linux.* mail to news gateway

Show all headers | View raw

[Multipart message — attachments visible in raw view] - view raw

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 08 May 2026 07:56:48 +0200
Source: php8.4
Architecture: source
Version: 8.4.21-1~deb13u1
Distribution: trixie-security
Urgency: high
Maintainer: Debian PHP Maintainers <team+pkg-php@tracker.debian.org>
Changed-By: Ondřej Surý <ondrej@debian.org>
Changes:
 php8.4 (8.4.21-1~deb13u1) trixie-security; urgency=high
 .
   * New upstream version 8.4.21
    + [CVE-2026-7263]: Dom\XMLDocument::C14N() emits duplicate xmlns
      declarations after setAttributeNS()
    + [CVE-2026-29078, CVE-2026-29079]: Upgrade to lexbor v2.7.0
    + [CVE-2026-6735]: XSS within status endpoint
    + [CVE-2026-7259]: Null pointer dereference in php_mb_check_encoding()
      via mb_ereg_search_init()
    + [CVE-2026-6104]: Out-of-bounds access in mbfl_name2encoding_ex()
    + [CVE-2025-14179]: SQL injection via NUL bytes in quoted strings
    + [CVE-2026-6722]: Stale SOAP_GLOBAL(ref_map) pointer with Apache Map
    + [CVE-2026-7261]: Use-after-free after header parsing failure with
      SOAP_PERSISTENCE_SESSION
    + [CVE-2026-7262]: Broken Apache map value NULL check
    + [CVE-2026-7568]: Signed integer overflow of char array offset
    + [CVE-2026-7258]: Consistently pass unsigned char to ctype.h functions
Checksums-Sha1:
 bf7c18ffa03d9d3ecdbc749eb8f8307981407170 5619 php8.4_8.4.21-1~deb13u1.dsc
 f8a4690b8b3f1c231c111aaf70c7018f07d85dc9 13718684 php8.4_8.4.21.orig.tar.xz
 d5029b47e5df829630ee2df4693dffa9426aea8c 265 php8.4_8.4.21.orig.tar.xz.asc
 f6d644115bc6cdbc0592dc81c9b2cb84552c7155 74632 php8.4_8.4.21-1~deb13u1.debian.tar.xz
 e660ab5d2c142ad883b0df6c48c584e8e239a9ad 34165 php8.4_8.4.21-1~deb13u1_amd64.buildinfo
Checksums-Sha256:
 b21423ed946e35ee62a97de0c344e7fc2c2c8c4ef67dcd476dc677d1f4846e5b 5619 php8.4_8.4.21-1~deb13u1.dsc
 7cf5d8ab12c3b2016875bcfaec71bef1ef0b07bed6148f2c447577074431f984 13718684 php8.4_8.4.21.orig.tar.xz
 d881c47bbbe1d6e8f4ef1b247894dc67ece6127e91661ca0903a81143bfe4a25 265 php8.4_8.4.21.orig.tar.xz.asc
 7c6583a2fe9cbe5e140a02297ddcfa3541ab481dea51aca7490df2eed8cf8499 74632 php8.4_8.4.21-1~deb13u1.debian.tar.xz
 a313fe20709cd3f9f696a1a3e0788c1d910a3f0891487e2854c126fc71b3e8b5 34165 php8.4_8.4.21-1~deb13u1_amd64.buildinfo
Files:
 c791552f964c946d0350a335cf82f460 5619 php optional php8.4_8.4.21-1~deb13u1.dsc
 60dc752b6bb6ab1c8e8fd930d94c199f 13718684 php optional php8.4_8.4.21.orig.tar.xz
 3b47a8c0c849b79200cb5d78ddfccced 265 php optional php8.4_8.4.21.orig.tar.xz.asc
 82e64b1cd4f3620e431fc1a4c5e9b530 74632 php optional php8.4_8.4.21-1~deb13u1.debian.tar.xz
 295441049a5413990cee09e67053426e 34165 php optional php8.4_8.4.21-1~deb13u1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEEw2Gx4wKVQ+vGJel9g3Kkd++uWcIFAmn9iJNfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEMz
NjFCMUUzMDI5NTQzRUJDNjI1RTk3RDgzNzJBNDc3RUZBRTU5QzIACgkQg3Kkd++u
WcINehAAo2RvdcK4m421gddhL4tjMccvI0hVVTRB1Sc2UL1W78+WtZXG7rLa0Apc
CF2CaKPfks+VYRcIBY54s6SNh3xCAmjPHN/LX4hP+Tb9l3VvNv2God6zzuP9JD+a
y1IKA1x6mo5FqM3MsEOthbsxocXKEu5W5BbAj57wG3dg7O5/7P3bo7uKcrc4HwYM
D4mpY76TRWk0uJ09cOGEN5vCO3Hr7+oTWMRKNfAIbIMdlakfcrIgm+Pk/IVO7LVL
QebiVj6UyAv/w2PqWJZBg4EkGFY9ceaAKifICbnLURwpkcocjWVbQhKzqEHsJvEq
M5OtIMC46+HbC9svF9ZVaVSgsRrP3K1YGXC/3Hu5C2mD96Z0N1sdgEzdFF9Jq0VG
aSCEYyMk9qLhOClGVgaUljdp80SmhidVnKKNOy5RiDVIWM9EfqGdPK9/m/Z2U1Mc
3SOI4/MavlRbk+b4eC23GQSlfXgBmFUjHKqN01q9PsNZWVy+/62PWm/2mVwCgpDo
+xQJYDgYvzUhHbrxL4GJ8QUwdM6iFUO2fiMqrrzEdAS+X1SSHFzabPi/JgT4AfU0
DuD9hnb9ZzdVfdgciaHv8HmMs4ovuTBtuVOmlPmiATBk1870ogejILszBl6YGT/s
TX9jUkt4P9XDp00aDzeOVTE6Kf6Tk8DJti67IaE7OnjzyXYpM7k=
=8pvy
-----END PGP SIGNATURE-----

Back to linux.debian.changes | Previous | Next | Find similar

Thread

Accepted php8.4 8.4.21-1~deb13u1 (source) into proposed-updates Debian FTP Masters <ftpmaster@ftp-master.debian.org> - 2026-05-16 21:40 +0200

csiph-web