[ubuntu/hirsute-proposed] php7.4 7.4.11-1ubuntu1 (Accepted)

Dimitri John Ledkov xnox at ubuntu.com
Mon Nov 16 10:37:15 UTC 2020 

php7.4 (7.4.11-1ubuntu1) hirsute; urgency=medium

  * Merge with Debian unstable. Remaining changes:
    - d/control, d/control.in: Conflict with mod-php from php7.2 and
      php7.3 to ensure safe upgrade path for apache2.
      (LP 1850933)
    - libapache2-mod-php.postinst.extra: Disable other mod-php versions.
      Fixes failure when upgrading from previous versions of mod-php.
      (LP 1865218)

  * Dropped changes, applied upstream:
    * SECURITY UPDATE: Incorrect encryption data
      - debian/patches/CVE-2020-7069.patch: fix wrong ciphertext/tag
        in AES-CCM encryption for a 12 bytes IV in ext/openssl/openssl.c,
        ext/openssl/tests/cipher_tests.inc, ext/openssl/openssl_*_ccm.phpt.
      - CVE-2020-7069
    * SECURITY UPDATE: Possibly forge cookie
      - debian/patches/CVE-2020-7070.patch: do not decode cookie names anymore
        in main/php_variables.c, tests/basic/022.phpt, tests/basic/023.phpt,
        tests/basic/bug79699.phpt.
      - CVE-2020-7070

php7.4 (7.4.11-1) unstable; urgency=medium

  * New upstream version 7.4.11

php7.4 (7.4.10-1) unstable; urgency=medium

  * New upstream version 7.4.10
  * Lower the minimal debhelper dependency to >= 9.20150101~
  * Use libenchant-dev as Build-Depends alternative to libenchant-2-dev
  * Remove deprecated calls from enchant-2 (Closes: #954855)

php7.4 (7.4.9-2) unstable; urgency=medium

  * Pull upstream patch for enchant-2 and change build-dep (Closes: #954855)

Date: Mon, 16 Nov 2020 10:33:36 +0000
Changed-By: Dimitri John Ledkov <xnox at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/php7.4/7.4.11-1ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 16 Nov 2020 10:33:36 +0000
Source: php7.4
Architecture: source
Version: 7.4.11-1ubuntu1
Distribution: hirsute
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Dimitri John Ledkov <xnox at ubuntu.com>
Closes: 954855
Changes:
 php7.4 (7.4.11-1ubuntu1) hirsute; urgency=medium
 .
   * Merge with Debian unstable. Remaining changes:
     - d/control, d/control.in: Conflict with mod-php from php7.2 and
       php7.3 to ensure safe upgrade path for apache2.
       (LP 1850933)
     - libapache2-mod-php.postinst.extra: Disable other mod-php versions.
       Fixes failure when upgrading from previous versions of mod-php.
       (LP 1865218)
 .
   * Dropped changes, applied upstream:
     * SECURITY UPDATE: Incorrect encryption data
       - debian/patches/CVE-2020-7069.patch: fix wrong ciphertext/tag
         in AES-CCM encryption for a 12 bytes IV in ext/openssl/openssl.c,
         ext/openssl/tests/cipher_tests.inc, ext/openssl/openssl_*_ccm.phpt.
       - CVE-2020-7069
     * SECURITY UPDATE: Possibly forge cookie
       - debian/patches/CVE-2020-7070.patch: do not decode cookie names anymore
         in main/php_variables.c, tests/basic/022.phpt, tests/basic/023.phpt,
         tests/basic/bug79699.phpt.
       - CVE-2020-7070
 .
 php7.4 (7.4.11-1) unstable; urgency=medium
 .
   * New upstream version 7.4.11
 .
 php7.4 (7.4.10-1) unstable; urgency=medium
 .
   * New upstream version 7.4.10
   * Lower the minimal debhelper dependency to >= 9.20150101~
   * Use libenchant-dev as Build-Depends alternative to libenchant-2-dev
   * Remove deprecated calls from enchant-2 (Closes: #954855)
 .
 php7.4 (7.4.9-2) unstable; urgency=medium
 .
   * Pull upstream patch for enchant-2 and change build-dep (Closes: #954855)
Checksums-Sha1:
 1e66e59702adccaffa940d9b8eae5fd1aef64180 5598 php7.4_7.4.11-1ubuntu1.dsc
 79e7bed05b2878e1f25d6a59dae0ea075645ffde 10302076 php7.4_7.4.11.orig.tar.xz
 27d90b5c4c4e84eb13da8397f0145a424b5fe083 68864 php7.4_7.4.11-1ubuntu1.debian.tar.xz
 703d9e5b7b53b4ed358b042dc8c0aaec4927318c 14904 php7.4_7.4.11-1ubuntu1_source.buildinfo
Checksums-Sha256:
 fe680e8f576c8eaeb5165f3e9005c217df8f76d0457080782619b9dff2b65d37 5598 php7.4_7.4.11-1ubuntu1.dsc
 5d31675a9b9c21b5bd03389418218c30b26558246870caba8eb54f5856e2d6ce 10302076 php7.4_7.4.11.orig.tar.xz
 efaa14204c978ad56be28e816c01fda6b0675ce30b348f1fdce40bb8376c9456 68864 php7.4_7.4.11-1ubuntu1.debian.tar.xz
 8fb48e5a0a7be8cdb046cad6a013d6b23a27712f5700cf3b292619acf89f85fc 14904 php7.4_7.4.11-1ubuntu1_source.buildinfo
Files:
 896e111eeaca6b5936fdf301971cf173 5598 php optional php7.4_7.4.11-1ubuntu1.dsc
 b5e71eecc529621262bbdf5e4bb4986c 10302076 php optional php7.4_7.4.11.orig.tar.xz
 cf3d283306876408b2277d6a713e8181 68864 php optional php7.4_7.4.11-1ubuntu1.debian.tar.xz
 4c14854ec36106807de0b1b2083da59c 14904 php optional php7.4_7.4.11-1ubuntu1_source.buildinfo
Original-Maintainer: Debian PHP Maintainers <team+pkg-php at tracker.debian.org>

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE7iQKBSojGtiSWEHXm47ISdXvcO0FAl+yVdQACgkQm47ISdXv
cO3Njw//QDEqhQBQCN/qdpDfEkC2QFHoMP/+buT268ub/qquqdTL0yiIDWckrujs
aKPkCPZhQeeFoOUJ2P/Lb6Kp2EGMBcpU6zHwiRFQM4lvFYDUaia6s6uiLvlY6NeK
8cPnIkhiXp/0DJ2TXV1alkdQI7JoUj+LVKKcYH1z+/C7uC2Pt3+1xnSVOtuOTTuu
aZso3EzcMeMCFjCGPMj9l9ZsFki0aD9XLfH58zEy35CYTeBN2rF6Dsp7UDN2HQU/
hOrIIxUcnFnQSUoDuR1LkSBTl8qIFdMAJJT32cPA3ll4b+Ja7fhcoSE5oa8HEu/x
M/MEU2ivgSAyKyiqnb0xwficmE/2bbzOE8oNcYQtaIto012pNQa4D5IWSsAOVAhq
7Nj51tqq4cG/SJgPaYGZVnXKscgWzGGNzDCOOn/MlAIF3hgPzE2iULZMq8Z0Ks+m
m95FlUHoZ2clzEmXx6k7alaReT7w68mE9a+Rd+IpIBcehQyl6ROx78kb37M4rSMr
UeHxntdbUawuXSCxYUK1AcdLzktU04dAIFA0KEaK9zROTjhEWx1+K9UbfGpJF/an
uDIE8neFeaM+W/2osE7UVtkiII0qQDY0CFnWCie4bcdhf2CVKNr4IA0M7L3QwVmU
i+stWixGL44zkN00ag/Y3/MgDWDt4fPWvBMgtBNXtxp0rnXzep8=
=pR0U
-----END PGP SIGNATURE-----

More information about the Hirsute-changes mailing list