Utkarsh Gupta pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
9d32c648 by Utkarsh Gupta at 2026-07-05T00:54:31+05:30
Reserve DLA-4670-1 for php-phpseclib

- - - - -


3 changed files:

- data/CVE/list
- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -276860,7 +276860,6 @@ CVE-2023-52892 (In phpseclib before 1.0.22, 2.x 
before 2.0.46, and 3.x before 3.
        [bookworm] - phpseclib 1.0.20-1+deb12u3
        - php-phpseclib 2.0.46-1
        [bookworm] - php-phpseclib 2.0.42-1+deb12u3
-       [bullseye] - php-phpseclib <no-dsa> (Minor issue; can be fixed via pu)
        - php-phpseclib3 3.0.33-1
        [bookworm] - php-phpseclib3 3.0.19-1+deb12u4
        NOTE: 
https://github.com/phpseclib/phpseclib/commit/6cd6e8ceab9f2b55c8cd81d2192bf98cbeaf4627
 (1.0.22, 2.0.46, 3.0.33)


=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[05 Jul 2026] DLA-4670-1 php-phpseclib - security update
+       {CVE-2023-52892 CVE-2026-32935 CVE-2026-40194 CVE-2026-44167 
CVE-2026-55599}
+       [bullseye] - php-phpseclib 2.0.30-2+deb11u3
 [04 Jul 2026] DLA-4669-1 php8.2 - security update
        {CVE-2026-14355}
        [bookworm] - php8.2 8.2.32-1~deb12u1


=====================================
data/dla-needed.txt
=====================================
@@ -519,14 +519,6 @@ php-laravel-framework
   NOTE: 20251027: tests is required to prevent regressions, but I could not 
get the upstream
   NOTE: 20251027: test suite to work. It is not exercised as part of Debian 
packages build. (paride)
 --
-php-phpseclib/bullseye (utkarsh)
-  NOTE: 20260327: Added by Front-Desk (Beuc)
-  NOTE: 20260327: Upcoming DSA; fix also the 2023 postponed issue 
(Beuc/front-desk)
-  NOTE: 20260329: DSA-6186-1
-  NOTE: 20260518: Also follow bookworm 12.14 (2 CVEs) (Beuc/front-desk)
-  NOTE: 20260703: 
https://debusine.debian.net/debian/developers/work-request/906743/.
-  NOTE: 20260703: will release soon. (utkarsh)
---
 php-twig/bullseye
   NOTE: 20260521: Added by Front-Desk (Beuc)
   NOTE: 20260521: Cf. symfony batch of CVEs, upcoming DSA (Beuc/front-desk)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9d32c6487ff3910904f2b60ecd228f37152d6532

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9d32c6487ff3910904f2b60ecd228f37152d6532
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help


_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to