Accepted php-horde-form 2.0.8-2+deb8u1 (source all) into oldstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sun, 16 Jun 2019 22:34:16 +0200
Source: php-horde-form
Binary: php-horde-form
Architecture: source all
Version: 2.0.8-2+deb8u1
Distribution: jessie-security
Urgency: high
Maintainer: Horde Maintainers <pkg-horde-hackers@lists.alioth.debian.org>
Changed-By: Markus Koschany <apo@debian.org>
Description:
php-horde-form - ${phppear:summary}
Changes:
php-horde-form (2.0.8-2+deb8u1) jessie-security; urgency=high
.
* Non-maintainer upload by the LTS team.
* Fix CVE-2019-9858:
The Horde Application Framework contained a remote code execution
vulnerability. A remote attacker could use this flaw to use image uploads
in forms to install and execute a file in an arbitrary writable location
on the server.
Checksums-Sha1:
79af5edbcfc1927e84bcafa42a3819ccb2191504 2182 php-horde-form_2.0.8-2+deb8u1.dsc
b1d79c632d5638dc808bab8338935627b6c1bc9d 192576 php-horde-form_2.0.8.orig.tar.gz
6799b92d8f2eb53bd1ffab3ee2ca20e3b1f5b1bb 2948 php-horde-form_2.0.8-2+deb8u1.debian.tar.xz
7e625aec6a729a083f181ba390819c91ccacbea0 139790 php-horde-form_2.0.8-2+deb8u1_all.deb
Checksums-Sha256:
b6dd6800db31606200d3d895d07ed79acbf2a84341017f8f258558c2c222df2e 2182 php-horde-form_2.0.8-2+deb8u1.dsc
c023ed7a5d5c08f1aaf10ab2a711405e11114d80b350b61992dc0a07e6010d37 192576 php-horde-form_2.0.8.orig.tar.gz
08b0c579e5541d365d3317ab62718dcf0192a6d556fdfc62cb03a86f45bae8f4 2948 php-horde-form_2.0.8-2+deb8u1.debian.tar.xz
c90d76b555aba5fde2f65693d9f07e245643dfd334ad7275d1d3aa6c3fc62843 139790 php-horde-form_2.0.8-2+deb8u1_all.deb
Files:
8ce3cb36d0985089682f9b2f7948bc94 2182 php extra php-horde-form_2.0.8-2+deb8u1.dsc
e7f7ac98c58d23762a2ce2c7580d3767 192576 php extra php-horde-form_2.0.8.orig.tar.gz
e1897c1e1e40dc5c080deea0faefa12d 2948 php extra php-horde-form_2.0.8-2+deb8u1.debian.tar.xz
6357e8198c3a79a1ed69d0b44c40c4e1 139790 php extra php-horde-form_2.0.8-2+deb8u1_all.deb
-----BEGIN PGP SIGNATURE-----
iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAl0GqrhfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp
YW4ub3JnAAoJENmtFLlRO1Hk9hMP/jIg32KH9Uj2XQoZhxz1YYXENXJrqJvBqYtB
xziRDZvKJfONYxO/ko4EmaB3OJvrxYoKppFq8uepH0oNIITDN0YqiXS6YDVqUtz1
86yVGvc3BUNubq5FbYnG8TfI3gcZVU0t5sNPyfBNYv83j42qhT8Yb65QbIjYgcyc
o7806LAqY2w1aVDsURwHEm6ORlO+otW23C3Z0lx2VsQtTKOWyc4PmWdhAtdmqC+8
OM1jRJq+7dzRT3W/kmbsOQZU3KkItuQbH5HjifFQsFtG68p8O3MaeqFgxjpuC9TI
z4/vTwCOTU6v9beZEy9J2N9ODFHCoAshWxFfMhIaXmFmWXLWQPotSyZznGnvIxL/
VaXemZ6vb25qDt86qr1pUNebMljKIFHto6ciy+tVclHFNIk0F3H+x0hQbTTD/4kd
S0ueg+MTFwa/BacFfBbuxXG8yhDAJH9SGSJ61XtOk3QnAytUcGhmK0tBurWZdEmE
dFJaeDAz+d7o7ycugJHyJEedr2G8ysvEwUA1+w97qOW4jFv1inhrJbWXZaTWL5UK
mG5OcLiSNswOTbusPilJ9RpnNdoXbiHTOzp60adj0p37xUcuetuuF74/bnEYVu9I
myABEuxKiJDcELJW1wtcMT8h2P56M8tHc0I0nXmJwm143zCef2sn4SR1yK6xQAuw
V5NB4LWF
=I6cR
-----END PGP SIGNATURE-----