[pkg-php-pear] Bug#1055988: bullseye-pu: package symfony/4.4.19+dfsg-2+deb11u4
David Prévot
taffit at debian.org
Wed Nov 15 13:04:50 GMT 2023
Package: release.debian.org
Severity: normal
Tags: bullseye
User: release.debian.org at packages.debian.org
Usertags: pu
X-Debbugs-Cc: symfony at packages.debian.org, Debian PHP PEAR Maintainers <pkg-php-pear at lists.alioth.debian.org>
Control: affects -1 + src:symfony
Hi,
As per #1055986 for Bookworm, I’d like to fix the following security
issue in the next point release, as advised by the security team (they
do not intend to issue a DSA for that).
[TwigBridge] Ensure CodeExtension's filters properly escape their input
[CVE-2023-46734] (Closes: #1055774)
It also fixes the testsuite using a patch prepared a while ago.
[Mime] regenerate test certificates (Closes: #1034854)
I didn’t test the packages thoroughly (and I’m not sure to have much
time for a while), but at least the testsuites pass.
[ Checklist ]
[x] *all* changes are documented in the d/changelog
[x] I reviewed all changes and I approve them
[x] attach debdiff against the package in (old)stable
[x] the issue is verified as fixed in unstable
Thanks in advance,
taffit
-------------- next part --------------
A non-text attachment was scrubbed...
Name: bullseye.patch
Type: text/x-diff
Size: 56849 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-php-pear/attachments/20231115/611b8e8a/attachment-0003.patch>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-php-pear/attachments/20231115/611b8e8a/attachment-0003.sig>
More information about the pkg-php-pear
mailing list