Back to php7.0 PTS page

Accepted php7.0 7.0.33-0+deb9u7 (source) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates

To: debian-changes@lists.debian.org
Subject: Accepted php7.0 7.0.33-0+deb9u7 (source) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates
From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Date: Tue, 25 Feb 2020 19:48:16 +0000
Mail-followup-to: debian-devel@lists.debian.org
Message-id: <E1j6gBk-000FIS-4O@fasolo.debian.org>
Reply-to: debian-devel@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 16 Feb 2020 16:11:40 +0100
Source: php7.0
Binary: libapache2-mod-php7.0 libphp7.0-embed php7.0 php7.0-cgi php7.0-cli php7.0-dev php7.0-fpm php7.0-phpdbg php7.0-xsl php7.0-odbc php7.0-readline php7.0-recode php7.0-sqlite3 php7.0-xml php7.0-sybase php7.0-zip php7.0-gd php7.0-gmp php7.0-ldap php7.0-common php7.0-intl php7.0-mysql php7.0-mcrypt php7.0-snmp php7.0-curl php7.0-json php7.0-pgsql php7.0-mbstring php7.0-enchant php7.0-opcache php7.0-imap php7.0-bcmath php7.0-tidy php7.0-soap php7.0-dba php7.0-interbase php7.0-xmlrpc php7.0-pspell php7.0-bz2
Architecture: source
Version: 7.0.33-0+deb9u7
Distribution: stretch-security
Urgency: medium
Maintainer: Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>
Changed-By: Ondřej Surý <ondrej@debian.org>
Description:
 libapache2-mod-php7.0 - server-side, HTML-embedded scripting language (Apache 2 module)
 libphp7.0-embed - HTML-embedded scripting language (Embedded SAPI library)
 php7.0     - server-side, HTML-embedded scripting language (metapackage)
 php7.0-bcmath - Bcmath module for PHP
 php7.0-bz2 - bzip2 module for PHP
 php7.0-cgi - server-side, HTML-embedded scripting language (CGI binary)
 php7.0-cli - command-line interpreter for the PHP scripting language
 php7.0-common - documentation, examples and common module for PHP
 php7.0-curl - CURL module for PHP
 php7.0-dba - DBA module for PHP
 php7.0-dev - Files for PHP7.0 module development
 php7.0-enchant - Enchant module for PHP
 php7.0-fpm - server-side, HTML-embedded scripting language (FPM-CGI binary)
 php7.0-gd  - GD module for PHP
 php7.0-gmp - GMP module for PHP
 php7.0-imap - IMAP module for PHP
 php7.0-interbase - Interbase module for PHP
 php7.0-intl - Internationalisation module for PHP
 php7.0-json - JSON module for PHP
 php7.0-ldap - LDAP module for PHP
 php7.0-mbstring - MBSTRING module for PHP
 php7.0-mcrypt - libmcrypt module for PHP
 php7.0-mysql - MySQL module for PHP
 php7.0-odbc - ODBC module for PHP
 php7.0-opcache - Zend OpCache module for PHP
 php7.0-pgsql - PostgreSQL module for PHP
 php7.0-phpdbg - server-side, HTML-embedded scripting language (PHPDBG binary)
 php7.0-pspell - pspell module for PHP
 php7.0-readline - readline module for PHP
 php7.0-recode - recode module for PHP
 php7.0-snmp - SNMP module for PHP
 php7.0-soap - SOAP module for PHP
 php7.0-sqlite3 - SQLite3 module for PHP
 php7.0-sybase - Sybase module for PHP
 php7.0-tidy - tidy module for PHP
 php7.0-xml - DOM, SimpleXML, WDDX, XML, and XSL module for PHP
 php7.0-xmlrpc - XMLRPC-EPI module for PHP
 php7.0-xsl - XSL module for PHP (dummy)
 php7.0-zip - Zip module for PHP
Changes:
 php7.0 (7.0.33-0+deb9u7) stretch-security; urgency=medium
 .
   * Use mysqld --initialize-insecure for MySQL 8.0 (for Ubuntu 19.10)
   * Disable MySQL X Plugin in the tests
   * Remove --skip-grant-tables to fix FTBFS with MySQL 8.0
   * Remove --without-mysqlx from MySQL 5.7
   * Backported from 7.2.27
    - Mbstring:
     . Fixed bug #79037 (global buffer-overflow in `mbfl_filt_conv_big5_wchar`).
       (CVE-2020-7060)
    - Standard:
     . Fixed bug #79099 (OOB read in php_strip_tags_ex). (CVE-2020-7059).
   * Backported from 7.2.26
    - Bcmath:
     . Fixed bug #78878 (Buffer underflow in bc_shift_addsub). (CVE-2019-11046).
    - Core:
     . Fixed bug #78862 (link() silently truncates after a null byte on Windows).
       (CVE-2019-11044).
     . Fixed bug #78863 (DirectoryIterator class silently truncates after a null
       byte). (CVE-2019-11045).
    - EXIF:
     . Fixed bug #78793 (Use-after-free in exif parsing under memory sanitizer).
       (CVE-2019-11050).
     . Fixed bug #78910 (Heap-buffer-overflow READ in exif). (CVE-2019-11047).
Checksums-Sha1:
 dec88cfcd33aa653c6f4aaa65b804edd1ffebf09 5793 php7.0_7.0.33-0+deb9u7.dsc
 4addca7ca61c3812ec8ff20d7343175696920f74 825596 php7.0_7.0.33-0+deb9u7.debian.tar.xz
Checksums-Sha256:
 497b2de66d505afe281bc9134bea6cd63da5d39761517ff394d4f4d7b7b11d50 5793 php7.0_7.0.33-0+deb9u7.dsc
 497cae3f800d1e96afc780ad998be3ab0f69af5deaef4aa8f894b07de3cfada1 825596 php7.0_7.0.33-0+deb9u7.debian.tar.xz
Files:
 87759dd0616cce590589b1d149faa78f 5793 php optional php7.0_7.0.33-0+deb9u7.dsc
 0bece949a584467e916af988e744e1c4 825596 php optional php7.0_7.0.33-0+deb9u7.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEEw2Gx4wKVQ+vGJel9g3Kkd++uWcIFAl5JaAtfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEMz
NjFCMUUzMDI5NTQzRUJDNjI1RTk3RDgzNzJBNDc3RUZBRTU5QzIACgkQg3Kkd++u
WcJIFA//a23fZ0iVkIJlTbN8EoUknJCK8a/XrJ83ei+dkOa/xitszEn++BxP9Llt
p9cT+b7PILKVyLMCNP7te6quAYs142TPS6TZVjP50kyMPzddLIPCldnJbd4M3wMY
nM1ae8s2NwS12XiE89zRgDgjmNZU2It9K0Khp6/8Lm16MWJ42JtrcobgK33fMs3s
Pjl1Jmf3+qi3gKCW2EsckQhMFqwDyxSS1OGoFd3gfGda83mJwARSlOMP52uwQDt5
KU5LX8fEgHd5AjG/49rexkJS9tkopFd0C2kA/uNFJxDDFv+krVYq7z/R7DrjRF48
KNK7QAKQfiBtRrdEGiymsiaN+DsU7PFJQqK6iq8BexbUMQb1BwoD49/zxXr/mnlZ
BkT3s6d6IwVL/hKbdin3dlSlJwbNoTTMPdlqCJHQZ+uAl3hBvG9KKyOW1ASN+G6y
4fztJ6QFP5exDJY8DMozzh1Q+2S+mhwQUjX2B8kdR4XGECg5YAbkhauMOVB48RP3
FZUbF6IY1gf0oqb6gF0FqmDFzv00GxxFFoi9REU/D8htOPPL45DYsAXxn/rwXDTG
LwMfeApWHROvj2ORCZexf55LxLBBWNIeayuld0wBwUSFM5yvu59ryjn0hJDOi6bw
prVSYm6gFPlTAPl6UPoxbByb1RFP1txlNBVUo+TNENceeL/VB38=
=s7Nw
-----END PGP SIGNATURE-----