Accepted php-horde-form 2.0.18-3.1+deb10u1 (source) into proposed-updates->stable-new, proposed-updates
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 24 Mar 2020 13:55:11 -0400
Source: php-horde-form
Architecture: source
Version: 2.0.18-3.1+deb10u1
Distribution: buster
Urgency: high
Maintainer: Horde Maintainers <team+debian-horde-team@tracker.debian.org>
Changed-By: Roberto C. Sanchez <roberto@debian.org>
Closes: 955020
Changes:
php-horde-form (2.0.18-3.1+deb10u1) buster; urgency=high
.
* Fix CVE-2020-8866:
The Horde Application Framework contained a remote code execution
vulnerability. An authenticated remote attacker could use this flaw to
upload arbitrary content to an arbitrary writable location on the server
and potentially execute code in the context of the web server user.
(Closes: #955020)
Checksums-Sha1:
75b55c10b7cca8263c90efd012520173c377a7a3 2032 php-horde-form_2.0.18-3.1+deb10u1.dsc
f9d230e6869c253acb2bcd5f4fba752b895e9db9 197432 php-horde-form_2.0.18.orig.tar.gz
446d553eba62a9c745afea5a6aea74205cc13922 3724 php-horde-form_2.0.18-3.1+deb10u1.debian.tar.xz
4ddbbed7c76430e347003bc84bd77358b2a1cd6f 5859 php-horde-form_2.0.18-3.1+deb10u1_amd64.buildinfo
Checksums-Sha256:
17fa8e1eea8111152fe8b69e1f2bf7929f7c30c3077913395677817727638599 2032 php-horde-form_2.0.18-3.1+deb10u1.dsc
0fd6c9c45156f56f462b38283530485eb8992968fc5c4849d2b669150d028110 197432 php-horde-form_2.0.18.orig.tar.gz
d8146904f0dcf0850704cac2e47cdb8f537a8d32b8ce1698c2fbb5020ae537b0 3724 php-horde-form_2.0.18-3.1+deb10u1.debian.tar.xz
4d02a481fe7033b849bc4dc7e19176f850823f34c0d86437febc7e0f71caa9c6 5859 php-horde-form_2.0.18-3.1+deb10u1_amd64.buildinfo
Files:
6704ca7e4c685a830d2c1e8beb2f1031 2032 php optional php-horde-form_2.0.18-3.1+deb10u1.dsc
0d044b0aa6f50d8f10758791d00c520a 197432 php optional php-horde-form_2.0.18.orig.tar.gz
d20f6edf9c4bd01c42b50e3994ded774 3724 php optional php-horde-form_2.0.18-3.1+deb10u1.debian.tar.xz
3b6a35ef5dd8f4b0a69e247be70f144a 5859 php optional php-horde-form_2.0.18-3.1+deb10u1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEz9ERzDttUsU/BH8iLNd4Xt2nsg8FAl6TE3QACgkQLNd4Xt2n
sg+Uqg/+O7uL8pRMTbN4/o7tRWEbDIaOsJTlqMmEu+LGXOASjxoPA1yQZm21HhKz
L6qgon1w8+4QhyKBt90cAdweot6gVk/+QCDVR+PiR1E9HjVC280q1FD3kCClqnUr
cgnrZLloY+pGwzjRrLjCKAq+chydWtMDhgAfTBPVXVGxcxhUvQW110SuFN8I6nzY
etZsvJ0oscSyFkLl/lnLauRx479KG9Q8H9KSyThBvLGb0g1/rW1BAdwJ5nI03kU1
Sw8BJZVGloSF29HOiCvLQq2qtI9DOnrvuI96Seu0e+cvakALVBRhDgEHmG8t7VIN
TjQA2s/zYwN5FV94lKV7/78hn2Wwm1Ptv3e1yRzz9D8InJFDyhKjM9Ruw2lEBOdN
m0cqMT4EKgGfFksB/cSbx0LNdSMLDRMp32tUSfgBG/QgM+V7hLZ6qkkdKm6eBAXm
vWsHq7HYDBbiHj/AbnHWtBEqrzwlh3NPr0gL7BsycFxquKCcNOB15mqANc3XbxBn
KuXwQ6jc2IYrk7lGEGri9wkP2KNKsUEsE1wgu3UvSWhbinh+2At0oIEs6JsZTRQr
6CmQHeMsZhRl4f4DRpg3Swz1ISb1ewN+YaglX7EoXo7H3KCBvxAzvrIPYCD0/x/s
mkU/6Ksf5k9IbkCEy13UwtBpyeWpi1C0x60sJ2RMxpuHnuhxhy4=
=4do8
-----END PGP SIGNATURE-----