Accepted php-crypt-gpg 1.6.4-2+deb11u1 (source) into proposed-updates->stable-new, proposed-updates
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Fri, 18 Feb 2022 22:17:29 +0100
Source: php-crypt-gpg
Architecture: source
Version: 1.6.4-2+deb11u1
Distribution: bullseye
Urgency: high
Maintainer: Debian PHP PEAR Maintainers <pkg-php-pear@lists.alioth.debian.org>
Changed-By: Guilhem Moulin <guilhem@debian.org>
Closes: 1005921
Changes:
php-crypt-gpg (1.6.4-2+deb11u1) bullseye; urgency=high
.
* Backport fix for CVE-2022-24953: Crypt_GPG <1.6.7 does not prevent
additional options in GPG calls, which presents a risk for certain
environments and GPG versions. (Closes: #1005921)
* d/gbp.conf, d/salsa-ci.yml: Target Bullseye release.
Checksums-Sha1:
2c08d3fd2d7d3913ff3575cef83e07ccc9aab9ab 2279 php-crypt-gpg_1.6.4-2+deb11u1.dsc
67d3095370504326fe829dd46ef18147910e999a 13180 php-crypt-gpg_1.6.4-2+deb11u1.debian.tar.xz
4e3b40ac2f168e92514fb9cf9ef80a87af254279 8320 php-crypt-gpg_1.6.4-2+deb11u1_amd64.buildinfo
Checksums-Sha256:
3e5e1dbe8253562560ccb3d4cae725f51c3605170793ee24d683a352e1687daa 2279 php-crypt-gpg_1.6.4-2+deb11u1.dsc
3150d2f2a66028aa1d02f14175516f888358c2dc04f4f749aae59c547df00ff4 13180 php-crypt-gpg_1.6.4-2+deb11u1.debian.tar.xz
8d222d058fef991fc51aa824aa81aaa3584cdf0209d44bb8a1261790c8c36cd1 8320 php-crypt-gpg_1.6.4-2+deb11u1_amd64.buildinfo
Files:
0362f81670e670301c8f1aee493fe53f 2279 php optional php-crypt-gpg_1.6.4-2+deb11u1.dsc
9ea37c0080db61fdc62d4ba08f4cb3ae 13180 php optional php-crypt-gpg_1.6.4-2+deb11u1.debian.tar.xz
a3bc1e0a168968014166ab3cf277d753 8320 php optional php-crypt-gpg_1.6.4-2+deb11u1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEERpy6p3b9sfzUdbME05pJnDwhpVIFAmIQDXgACgkQ05pJnDwh
pVJNHg/9EyxY2moFF/UWQSim+VfP/f+ACZO5iIcJk4Ws77Gq7A3pkhFKaYyPET8G
ntkZCLQCGVbRFsakJ0/htVSjf1bHzQNqK8SG2P6s4q4qXbtd6a0ienihSk4DO0vQ
0fOIFI2TnZi2jL6duBFwSHB7LmWhYkVp4D8uDicLG4qpAu6RjfF4xyAjmcGahs83
1wBkTNZurzr28h9iiOYe5w9Tlgdi4f6ihhy6j+FrTO6yP5YQfeCxsqGSc50q+xE6
uFCdtuqq5dpEUtxpb7SmZ8/DHZ277SNaTPJoXPISA/rC7FE6UOHlhOAU4lWrC5t2
on9niT28B71OliKwZjit8l33Rxd/WADAn71iQ7nNBPdX1B/FtZ6o3W0EzDTv3xwT
5M5SQYrksM32MAw+GnScpHZKk2Jxb+mvubPuMhrsSM8Zrb8xWsh3Qmtzw8tmMV4q
LL4fZEkTlVJPSzyqfJCSz2CA+jReJtK68aJS2oHsqlOtD1cTKHW1snnDTSHUIBei
4hpA/cBHiyvRvJ+WEbdfp1Ghw0gFDkqwGFbVmsxv5pw7ER7E1J14tJi8KpVmynxf
wnI8SBQMZIY208UfnxQ091lA/ZvuiOoOI6xgtLe6tOa1oQu+QNI2sgpRv75QHhsT
MPDguppSVweLey9z0Mx3H8iDHfAlRNd1euKBONmGO0nfMxnZYTY=
=MND6
-----END PGP SIGNATURE-----