[pkg-php-pear] Bug#1139280: bookworm-pu: package php-guzzlehttp-psr7/2.4.5-1+deb12u1
David Prévot
taffit at debian.org
Mon Jun 8 09:14:02 BST 2026
Package: release.debian.org
Severity: normal
Tags: bookworm
X-Debbugs-Cc: php-guzzlehttp-psr7 at packages.debian.org
Control: affects -1 + src:php-guzzlehttp-psr7
User: release.debian.org at packages.debian.org
Usertags: pu
[ This issue is similar to #1139278 for Trixie. ]
Hi,
As agreed with the security team, I’dd like to address CVE-2026-48998
and CVE-2026-49214 in the next point release since they don’t deserve a
DSA. Please note that I had to include three more upstream patches in
order to properly include the fix for CVE-2026-48998.
[ Checklist ]
[x] *all* changes are documented in the d/changelog
[x] I reviewed all changes and I approve them
[x] attach debdiff against the package in (old)stable
[x] the issue is verified as fixed in unstable
Thanks in advance for considering.
Regards,
taffit
-------------- next part --------------
A non-text attachment was scrubbed...
Name: php-guzzlehttp-psr7_bookworm.patch
Type: text/x-diff
Size: 42938 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-php-pear/attachments/20260608/df825b4b/attachment-0001.patch>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-php-pear/attachments/20260608/df825b4b/attachment-0001.sig>
More information about the pkg-php-pear
mailing list