From: Raspbian automatic forward porter <root@raspbian.org>
Date: Sun, 29 Sep 2024 13:14:14 +0000 (+0100)
Subject: Merge version 8.2.23-1+rpi1 and 8.2.24-1 to produce 8.2.24-1+rpi1
X-Git-Tag: raspbian/8.2.24-1+rpi1
X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=570d47dbb11626827953718f1c142379c31155d1;p=php8.2.git

Merge version 8.2.23-1+rpi1 and 8.2.24-1 to produce 8.2.24-1+rpi1
---

b4f23874053751ef7005a5207674dc4d9bf780b0
diff --cc debian/changelog
index f9fe1c30,3264c732..3918ce37
--- a/debian/changelog
+++ b/debian/changelog
@@@ -1,9 -1,14 +1,21 @@@
- php8.2 (8.2.23-1+rpi1) trixie-staging; urgency=medium
++php8.2 (8.2.24-1+rpi1) trixie-staging; urgency=medium
 +
 +  [changes brought forward from 8.2.7-1~deb12u1+rpi1 by Peter Michael Green <plugwash@raspbian.org> at Thu, 20 Jul 2023 18:02:54 +0000]
 +  * Fix fpu setting for raspbian.
 +
-  -- Raspbian forward porter <root@raspbian.org>  Tue, 10 Sep 2024 22:36:43 +0000
++ -- Raspbian forward porter <root@raspbian.org>  Sun, 29 Sep 2024 13:14:14 +0000
++
+ php8.2 (8.2.24-1) unstable; urgency=medium
+ 
+   * New upstream version 8.2.24
+    + [CVE-2024-8926]: Bypass of CVE-2024-4577, Parameter Injection
+      Vulnerability
+    + [CVE-2024-8927]: cgi.force_redirect configuration is bypassable due
+      to the environment variable collision
+    + [CVE-2024-8927]: Logs from FPM childrens may be altered
+    + [CVE-2024-8925]: Erroneous parsing of multipart form data
+ 
+  -- Ondřej Surý <ondrej@debian.org>  Fri, 27 Sep 2024 05:52:57 +0200
  
  php8.2 (8.2.23-1) unstable; urgency=medium