Format: 1.8
Date: Mon, 27 Jun 2022 10:17:09 +0200
Source: php7.2
Architecture: source
Version: 7.2.34-32+ubuntu18.04.1+deb.sury.org+1
Distribution: bionic
Urgency: medium
Maintainer: Debian PHP Maintainers <team+pkg-php@tracker.debian.org>
Changed-By: Ondřej Surý <ondrej@debian.org>
Closes: 861855 923032 951745 951834 951857 954855 960786 963261
Changes:
 php7.2 (7.2.34-32+ubuntu18.04.1+deb.sury.org+1) bionic; urgency=medium
 .
   * No-change backport to bionic
 .
 php7.2 (7.2.34-32) unstable; urgency=medium
 .
   * Revert "Add Provides: php-json to PHP SAPIS"
 .
 php7.2 (7.2.34-31) unstable; urgency=medium
 .
   * Add Provides: php-json to PHP SAPIS
 .
 php7.2 (7.2.34-30) unstable; urgency=medium
 .
   * Backported from 7.4.30
    - mysqlnd:
     . Fixed bug #81719: mysqlnd/pdo password buffer overflow.
       (CVE-2022-31626)
    - pgsql
     . Fixed bug #81720: Uninitialized array in pg_query_params().
       (CVE-2022-31625)
 .
 php7.2 (7.2.34-29) unstable; urgency=medium
 .
   * Add -DOPENSSL_SUPPRESS_DEPRECATED to CFLAGS to support OpenSSL 3.0
   * Add minimal OpenSSL 3.0 patch
   * Pull upstream patch to fix build with ICU >= 70
   * Add #include <stdbool.h> to ext/intl/ to have true/false available
 .
 php7.2 (7.2.34-28) unstable; urgency=medium
 .
   * Backported from 7.3.33
    - XML:
     . Fix #79971: special character is breaking the path in xml function.
       (CVE-2021-21707)
 .
 php7.2 (7.2.34-27) unstable; urgency=medium
 .
   [ Pino Toscano ]
   * Enable AppArmor (--with-fpm-apparmor) only on Linux archs
   * Fix Vcs-* fields
 .
 php7.2 (7.2.34-26) unstable; urgency=medium
 .
   * Backported from 7.4.25
    - FPM:
     . Fixed bug #81026 (PHP-FPM oob R/W in root process leading to
       privilege escalation) (CVE-2021-21703).
 .
 php7.2 (7.2.34-25) unstable; urgency=medium
 .
   * Backported from 7.3.31
    - Zip:
     . Fixed bug #81420 (ZipArchive::extractTo extracts outside of destination).
 .
 php7.2 (7.2.34-24) unstable; urgency=medium
 .
   * Check for symlink before removing directory in the postrm scripts
   * Backported from 7.3.30
    - Phar:
     . Fixed bug #81211: Symlinks are followed when creating PHAR archive
 .
 php7.2 (7.2.34-23) unstable; urgency=medium
 .
   * Backported from 7.3.29
    - Core:
     . Fixed #81122: SSRF bypass in FILTER_VALIDATE_URL. (CVE-2021-21705)
    - PDO_Firebird:
     . Fixed #76448: Stack buffer overflow in firebird_info_cb. (CVE-2021-21704)
     . Fixed #76449: SIGSEGV in firebird_handle_doer. (CVE-2021-21704)
     . Fixed #76450: SIGSEGV in firebird_stmt_execute. (CVE-2021-21704)
     . Fixed #76452: Crash while parsing blob data in firebird_fetch_blob.
       (CVE-2021-21704)
 .
 php7.2 (7.2.34-22) unstable; urgency=medium
 .
   * Disable LTO (needed for Ubuntu Hirsute)
 .
 php7.2 (7.2.34-21) unstable; urgency=medium
 .
   * Backported from 7.3.28
    - Imap:
     . Fixed bug #80710 (imap_mail_compose() header injection).
 .
 php7.2 (7.2.34-20) unstable; urgency=medium
 .
   * Allow printing credits buffer larger than 4k
 .
 php7.2 (7.2.34-19) unstable; urgency=medium
 .
   * Update the packaging credits
 .
 php7.2 (7.2.34-18) unstable; urgency=medium
 .
   * Bump php-common depends to 1:81~
 .
 php7.2 (7.2.34-17) unstable; urgency=medium
 .
   * Add example configuration to not pass URLs for missing files to
     PHP-FPM
 .
 php7.2 (7.2.34-16) unstable; urgency=medium
 .
   * Revert "Don't pass URLs for missing files to PHP-FPM"
 .
 php7.2 (7.2.34-15) unstable; urgency=medium
 .
   [ Svante Signell ]
   * Add --without build-stamp to dh invocation
 .
 php7.2 (7.2.34-14) unstable; urgency=medium
 .
   * Use libenchant-dev as Build-Depends alternative to libenchant-2-dev
 .
 php7.2 (7.2.34-13) unstable; urgency=medium
 .
   [ Sylvain Beucler ]
   * Update obsolete/non-free FPM configuration procedure
 .
   [ Kevin Locke ]
   * Don't pass URLs for missing files to PHP-FPM
 .
   [ Ondřej Surý ]
   * Check if the logrotate script exists (GH #1534)
 .
 php7.2 (7.2.34-12) unstable; urgency=medium
 .
   * Pull upstream patch for enchant-2 and change build-dep (Closes: #954855)
   * Remove deprecated calls from enchant-2 (Closes: #954855)
 .
 php7.2 (7.2.34-11) unstable; urgency=medium
 .
   * Enable FPM ACL support
 .
 php7.2 (7.2.34-10) unstable; urgency=medium
 .
   * Backported from 7.3.27
    - SOAP:
     . Fixed bug #80672 (Null Dereference in SoapClient). (CVE-2021-21702)
   * Force hardcoded path to be /bin/sed (Closes: #960786)
 .
 php7.2 (7.2.34-9) unstable; urgency=medium
 .
   * Backported from 7.3.26
    - Standard:
     . Fixed bug #77423 (FILTER_VALIDATE_URL accepts URLs with invalid
       userinfo).  (CVE-2020-7071)
 .
 php7.2 (7.2.34-8) unstable; urgency=medium
 .
   * Files from auxdir needs to go into the basedir, not in the build/
     directory
 .
 php7.2 (7.2.34-7) unstable; urgency=medium
 .
   * Revert "Move the non-m4 files from LIBTOOL_FILES to FILES_BUILD"
   * Move the non-m4 files from LIBTOOL_FILES to FILES_BUILD (for real)
 .
 php7.2 (7.2.34-6) unstable; urgency=medium
 .
   * Move the non-m4 files from LIBTOOL_FILES to FILES_BUILD
 .
 php7.2 (7.2.34-5) unstable; urgency=medium
 .
   * Move the system wide phpize files to LIBTOOL_FILES
 .
 php7.2 (7.2.34-4) unstable; urgency=medium
 .
   * In phpize, copy the foreign files from their respective packages
     (libtool, pkg-config, shtool)
 .
 php7.2 (7.2.34-3) unstable; urgency=medium
 .
   [ Chris Hofstaedtler ]
   * Use netcat-openbsd to build instead of netcat-traditional (Closes: #963261)
 .
   [ Pino Toscano ]
   * Disable AppArmor support on non-Linux archs (Closes: #951857)
   * Enable systemd integration only on Linux archs (Closes: #951834)
 .
   [ Ondřej Surý ]
   * Add pkg-config m4 files to phpize script
   * Use system-wide pkg.m4 from pkg-config package in phpize
 .
 php7.2 (7.2.34-2) unstable; urgency=medium
 .
   * Disable the MySQL extension testing as it's too complicated
 .
 php7.2 (7.2.34-1) unstable; urgency=medium
 .
   * New upstream version 7.2.34
 .
 php7.2 (7.2.33-1) unstable; urgency=medium
 .
   * New upstream version 7.2.33
 .
 php7.2 (7.2.32-1) unstable; urgency=medium
 .
   * Finish updating the packaging to dh compat level 10
   * New upstream version 7.2.32
 .
 php7.2 (7.2.31-1) unstable; urgency=medium
 .
   * Add patch to reduce BC break introduced in libzip 1.6.0
   * New upstream version 7.2.31
   * Add upstream patch to allow numeric [UG]ID in FPM listen.{owner,group}
 .
 php7.2 (7.2.30-1) unstable; urgency=medium
 .
   * New upstream version 7.2.30
 .
 php7.2 (7.2.29-1) unstable; urgency=medium
 .
   * Add (non-existent) systemd-tmpfiles package as alternative to systemd
   * php-fpm has to depend on procps due kill usage in systemd service file
     (Closes: #861855)
   * New upstream version 7.2.29
 .
 php7.2 (7.2.28-4) unstable; urgency=medium
 .
   * Use pkg-config for PHP_SETUP_LIBXML
 .
 php7.2 (7.2.28-3) unstable; urgency=medium
 .
   * Update version in debian/php-fpm.maintscript
   * Remove /etc/init/php@PHP_VERSION@-fpm.conf, not
     /etc/init/php@PHP_VERSION@.conf
 .
 php7.2 (7.2.28-2) unstable; urgency=medium
 .
   * Remove the PIDFile= setting from systemd unit file (it should not be
     needed with Type=notify)
   * Use php-fpm-socket-helper from php-common >= 1:73 to update the
     default socket
   * Fixup upstart removal (missing prepare-files update) (Closes: #951745)
 .
 php7.2 (7.2.28-1) unstable; urgency=medium
 .
   * Remove upstart support, use systemd-tmpfiles to create tmpfiles
     (Closes: #923032)
   * New upstream version 7.2.28
 .
 php7.2 (7.2.27-6) unstable; urgency=medium
 .
   * Use absolute path to update-alternatives
 .
 php7.2 (7.2.27-5) unstable; urgency=medium
 .
   * Move the update-alternatives call from postinst/prerm to systemd startup script
 .
 php7.2 (7.2.27-4) unstable; urgency=medium
 .
   * Make the creation of the default socket work on new installs
 .
 php7.2 (7.2.27-3) unstable; urgency=medium
 .
   * Use a mock socket file for setting up FPM socket alternatives
 .
 php7.2 (7.2.27-2) unstable; urgency=medium
 .
   * Create a generic /run/php/php-fpm.sock socket using update-alternatives
 .
 php7.2 (7.2.27-1) unstable; urgency=medium
 .
   * Bump the debhelper compat to 10
   * Bump the Standards Version (no change)
   * Disable dh_autoreconf for PHP, it breaks the build
   * New upstream version 7.2.27
 .
 php7.2 (7.2.26-1) unstable; urgency=medium
 .
   * New upstream version 7.2.26
 .
 php7.2 (7.2.25-1) unstable; urgency=medium
 .
   * Use mysqld --initialize-insecure for MySQL 8.0 (for Ubuntu 19.10)
   * Disable MySQL X Plugin in the tests
   * Remove --skip-grant-tables to fix FTBFS with MySQL 8.0
   * Remove --without-mysqlx from MySQL 5.7
   * New upstream version 7.2.25
 .
 php7.2 (7.2.24-1) unstable; urgency=medium
 .
   * New upstream version 7.2.24
Checksums-Sha1:
 42d1fcc0597082f7c47014e99f35ace99357c74b 5757 php7.2_7.2.34-32+ubuntu18.04.1+deb.sury.org+1.dsc
 3dfe7bbed49e53f6ff76ca0b8c9162f78b1cc679 12309432 php7.2_7.2.34.orig.tar.xz
 b02fc0723a5bd7d1297952ce42fc654451e07e0b 95824 php7.2_7.2.34-32+ubuntu18.04.1+deb.sury.org+1.debian.tar.xz
 1b312ac1b4691e86d594454d0835688bb2d75832 17588 php7.2_7.2.34-32+ubuntu18.04.1+deb.sury.org+1_source.buildinfo
Checksums-Sha256:
 afad01f1470c14398258e21ce60e45a38bf3cc8e7f39c90c66b6fd558e99bf3f 5757 php7.2_7.2.34-32+ubuntu18.04.1+deb.sury.org+1.dsc
 409e11bc6a2c18707dfc44bc61c820ddfd81e17481470f3405ee7822d8379903 12309432 php7.2_7.2.34.orig.tar.xz
 cfb3c3b039a3142510d3427625de08e03e5497953254df7bf4de4809149daea6 95824 php7.2_7.2.34-32+ubuntu18.04.1+deb.sury.org+1.debian.tar.xz
 aa2511042d6fc87e2c218d5db3f88e91a1f3a5135f75e047fdaf59761ef61610 17588 php7.2_7.2.34-32+ubuntu18.04.1+deb.sury.org+1_source.buildinfo
Files:
 8b8093e37f55e5aca256465f92a3d5a5 5757 php optional php7.2_7.2.34-32+ubuntu18.04.1+deb.sury.org+1.dsc
 adb64072b9b7e4634844a72512239a34 12309432 php optional php7.2_7.2.34.orig.tar.xz
 e9ee7c9da82e6c498a075b8ff7031012 95824 php optional php7.2_7.2.34-32+ubuntu18.04.1+deb.sury.org+1.debian.tar.xz
 333b6943fb49539bd0ed3f20b09cd528 17588 php optional php7.2_7.2.34-32+ubuntu18.04.1+deb.sury.org+1_source.buildinfo