Summary: | <dev-lang/php-{8.0.29,8.1.20,8.2.7}: insufficient random bytes in HTTP Digest authentication for SOAP | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | John Helmert III <ajak> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | mjo, php-bugs |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | A3 [glsa+] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 908792 | ||
Bug Blocks: |
Description
John Helmert III
2023-06-10 18:49:28 UTC
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1006bc844050fd8d412e954fdadee36bcccca0f1 commit 1006bc844050fd8d412e954fdadee36bcccca0f1 Author: Michael Orlitzky <mjo@gentoo.org> AuthorDate: 2023-06-12 19:07:53 +0000 Commit: Michael Orlitzky <mjo@gentoo.org> CommitDate: 2023-06-12 19:32:37 +0000 dev-lang/php: add 8.2.7, drop 8.2.5-r1 Bug: https://bugs.gentoo.org/908259 Signed-off-by: Michael Orlitzky <mjo@gentoo.org> dev-lang/php/Manifest | 2 +- dev-lang/php/{php-8.2.5-r1.ebuild => php-8.2.7.ebuild} | 0 2 files changed, 1 insertion(+), 1 deletion(-) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=bc7e9aec4e92a55b99b932dbf5a084240074eef9 commit bc7e9aec4e92a55b99b932dbf5a084240074eef9 Author: Michael Orlitzky <mjo@gentoo.org> AuthorDate: 2023-06-12 19:07:29 +0000 Commit: Michael Orlitzky <mjo@gentoo.org> CommitDate: 2023-06-12 19:32:34 +0000 dev-lang/php: add 8.1.20, drop 8.1.18-r1 Bug: https://bugs.gentoo.org/908259 Signed-off-by: Michael Orlitzky <mjo@gentoo.org> dev-lang/php/Manifest | 2 +- dev-lang/php/{php-8.1.18-r1.ebuild => php-8.1.20.ebuild} | 0 2 files changed, 1 insertion(+), 1 deletion(-) Thanks, please stable when ready. We missed one, fix incoming: https://www.php.net/ChangeLog-8.php#8.0.29 The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=eef0359bf0335b935c19d8ba80a77ec6c05938be commit eef0359bf0335b935c19d8ba80a77ec6c05938be Author: Michael Orlitzky <mjo@gentoo.org> AuthorDate: 2023-06-18 13:07:09 +0000 Commit: Michael Orlitzky <mjo@gentoo.org> CommitDate: 2023-06-18 14:11:34 +0000 dev-lang/php: add missing virtual/libcrypt:= dependencies, bump 8.0.29. Bug: https://bugs.gentoo.org/908259 Closes: https://bugs.gentoo.org/908674 Signed-off-by: Michael Orlitzky <mjo@gentoo.org> dev-lang/php/Manifest | 1 + dev-lang/php/php-7.4.33-r3.ebuild | 751 ++++++++++++++++++++ dev-lang/php/php-8.0.29.ebuild | 757 +++++++++++++++++++++ .../{php-8.1.20.ebuild => php-8.1.20-r1.ebuild} | 6 +- .../php/{php-8.2.7.ebuild => php-8.2.7-r1.ebuild} | 7 +- 5 files changed, 1513 insertions(+), 9 deletions(-) The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=30ce731e4321742de9b62d58a1f60dbe0cb57e0d commit 30ce731e4321742de9b62d58a1f60dbe0cb57e0d Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2024-08-12 07:39:21 +0000 Commit: Hans de Graaff <graaff@gentoo.org> CommitDate: 2024-08-12 07:43:34 +0000 [ GLSA 202408-32 ] PHP: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/889882 Bug: https://bugs.gentoo.org/895416 Bug: https://bugs.gentoo.org/908259 Bug: https://bugs.gentoo.org/912331 Bug: https://bugs.gentoo.org/929929 Bug: https://bugs.gentoo.org/933752 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: Hans de Graaff <graaff@gentoo.org> glsa-202408-32.xml | 71 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 71 insertions(+) |