Bug#1019914: Useless in Debian

Package: adldap2 Severity: serious [ Reported by a team member to see the package removed from testing ] adldap2 will be deprecated in favor of LdapRecord (https://github.com/DirectoryTree/LdapRecord), and I don't see a use case any more at the moment. No packages depend on it, so it can be remov

Bug#1014492: guzzle: CVE-2022-31090 CVE-2022-31091

, please let me know. Regards Katharina On Saturday, 2022-07-16, 09:26:10 (GMT +0200), David Prévot wrote: > Hi Katharina, > > Le Thu, Jul 07, 2022 at 10:56:06AM +0200, Katharina Drexel a écrit : > […] > > thanks for the hints. I pushed a new version in the repo > > (https://s

Bug#1014492: guzzle: CVE-2022-31090 CVE-2022-31091

Hi, thanks for the hints. I pushed a new version in the repo (https://salsa.debian.org/php-team/pear/php-guzzlehttp-guzzle). TBD: someone should upload it in the debian repo. Bye Katharina On Wednesday, 2022-07-06, 23:03:18 (GMT +0200), Moritz Mühlenhoff wrote: > Source: guzzle > X-Debbugs-CC: t

Bug#1012821: guzzle: CVE-2022-31042 CVE-2022-31043

> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31043 > https://github.com/guzzle/guzzle/security/advisories/GHSA-w248-ffj2-4v5q > [2] > https://github.com/guzzle/guzzle/commit/e3ff079b22820c2029d4c2a87796b6a0b8716ad8 > > Regards, > Salvatore -- Berner Fachho

Bug#1011636: guzzle: [CVE-2022-29248] Cross-domain cookie leakage

Hello David, Thanks for the link. I uploaded a newer version to https://salsa.debian.org/php-team/pear/php-guzzlehttp-guzzle . Problably someone with the corresponding permissions should upload the package to the Debian archive. Regards Katharina > Guzzle 7.5.0 (and 7.4.3) has just been released