Hi Moritz, Thanks for the report.
On 4/22/25 14:09, Moritz Mühlenhoff wrote:
[...] The following vulnerability was published for php-laravel-framework. CVE-2025-27515[0]:
Thanks. I'll upload a fix for sid/trixie soon.
There are also two other security issues affecting sid/trixie and which are already fixed in experimental: https://security-tracker.debian.org/tracker/CVE-2024-13918 https://security-tracker.debian.org/tracker/CVE-2024-13919
These were introduced in 11.9.0 so the versions in Debian aren't affected.
So possibly trixie should be moved to 11.44.1 unless it's a very breaking change between 10 and 11?
Unfortunately, that isn't possible due to a dependency on php-symfony 7. -- Regards, Robin GPG: B26C 2ED3 7324 6221 9C3D 1DFE 293A 3C91 D188 369C
OpenPGP_signature.asc
Description: OpenPGP digital signature
