Package: php-oauth Version: 2.0.2+1.2.3-3 Severity: grave Justification: renders package unusable
Dear Maintainer, Debian unstable currently ships PHP 7.3, and php-oauth 2.0.2. With PHP 7.3, internal structures changed and their use needs to be adjusted in the oauth extension. There is a fix for this already in php-oauth 2.0.4: http://git.php.net/?p=pecl/web_services/oauth.git;a=commit;h=0828b70df7606b599785b3de1c15248d3e463b95 The problem that actually occurs is the following: When validating an incoming OAuth request with OAuthProvider:checkOAuthRequest(), it will always return a failure: oauth_problem=signature_invalid&debug_sbs=POST&%01%3A%2F%2F%01%01&oauth_callback... "debug_sbs" shows the data that are used for signature creation, and the second part (after the first &) should be host + path of the request. Here we see NUL byte, ://, and another NUL byte. Please provide php-oauth versino 2.0.4. -- System Information: Debian Release: bullseye/sid APT prefers unstable-debug APT policy: (500, 'unstable-debug'), (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 4.19.0-5-amd64 (SMP w/4 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages php-oauth depends on: ii libapache2-mod-php7.3 [phpapi-20180731] 7.3.6-1 ii libc6 2.28-10 ii php-common 2:69 ii php7.3-cli [phpapi-20180731] 7.3.6-1 ii php7.3-phpdbg [phpapi-20180731] 7.3.6-1 php-oauth recommends no packages. php-oauth suggests no packages. -- no debconf information