-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 13 Mar 2025 19:21:38 +0100
Source: php8.2
Binary: php8.2 php8.2-xsl
Architecture: all
Version: 8.2.28-1~deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: all Build Daemon (x86-grnet-02) <buildd_all-x86-grnet-02@buildd.debian.org>
Changed-By: Ondřej Surý <ondrej@debian.org>
Description:
 php8.2     - server-side, HTML-embedded scripting language (metapackage)
 php8.2-xsl - XSL module for PHP (dummy)
Changes:
 php8.2 (8.2.28-1~deb12u1) bookworm-security; urgency=high
 .
   * New upstream version 8.2.28
    - [CVE-2025-1219]: libxml streams use wrong `content-type` header
      when requesting a redirected resource.
    - [CVE-2025-1736]: Stream HTTP wrapper header check might omit
      basic auth header.
    - [CVE-2025-1861]: Stream HTTP wrapper truncate redirect location
      to 1024 bytes.
    - [CVE-2025-1734]: Streams HTTP wrapper does not fail for headers
      without colon.
    - [CVE-2025-1217]: Header parser of `http` stream wrapper does not
      handle folded headers.
Checksums-Sha1:
 cbef4187f2c1aee22a61ab9ca434f7aee398554c 46536 php8.2-xsl_8.2.28-1~deb12u1_all.deb
 a1732dd89daa640cd0d119adb309e853f2574b04 14100 php8.2_8.2.28-1~deb12u1_all-buildd.buildinfo
 67423b8bf994973819b3eccf0e2574b27a1a5954 46868 php8.2_8.2.28-1~deb12u1_all.deb
Checksums-Sha256:
 73535f77994e7c6a2c681e1861a4b546ae54399fe260cc3933044e62fa3b2421 46536 php8.2-xsl_8.2.28-1~deb12u1_all.deb
 734badf0518431c08ea3c0f75417774e2efca99fe3f661e1a11f3b4538d6f8a7 14100 php8.2_8.2.28-1~deb12u1_all-buildd.buildinfo
 d3e50d5a163efb873527f90cdd1808a571ab4b51e18b0104cd17dceaa073e4c7 46868 php8.2_8.2.28-1~deb12u1_all.deb
Files:
 37da995930b630afeed2cfcdac7e52dc 46536 php optional php8.2-xsl_8.2.28-1~deb12u1_all.deb
 3485ee4ae381e65c0ffb9c3f122d8e95 14100 php optional php8.2_8.2.28-1~deb12u1_all-buildd.buildinfo
 94fc8bf43b6b09b63ed62e989f3f38c6 46868 php optional php8.2_8.2.28-1~deb12u1_all.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEQsM0t1ygJv2xcx3e4cagXJhOTXsFAmfTPVAACgkQ4cagXJhO
TXvLqA//YFqGZjleLFWsRQJW56RzvGIaLBJaayTOiRsKpkWs5iHx1pDelOVzTyS4
Qi+2IzW30SKVqJ74JWQsS1ZvfeFMUwBY9NvrPJ5zKiHy/QJrSWwSuDOnL3imDv8E
5vgQRFkFZbfYOrpshviTfYCzCCQrlEfVt1FQKvCIP+gIHZtigVz/tk8l7DS6U15J
ie15aY50/sT0AlkfYypnQukyn9ULZsY255gOZo/3w5aDxDPIL7v8P008zpo4djsV
v1Qy+/IvX9dMMHt/+l4pvb/pdU15F/9p4zvu4Os6wesMrfHb/fNbWN2Ub1ym0Asi
U+3i0rjPG/lE5IijU1W+tsVl+rx2po57Zb6ON1vNNDcqJTG7LITBMT/gflvpRKYl
1DaMSnEI6dOK3Qz50igTob0WnJeXbDDw3zxJTKuiBDsgr/WMv73Fu9DtNdI7SGWO
enb6MrBfbF6EYGL96uNycevluBcoF4UfIRi6JyQs1O66l5zV2mHoDSSb13RnXWkG
bT/fm4pXFcwVQxvI/QtyFRGptZwfE9pAk32QL26D2CJcc7Zsn8tipMi8QzraWzMa
NJuzFZ3fKZAeB/pmUMZvvYQxRVQyzSwYU+MnyunfJ/Xip2sTdEB8N+edJ0MnzlG4
o13UR7xuvu4KlcW52LBQS79lY1gUt3WukovRaCC/UcojLH+E07s=
=1hVf
-----END PGP SIGNATURE-----