php8.1 (8.1.2-1ubuntu2.22) jammy-security; urgency=medium

  * SECURITY UPDATE: Null byte termination in hostnames
    - debian/patches/CVE-2025-1220.patch: check hostnames in
      ext/standard/fsock.c,
      ext/standard/tests/network/ghsa-3cr5-j632-f35r.phpt,
      ext/standard/tests/streams/ghsa-3cr5-j632-f35r.phpt,
      main/streams/xp_socket.c.
    - CVE-2025-1220
  * SECURITY UPDATE: pgsql extension does not check for errors during
    escaping
    - debian/patches/CVE-2025-1735.patch: add error checks in
      ext/pdo_pgsql/pgsql_driver.c,
      ext/pdo_pgsql/tests/ghsa-hrwm-9436-5mv3.phpt,
      ext/pgsql/pgsql.c, ext/pgsql/tests/ghsa-hrwm-9436-5mv3.phpt.
    - CVE-2025-1735
  * SECURITY UPDATE: NULL Pointer Dereference in PHP SOAP Extension via
    Large XML Namespace Prefix
    - debian/patches/CVE-2025-6491.patch: handle large names in
      ext/soap/soap.c, ext/soap/tests/soap_qname_crash.phpt.
    - CVE-2025-6491

 -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Tue, 15 Jul 2025 08:11:22 -0400

php8.1 (8.1.2-1ubuntu2.21) jammy-security; urgency=medium

  * SECURITY UPDATE: Use after free
    - debian/patches/CVE-2024-11235.patch: fix incorrect live-range
      calculation in Zend/zend_opcode.c and add tests in
      Zend/tests/ghsa-rwp7-7vc6-8477_001.phpt,
      Zend/tests/ghsa-rwp7-7vc6-8477_002.phpt,
      Zend/tests/ghsa-rwp7-7vc6-8477_003.phpt.
    - CVE-2024-11235
  * SECURITY UPDATE: Incorrect MIME type
    - debian/patches/CVE-2025-1217.patch: adds HTTP header folding
      support for HTTP wrapper response headers in
      ext/standard/http_fopen_wrapper.c and add tests in
      ests/http/ghsa-v8xr-gpvj-cx9g-001.phpt,
      tests/http/ghsa-v8xr-gpvj-cx9g-002.phpt,
      tests/http/ghsa-v8xr-gpvj-cx9g-003.phpt,
      tests/http/ghsa-v8xr-gpvj-cx9g-004.phpt,
      tests/http/ghsa-v8xr-gpvj-cx9g-005.phpt,
      tests/http/http_response_header_05.phpt.
    - CVE-2025-1217
  * SECURITY UPDATE: Wrong content-type requesting a redirected resource
    - debian/patches/CVE-2025-1219.patch: fix in ext/libxml/mime_sniff.c.
    - CVE-2025-1219
  * SECURITY UPDATE: Invalid header
    - debian/patches/CVE-2025-1734.patch: fix in ext/standard/http_fopen_wrapper.c
      and add tests in
      ext/standard/tests/http/bug47021.phpt,
      ext/standard/tests/http/bug75535.phpt,
      tests/http/ghsa-pcmh-g36c-qc44-001.phpt,
      tests/http/ghsa-pcmh-g36c-qc44-002.phpt.
    - CVE-2025-1734
  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2025-1736.patch: httu user header check
      of crlf in ext/standard/http_fopen_wrapper.c and add tests
      in tests/http/ghsa-hgf5-96fm-v528-001.phpt,
      tests/http/ghsa-hgf5-96fm-v528-002.phpt,
      tests/http/ghsa-hgf5-96fm-v528-003.phpt.
    - CVE-2025-1736
  * SECURITY UPDATE: Location truncation
    - debian/patches/CVE-2025-1861.patch: converts the
      allocation of location to be on heap instead of stack
      in ext/standard/http_fopen_wrapper.c and add tests in
      tests/http/ghsa-52jp-hrpf-2jff-001.phpt,
      tests/http/ghsa-52jp-hrpf-2jff-002.phpt.
    - CVE-2025-1861
  * debian/patches/0001-Fix-GH-16955-Use-empheral-ports-for-OpenSSL-server-c.patch
    added in order to fix all the tests added in the CVE above.

 -- Leonidas Da Silva Barbosa <leo.barbosa@canonical.com>  Mon, 24 Mar 2025 16:04:23 -0300

php8.1 (8.1.2-1ubuntu2.20) jammy-security; urgency=medium

  * SECURITY UPDATE: Buffer over read
    - debian/patches/CVE-2024-11233.patch: re arrange
      bound check code in ext/standard/filters.c,
      ext/standard/tests/filters/ghsa-r977-prxv-hc43.phpt.
    - CVE-2024-11233
  * SECURITY UPDATE: HTTP request smuggling
    - debian/patches/CVE-2024-11234.patch: avoiding
      fulluri CRLF injection in ext/standard/http_fopen_wrapper.c.
      .../tests/http/ghsa-c5f2-jwm7-mmq2.phpt.
    - CVE-2024-11234
  * SECURITY UPDATE: Integer overflow
    - debian/patches/CVE-2024-11236-1.patch: adding an extralen check
      to avoid integer overflow in ext/pdo_dblib/dblib_driver.c,
      ext/pdo_dblib/tests/GHSA-5hqh-c84r-qjcv.phpt.
    - debian/patches/CVE-2024-11236-2.patch: change qcount to size_t in
      order to avoid integer overflow and adding checks in
      ext/pdo_firebird/firebird_driver.c.
    - CVE-2024-11236
  * SECURITY UPDATE: Heap buffer over-reads
    - debian/patches/CVE-2024-8929.patch: fix buffer over-reads in
      ext/mysqlnd/mysqlnd_ps_codec.c,
      ext/mysqlnd/mysqlnd_wireprotocol.c, and create some phpt tests.
    - CVE-2024-8929
  * SECURITY UPDATE: Integer overflow
    - debian/patches/CVE-2024-8932.patch: fix OOB in access in
      ldap_escape in ext/ldap/ldap.c,
      ext/ldap/tests/GHSA-g665-fm4p-vhff-1.phpt,
      ext/ldap/tests/GHSA-g665-fm4p-vhff-2.phpt.
    - CVE-2024-8932

 -- Leonidas Da Silva Barbosa <leo.barbosa@canonical.com>  Tue, 03 Dec 2024 17:14:35 -0300

php8.1 (8.1.2-1ubuntu2.19) jammy-security; urgency=medium

  * SECURITY UPDATE: Erroneous parsing of multipart form data
    - debian/patches/CVE-2024-8925.patch: limit bounday size in
      main/rfc1867.c, tests/basic/*.
    - CVE-2024-8925
  * SECURITY UPDATE: cgi.force_redirect configuration can be bypassed due
    to environment variable collision
    - debian/patches/CVE-2024-8927.patch: check for REDIRECT_STATUS in
      sapi/cgi/cgi_main.c.
    - CVE-2024-8927
  * SECURITY UPDATE: Logs from childrens may be altered
    - debian/patches/CVE-2024-9026.patch: properly calculate size in
      sapi/fpm/fpm/fpm_stdio.c, sapi/fpm/tests/*.
    - CVE-2024-9026

 -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Mon, 30 Sep 2024 12:25:25 -0400

php8.1 (8.1.2-1ubuntu2.18) jammy-security; urgency=medium

  * SECURITY UPDATE: Invalid user information
    - debian/patches/CVE-2024-5458.patch: improves filters validation
      in ext/filter/logical_filters.c and adds test
      in ext/filter/tests/ghsa-w8qr-v226-r27w.phpt.
    - CVE-2024-5458

 -- Leonidas Da Silva Barbosa <leo.barbosa@canonical.com>  Fri, 14 Jun 2024 12:52:55 -0300

php8.1 (8.1.2-1ubuntu2.17) jammy-security; urgency=medium

  * SECURITY UPDATE: Heap buffer-overflow
    - debian/patches/CVE-2022-4900.patch: prevent potential buffer
      overflow for large valye of php_cli_server_workers_max in
      sapi/cli/php_cli_server.c.
    - CVE-2022-4900
  * SECURITY UPDATE: Cookie by pass
    - debian/patches/CVE-2024-2756.patch: adds more mangling rules
      in main/php_variable.c.
    - CVE-2024-2756
  * SECURITY UPDATE: Account take over risk
    - debian/patches/CVE-2024-3096.patch: disallow null character in bcrypt
      password in ext/standard/password.c,
      ext/standard/tests/password_bcrypt_errors.phpt.
    - CVE-2024-3096

 -- Leonidas Da Silva Barbosa <leo.barbosa@canonical.com>  Wed, 01 May 2024 07:10:07 -0300

php8.1 (8.1.2-1ubuntu2.16) jammy; urgency=medium

  * d/p/fix-segfault-in-fpm_status_export_to_zval.patch: fix
    segmentation fault in fpm_status_export_to_zval. (LP: #2057576)

 -- Athos Ribeiro <athos.ribeiro@canonical.com>  Wed, 10 Apr 2024 08:54:30 -0300

php8.1 (8.1.2-1ubuntu2.15) jammy; urgency=medium

  * d/p/fix-attribute-instantion-dangling-pointer.patch: Fix sigsegv from
    dangling pointer on attribute observer. (LP: #2054621)
  * d/p/fix-attribute-instantion-memory-overflow-recovery.patch: Fix sigsegv
    during memory overflow recovery on attribute observer.

 -- Brian Morton <rokclimb15@gmail.com>  Fri, 23 Feb 2024 12:26:53 -0500

php8.1 (8.1.2-1ubuntu2.14) jammy-security; urgency=medium

  * SECURITY UPDATE: Disclosure sensitive information
    - debian/patches/CVE-2023-3823.patch: sanitieze libxml2 globals
      before parsing in ext/dom/document.c, ext/dom/documentfragment.c,
      xml_global_state_entity_loader_bypass.phpt, ext/libxml/php_libxml.h,
      ext/simplexml/simplexml.c, xml_global_state_entity_loader_bypass.phpt,
      ext/soap/php_xml.c, ext/xml/compat.c, ext/xmlreader/php_xmlreader.c,
      xml_global_state_entity_loader_bypass.phpt, ext/xsl/xsltprocessor.c,
      ext/zend_test/test.c, ext/zend_test/test.stub.php.
    - CVE-2023-3823
  * SECURITY UPDATE: Stack buffer overflow
    - debian/patches/CVE-2023-3824.patch: fix buffer mismanagement in
      phar_dir_read(), and in files ext/phar/dirstream.c,
      ext/phar/tests/GHSA-jqcx-ccgx-xwhv.phpt.
    - CVE-2023-3824

 -- Leonidas Da Silva Barbosa <leo.barbosa@canonical.com>  Fri, 18 Aug 2023 08:41:11 -0300

php8.1 (8.1.2-1ubuntu2.13) jammy-security; urgency=medium

  * SECURITY UPDATE: Missing error check and insufficient random
    bytes
    - debian/patches/CVE-2023-3247-1.patch: fixes missing randomness
      check and insufficient random byes for SOAP HTTP digest
      in ext/soap/php_http.c.
    - debian/patches/CVE-2023-3247-2.patch: fix wrong backporting of previous
      soap patch.
    - CVE-2023-3247

 -- Leonidas Da Silva Barbosa <leo.barbosa@canonical.com>  Wed, 28 Jun 2023 11:01:49 -0300

php8.1 (8.1.2-1ubuntu2.12) jammy; urgency=medium

  * d/p/fix-map-ptr-mem-leak.patch: Fix map_ptr opcache-less fpm memory leak.
    (LP: #2017207)

 -- Athos Ribeiro <athos.ribeiro@canonical.com>  Wed, 14 Jun 2023 19:57:19 -0300

php8.1 (8.1.2-1ubuntu2.11) jammy-security; urgency=medium

  * SECURITY UPDATE: password_verify() accepts invalid Blowfish hashes
    - debian/patches/CVE-2023-0567-1.patch: fix validation of malformed
      BCrypt hashes in ext/standard/crypt_blowfish.c,
      ext/standard/tests/crypt/bcrypt_salt_dollar.phpt.
    - debian/patches/CVE-2023-0567-2.patch: fix possible buffer overread in
      php_crypt() in ext/standard/crypt.c,
      ext/standard/tests/password/password_bcrypt_short.phpt.
    - CVE-2023-0567
  * SECURITY UPDATE: off-by-one in core path resolution function
    - debian/patches/CVE-2023-0568.patch: fix array overrun when appending
      slash to paths in ext/dom/document.c, ext/xmlreader/php_xmlreader.c,
      main/fopen_wrappers.c.
    - CVE-2023-0568
  * SECURITY UPDATE: DoS via excessive number of parts in HTTP form upload
    - debian/patches/CVE-2023-0662-1.patch: introduce
      max_multipart_body_parts INI in main/main.c, main/rfc1867.c,
      sapi/fpm/tests/*, sapi/fpm/tests/tester.inc.
    - debian/patches/CVE-2023-0662-2.patch: fix repeated warning for file
      uploads limit exceeding in main/rfc1867.c.
    - CVE-2023-0662

 -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Wed, 22 Feb 2023 17:56:18 -0500

php8.1 (8.1.2-1ubuntu2.10) jammy-security; urgency=medium

  * SECURITY UPDATE: Integer overflow
    - debian/patches/CVE-2022-31631-*.patch: fix check
      unquotedlen size in ext/pdo_sqlite/sqlite_driver.c.
    - CVE-2022-31631

 -- Leonidas Da Silva Barbosa <leo.barbosa@canonical.com>  Mon, 16 Jan 2023 12:19:49 -0300

php8.1 (8.1.2-1ubuntu2.9) jammy; urgency=medium

  * d/p/0049-Preserve-file-position-when-php-temp-switches.patch: PHP provides
    a temporary data stream, php://temp, whose contents are moved to a
    temporary file when a predefined size limit is hit. In jammy, the file
    position is set to the end of the file, which results in corrupted/unwanted
    data. Fix this by preserving the file position in this situation.
    (LP: #1990302)

 -- Athos Ribeiro <athos.ribeiro@canonical.com>  Wed, 19 Oct 2022 11:58:09 -0300

php8.1 (8.1.2-1ubuntu2.8) jammy-security; urgency=medium

  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2022-31628-1.patch: adding a recursion limit
      in ext/phar/phar.c, ext/phar/tests/bug81726.phpt.
    - debian/source/include-binaries: add ext/phar/tests/bug81726.gz.
    - debian/patches/CVE-2022-31628-2.patch: avoid a second check in
      ext/phar/phar.c.
    - CVE-2022-31628
  * SECURITY UPDATE: Cookie injection
    - debian/patches/CVE-2022-31629.patch: don't mangle HTTP
      variable names that clash with ones that have a specific semantic
      meaning in ext/standard/test/bug81727.phpt,
      main/php_variables.c.
    - CVE-2022-31629
  * SECURITY UPDATE: Out of bounds read
    - debian/patches/CVE-2022-31630.patch: adds validation in
      imageloadfont() for OOB in ext/gd/gd.c, ext/gd/tests/bug81739.phpt.
    - CVE-2022-31630
  * SECURITY UPDATE: Buffer overflow
    - debian/patches/CVE-2022-37454.patch: fixes buffer overflow in
      hash_update() on long parameter in
      ext/hash/sha3/generic32lc/KeccakSponge.inc,
      ext/hash/sha3/generic64lc/KeccakSponge.inc.
    - CVE-2022-37454

 -- Leonidas Da Silva Barbosa <leo.barbosa@canonical.com>  Wed, 02 Nov 2022 10:35:25 -0300

php8.1 (8.1.2-1ubuntu2.6) jammy; urgency=medium

  * d/rules: fix PHP_EXTRA_VERSION setting. (LP: #1989196)
  * Test PHP_EXTRA_VERSION setting with autopkgtest.

 -- Athos Ribeiro <athos.ribeiro@canonical.com>  Thu, 15 Sep 2022 08:30:49 -0300

php8.1 (8.1.2-1ubuntu2.5) jammy; urgency=medium

  * d/p/0048-Clear-recorded-errors-before-executing-shutdown-func.patch:
    backport OPcache autoloading fix from 8.1.6. (LP: #1983205)

 -- Kraut.Hosting <community+ubuntu@kraut.hosting>  Mon, 08 Aug 2022 09:28:23 +0200

php8.1 (8.1.2-1ubuntu2.4) jammy; urgency=medium

  * d/p/0047-Update-gcc-func-attr-macro.patch: fix detection of unknown gcc
    function attributes. (LP: #1882279)

 -- Athos Ribeiro <athos.ribeiro@canonical.com>  Wed, 17 Aug 2022 10:08:39 -0300

php8.1 (8.1.2-1ubuntu2.3) jammy; urgency=medium

  * d/p/0046-Fix-ssl3-unexpected-eof.patch: fix OpenSSL3 related unexpected
    EOF failure. This patch was originally introduced in PHP 8.1.7 to maintain
    compatibility with servers that are not yet compatible with new OpenSSL 3
    changes. This lack of compatibility would result in errors like
    "error:0A000126:SSL routines::unexpected eof while reading in LOCATION".
    (LP: #1975626)

 -- Athos Ribeiro <athos.ribeiro@canonical.com>  Mon, 15 Aug 2022 09:24:10 -0300

php8.1 (8.1.2-1ubuntu2.2) jammy-security; urgency=medium

  * SECURITY UPDATE: Memory corruption in libmagic
    - debian/patches/CVE-2022-31627.patch: use the same memory allocator in
      ext/fileinfo/libmagic.patch, ext/fileinfo/libmagic/softmagic.c,
      ext/fileinfo/tests/bug81723.phpt.
    - CVE-2022-31627

 -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Thu, 21 Jul 2022 08:10:37 -0400

php8.1 (8.1.2-1ubuntu2.1) jammy-security; urgency=medium

  * SECURITY UPDATE: RCE via Uninitialized array in pg_query_params()
    - debian/patches/CVE-2022-31625.patch: don't free parameters which
      haven't initialized yet in ext/pgsql/pgsql.c,
      ext/pgsql/tests/bug81720.phpt.
    - CVE-2022-31625
  * SECURITY UPDATE: RCE via mysqlnd/pdo password buffer overflow
    - debian/patches/CVE-20022-31626.patch: properly calculate size in
      ext/mysqlnd/mysqlnd_wireprotocol.c.
    - CVE-2022-31626

 -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Mon, 13 Jun 2022 09:52:54 -0400

php8.1 (8.1.2-1ubuntu2) jammy; urgency=medium

  * d/control: Add transitional packages and Breaks/Replaces to force
    upgrade from earlier mod-php's to version 8.1.
    (LP: #1890263)
  * d/rules: Don't fill up build log with pedantic warnings.

 -- Bryce Harrington <bryce@canonical.com>  Thu, 07 Apr 2022 17:46:26 +0000

php8.1 (8.1.2-1ubuntu1) jammy; urgency=medium

  * SECURITY UPDATE: use-after-free in php_filter_float()
    - debian/patches/CVE-2021-21708.patch: fix int handling in
      ext/filter/logical_filters.c, ext/filter/tests/bug81708.phpt.
    - CVE-2021-21708

 -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Fri, 04 Mar 2022 13:13:46 -0500

php8.1 (8.1.2-1build1) jammy; urgency=medium

  * No-change rebuild for icu soname change.

 -- Matthias Klose <doko@ubuntu.com>  Wed, 09 Feb 2022 09:18:22 +0100

php8.1 (8.1.2-1) unstable; urgency=medium

  * New upstream version 8.1.2

 -- Ondřej Surý <ondrej@debian.org>  Mon, 24 Jan 2022 11:36:08 +0100

php8.1 (8.1.1-4) unstable; urgency=medium

  * Override result of AC_PROG_LN_S to fix FTBFS on ppc64el

 -- Ondřej Surý <ondrej@debian.org>  Mon, 03 Jan 2022 15:34:56 +0100

php8.1 (8.1.1-3) unstable; urgency=medium

  * Fail the build when the dtrace call fails (Closes: #1000784)

 -- Ondřej Surý <ondrej@debian.org>  Fri, 31 Dec 2021 10:25:19 +0100

php8.1 (8.1.1-2) unstable; urgency=medium

  * Lower the OpenSSL requirement to 1.0.1

 -- Ondřej Surý <ondrej@debian.org>  Fri, 31 Dec 2021 08:25:33 +0100

php8.1 (8.1.1-1) unstable; urgency=medium

  * New upstream version 8.1.1

 -- Ondřej Surý <ondrej@debian.org>  Mon, 20 Dec 2021 22:13:08 +0100

php8.1 (8.1.0-1) unstable; urgency=medium

  * Update d/watch for final PHP 8.1
  * New upstream version 8.1.0

 -- Ondřej Surý <ondrej@debian.org>  Thu, 25 Nov 2021 20:57:29 +0100

php8.1 (8.1.0~rc6-3) unstable; urgency=medium

  * Backported from 7.3.33
   - XML:
    . Fix #79971: special character is breaking the path in xml function.
      (CVE-2021-21707)

 -- Ondřej Surý <ondrej@debian.org>  Fri, 19 Nov 2021 07:45:31 +0100

php8.1 (8.1.0~rc6-2) unstable; urgency=medium

  [ Pino Toscano ]
  * Enable AppArmor (--with-fpm-apparmor) only on Linux archs
    (Closes: #999495)
  * Fix Vcs-* fields

 -- Ondřej Surý <ondrej@debian.org>  Sat, 13 Nov 2021 12:54:26 +0100

php8.1 (8.1.0~rc6-1) unstable; urgency=medium

  * Update d/watch for updated location
  * New upstream version 8.1.0~rc6

 -- Ondřej Surý <ondrej@debian.org>  Thu, 11 Nov 2021 20:50:27 +0100

php8.1 (8.1.0~rc5-2) unstable; urgency=medium

  * d/rules: Fix FTBFS on armhf.  Use -mfpu=vfpv3-d16 in CFLAGS
    (Pulled from Ubuntu.)
  * Revert "Disable Zend fiber asm on armhf (FTBFS)"

 -- Ondřej Surý <ondrej@debian.org>  Wed, 10 Nov 2021 12:05:30 +0100

php8.1 (8.1.0~rc5-1) unstable; urgency=medium

  * New upstream version 8.1.0~rc5
  * Disable Zend fiber asm on armhf (FTBFS)

 -- Ondřej Surý <ondrej@debian.org>  Thu, 04 Nov 2021 15:57:08 +0100

php8.1 (8.1.0~rc4-1+u1) unstable; urgency=low

  * Upload to unstable

 -- Ondřej Surý <ondrej@debian.org>  Mon, 25 Oct 2021 13:35:13 +0200

php8.1 (8.1.0~rc4-1) experimental; urgency=medium

  * New upstream version 8.1.0~rc4

 -- Ondřej Surý <ondrej@debian.org>  Thu, 14 Oct 2021 18:09:23 +0200

php8.1 (8.1.0~rc2-1) experimental; urgency=medium

  * New upstream version 8.1.0~rc2

 -- Ondřej Surý <ondrej@debian.org>  Thu, 23 Sep 2021 22:52:45 +0200

php8.1 (8.1.0~rc1-1) experimental; urgency=medium

  * New upstream version 8.1.0~rc1
  * Update the systz patch to v21
  * Add Patrick Allaert GPG key as upstream signing key
  * Bump PHPAPI to 20210902

 -- Ondřej Surý <ondrej@debian.org>  Mon, 13 Sep 2021 18:23:41 +0200

php8.1 (8.1.0~beta3-1) experimental; urgency=medium

  * New upstream version 8.1.0~beta3
  * Check for symlink before removing directory in the postrm scripts
  * Update packaging and patches for PHP 8.1.0 beta3

 -- Ondřej Surý <ondrej@debian.org>  Wed, 25 Aug 2021 15:12:26 +0200

php8.0 (8.0.9-1) unstable; urgency=medium

  * New upstream version 8.0.9

 -- Ondřej Surý <ondrej@debian.org>  Fri, 30 Jul 2021 15:01:13 +0200

php8.0 (8.0.8-1) unstable; urgency=medium

  * New upstream version 8.0.8 (Closes: #990575)
   + CVE-2021-21705: SSRF bypass in FILTER_VALIDATE_URL
   + CVE-2021-21704: Stack buffer overflow in firebird_info_cb
   + CVE-2021-21704: SIGSEGV in firebird_handle_doer
   + CVE-2021-21704: SIGSEGV in firebird_stmt_execute
   + CVE-2021-21704: Crash while parsing blob data in firebird_fetch_blob

 -- Ondřej Surý <ondrej@debian.org>  Thu, 01 Jul 2021 17:25:46 +0200

php8.0 (8.0.7-1) unstable; urgency=medium

  * Disable LTO (needed for Ubuntu Hirsute) - now for real
  * New upstream version 8.0.7

 -- Ondřej Surý <ondrej@debian.org>  Fri, 04 Jun 2021 12:03:18 +0200

php8.0 (8.0.5-2) unstable; urgency=medium

  * Disable LTO (needed for Ubuntu Hirsute)
  * Revert: Fix bug #80892 PDO::PARAM_INT on pdo_pgsql

 -- Ondřej Surý <ondrej@debian.org>  Mon, 03 May 2021 13:29:29 +0200

php8.0 (8.0.5-1) unstable; urgency=medium

  * New upstream version 8.0.5

 -- Ondřej Surý <ondrej@debian.org>  Sat, 01 May 2021 10:38:31 +0200

php8.0 (8.0.3-3) unstable; urgency=medium

  * Allow printing credits buffer larger than 4k

 -- Ondřej Surý <ondrej@debian.org>  Sat, 03 Apr 2021 16:19:27 +0200

php8.0 (8.0.3-2) unstable; urgency=medium

  * Update the packaging credits

 -- Ondřej Surý <ondrej@debian.org>  Thu, 18 Mar 2021 10:40:39 +0100

php8.0 (8.0.3-1) unstable; urgency=medium

  * New upstream version 8.0.3

 -- Ondřej Surý <ondrej@debian.org>  Fri, 05 Mar 2021 08:50:54 +0100

php8.0 (8.0.2-7) unstable; urgency=medium

  * Bump php-common depends to 1:81~

 -- Ondřej Surý <ondrej@debian.org>  Tue, 23 Feb 2021 15:58:27 +0100

php8.0 (8.0.2-6) unstable; urgency=medium

  * Add example configuration to not pass URLs for missing files to
    PHP-FPM

 -- Ondřej Surý <ondrej@debian.org>  Sat, 20 Feb 2021 17:48:30 +0100

php8.0 (8.0.2-5) unstable; urgency=medium

  * Revert "Don't pass URLs for missing files to PHP-FPM"

 -- Ondřej Surý <ondrej@debian.org>  Fri, 19 Feb 2021 16:33:16 +0100

php8.0 (8.0.2-4) unstable; urgency=medium

  [ Svante Signell ]
  * Add patch to disable HR Timers on GNU Hurd (Closes: #951834)
  * Add --without build-stamp to dh invocation

 -- Ondřej Surý <ondrej@debian.org>  Tue, 16 Feb 2021 19:42:14 +0100

php8.0 (8.0.2-3) unstable; urgency=medium

  [ Sylvain Beucler ]
  * Update obsolete/non-free FPM configuration procedure

  [ Kevin Locke ]
  * Don't pass URLs for missing files to PHP-FPM

  [ Ondřej Surý ]
  * Check if the logrotate script exists (GH #1534)

 -- Ondřej Surý <ondrej@debian.org>  Sun, 14 Feb 2021 15:02:37 +0100

php8.0 (8.0.2-2) unstable; urgency=medium

  * Enable AppArmor support in FPM
  * Enable FPM ACL support

 -- Ondřej Surý <ondrej@debian.org>  Fri, 12 Feb 2021 11:14:38 +0100

php8.0 (8.0.2-1) unstable; urgency=medium

  * New upstream version 8.0.2
  * Force hardcoded path to be /bin/sed (Closes: #960786)

 -- Ondřej Surý <ondrej@debian.org>  Sun, 07 Feb 2021 12:39:18 +0100

php8.0 (8.0.1-1) unstable; urgency=medium

  * New upstream version 8.0.1

 -- Ondřej Surý <ondrej@debian.org>  Tue, 12 Jan 2021 11:05:21 +0100

php8.0 (8.0.0-1) unstable; urgency=medium

  * Update d/watch for production PHP 8.0 release
  * New upstream version 8.0.0

 -- Ondřej Surý <ondrej@debian.org>  Fri, 27 Nov 2020 12:28:33 +0100

php8.0 (8.0.0~rc3-4) unstable; urgency=medium

  * Copy the files from auxdir in a separate variable to sync with PHP 7.3
    and lower

 -- Ondřej Surý <ondrej@debian.org>  Sat, 31 Oct 2020 18:05:42 +0100

php8.0 (8.0.0~rc3-3) unstable; urgency=medium

  * Move the non-m4 files from LIBTOOL_FILES to FILES_BUILD

 -- Ondřej Surý <ondrej@debian.org>  Sat, 31 Oct 2020 11:06:16 +0100

php8.0 (8.0.0~rc3-2) unstable; urgency=medium

  * Move the system wide phpize files to LIBTOOL_FILES

 -- Ondřej Surý <ondrej@debian.org>  Sat, 31 Oct 2020 11:05:46 +0100

php8.0 (8.0.0~rc3-1) unstable; urgency=medium

  * New upstream version 8.0.0~rc3

 -- Ondřej Surý <ondrej@debian.org>  Fri, 30 Oct 2020 20:32:59 +0100

php8.0 (8.0.0~rc1-6) unstable; urgency=medium

  * In phpize, copy the foreign files from their respective packages
    (libtool, pkg-config, shtool)

 -- Ondřej Surý <ondrej@debian.org>  Sun, 18 Oct 2020 21:42:45 +0200

php8.0 (8.0.0~rc1-5) unstable; urgency=medium

  * Include all libtool files from phpize.m4

 -- Ondřej Surý <ondrej@debian.org>  Sun, 18 Oct 2020 13:38:45 +0200

php8.0 (8.0.0~rc1-4) unstable; urgency=medium

  * Use system-wide pkg.m4 from pkg-config package in phpize
  * Restore the patch to use system-wide libtool and pkg-config m4 files

 -- Ondřej Surý <ondrej@debian.org>  Sat, 17 Oct 2020 08:33:56 +0200

php8.0 (8.0.0~rc1-3) unstable; urgency=medium

  [ Chris Hofstaedtler ]
  * Use netcat-openbsd to build instead of netcat-traditional (Closes: #963261)

  [ Pino Toscano ]
  * Disable AppArmor support on non-Linux archs (Closes: #951857)
  * Enable systemd integration only on Linux archs (Closes: #951834)

  [ Ondřej Surý ]
  * Use just php_module in the apache2 .load file

 -- Ondřej Surý <ondrej@debian.org>  Sun, 11 Oct 2020 16:01:02 +0200

php8.0 (8.0.0~rc1-2) unstable; urgency=medium

  * Disable the MySQL extension testing as it's too complicated

 -- Ondřej Surý <ondrej@debian.org>  Sat, 10 Oct 2020 21:45:35 +0200

php8.0 (8.0.0~rc1-1) unstable; urgency=medium

  * Regenerate d/control for PHP 8.0
  * New upstream version 8.0.0~rc1
  * Specify the socket via ./configure option rather than patch
  * XMLRPC extension is no longer bundled
  * The JSON extension is always available
  * Fix syntax-error-in-dep5-copyright
  * Update lintian overrides
  * Remove obsolete d/NEWS

 -- Ondřej Surý <ondrej@debian.org>  Wed, 07 Oct 2020 20:11:17 +0200

php7.4 (7.4.11-1) unstable; urgency=medium

  * New upstream version 7.4.11

 -- Ondřej Surý <ondrej@debian.org>  Tue, 06 Oct 2020 12:34:39 +0200

php7.4 (7.4.10-1) unstable; urgency=medium

  * New upstream version 7.4.10
  * Lower the minimal debhelper dependency to >= 9.20150101~
  * Use libenchant-dev as Build-Depends alternative to libenchant-2-dev
  * Remove deprecated calls from enchant-2 (Closes: #954855)

 -- Ondřej Surý <ondrej@debian.org>  Tue, 08 Sep 2020 12:22:27 +0200

php7.4 (7.4.9-2) unstable; urgency=medium

  * Pull upstream patch for enchant-2 and change build-dep (Closes: #954855)

 -- Ondřej Surý <ondrej@debian.org>  Thu, 27 Aug 2020 15:37:23 +0200

php7.4 (7.4.9-1) unstable; urgency=medium

  * New upstream version 7.4.9

 -- Ondřej Surý <ondrej@debian.org>  Fri, 07 Aug 2020 16:27:40 +0200

php7.4 (7.4.8-1) unstable; urgency=medium

  * Finish updating the packaging to dh compat level 10
  * New upstream version 7.4.8
  * Adjust for upstream phar.phar -> phar7.4.phar binary rename

 -- Ondřej Surý <ondrej@debian.org>  Mon, 13 Jul 2020 18:35:53 +0200

php7.4 (7.4.7-1) unstable; urgency=medium

  * New upstream version 7.4.7

 -- Ondřej Surý <ondrej@debian.org>  Fri, 12 Jun 2020 09:42:27 +0200

php7.4 (7.4.6-1) unstable; urgency=medium

  * Properly detect CRC32 APIs on aarch64 from configure
  * New upstream version 7.4.6

 -- Ondřej Surý <ondrej@debian.org>  Thu, 14 May 2020 11:59:59 +0200

php7.4 (7.4.5-1) unstable; urgency=medium

  * New upstream version 7.4.5

 -- Ondřej Surý <ondrej@debian.org>  Sun, 19 Apr 2020 09:35:13 +0200

php7.4 (7.4.4-1) unstable; urgency=medium

  * Add (non-existent yet) systemd-tmpfiles package as alternative to systemd
  * php-fpm has to depend on procps due kill usage in systemd service file
    (Closes: #861855)
  * New upstream version 7.4.4

 -- Ondřej Surý <ondrej@debian.org>  Fri, 20 Mar 2020 14:45:16 +0100

php7.4 (7.4.3-4) unstable; urgency=medium

  * Remove /etc/init/php@PHP_VERSION@-fpm.conf, not
    /etc/init/php@PHP_VERSION@.conf (Closes: #951745)

 -- Ondřej Surý <ondrej@debian.org>  Sun, 23 Feb 2020 08:07:28 +0100

php7.4 (7.4.3-3) unstable; urgency=medium

  * Fixup upstart removal (missing prepare-files update) (Closes: #951745)

 -- Ondřej Surý <ondrej@debian.org>  Fri, 21 Feb 2020 18:01:35 +0100

php7.4 (7.4.3-2) unstable; urgency=medium

  * Remove the PIDFile= setting from systemd unit file (it should not be
    needed with Type=notify)
  * Use php-fpm-socket-helper from php-common >= 1:73 to update the
    default socket

 -- Ondřej Surý <ondrej@debian.org>  Fri, 21 Feb 2020 09:59:48 +0100

php7.4 (7.4.3-1) unstable; urgency=medium

  * Remove upstart support, use systemd-tmpfiles to create tmpfiles
    (Closes: #923032)
  * New upstream version 7.4.3

 -- Ondřej Surý <ondrej@debian.org>  Thu, 20 Feb 2020 13:12:06 +0100

php7.4 (7.4.2-7) unstable; urgency=medium

  * Add a note about PIDFile= and pid= match in php-fpm.conf
  * Silently ignore errors from update-alternatives in php-fpm.service

 -- Ondřej Surý <ondrej@debian.org>  Sat, 08 Feb 2020 13:04:50 +0100

php7.4 (7.4.2-6) unstable; urgency=medium

  * Use absolute path to update-alternatives

 -- Ondřej Surý <ondrej@debian.org>  Wed, 05 Feb 2020 17:47:54 +0100

php7.4 (7.4.2-5) unstable; urgency=medium

  * Move the update-alternatives call from postinst/prerm to systemd startup script

 -- Ondřej Surý <ondrej@debian.org>  Sat, 01 Feb 2020 18:44:05 +0100

php7.4 (7.4.2-4) unstable; urgency=medium

  * Make the creation of the default socket work on new installs

 -- Ondřej Surý <ondrej@debian.org>  Sat, 01 Feb 2020 14:11:48 +0100

php7.4 (7.4.2-3) unstable; urgency=medium

  * Use a mock socket file for setting up FPM socket alternatives

 -- Ondřej Surý <ondrej@debian.org>  Sat, 01 Feb 2020 13:09:39 +0100

php7.4 (7.4.2-2) unstable; urgency=medium

  * Create a generic /run/php/php-fpm.sock socket using update-alternatives

 -- Ondřej Surý <ondrej@debian.org>  Sat, 01 Feb 2020 10:17:27 +0100

php7.4 (7.4.2-1) unstable; urgency=medium

  * New upstream version 7.4.2
  * Disable dh_autoreconf for PHP, it breaks the build

 -- Ondřej Surý <ondrej@debian.org>  Thu, 23 Jan 2020 12:20:45 +0100

php7.4 (7.4.1-1) unstable; urgency=medium

  * Update d/watch for final release
  * New upstream version 7.4.1
  * Bump the debhelper compat to 10
  * Bump the Standards Version (no change)

 -- Ondřej Surý <ondrej@debian.org>  Tue, 21 Jan 2020 09:23:37 +0100

php7.4 (7.4.0-1) unstable; urgency=medium

  * New upstream version 7.4.0

 -- Ondřej Surý <ondrej@debian.org>  Thu, 28 Nov 2019 08:25:29 +0100

php7.4 (7.4.0~rc6-1) experimental; urgency=medium

  * Fix the FTBFS with MySQL 8.0
  * New upstream version 7.4.0~rc6

 -- Ondřej Surý <ondrej@debian.org>  Tue, 19 Nov 2019 18:49:28 +0100

php7.4 (7.4.0~rc4-1) experimental; urgency=medium

  * Bump d/phpapi to 20190902
  * New upstream version 7.4.0~rc4

 -- Ondřej Surý <ondrej@debian.org>  Sat, 26 Oct 2019 11:10:04 +0200

php7.4 (7.4.0~rc3-1) experimental; urgency=medium

  * New upstream version 7.4.0~rc3
  * GMP now uses autodetection (don't pass /usr to configure)
  * Bump d/phpapi to 20190902

 -- Ondřej Surý <ondrej@sury.org>  Tue, 08 Oct 2019 08:08:28 +0200

php7.4 (7.4.0~beta4-2) experimental; urgency=medium

  * Enable FFI experimental extension
  * Add libffi to B-D

 -- Ondřej Surý <ondrej@sury.org>  Wed, 28 Aug 2019 10:50:48 +0200

php7.4 (7.4.0~beta4-1) experimental; urgency=medium

  * Remove 0003-libtool2.2.patch, it's no longer needed [GL #1236]
  * New upstream version 7.4.0~beta4

 -- Ondřej Surý <ondrej@sury.org>  Tue, 27 Aug 2019 15:22:26 +0200

php7.4 (7.4.0~beta2-1) experimental; urgency=medium

  * New upstream version 7.4.0~beta2
  * Rebase patches for PHP 7.4.0~beta2

 -- Ondřej Surý <ondrej@sury.org>  Thu, 08 Aug 2019 13:41:59 +0200

php7.4 (7.4.0~beta1-1) experimental; urgency=medium

  * New upstream version 7.4.0~beta1
  * Rebase patches for PHP 7.4.0~beta1
  * Configure option --with-libxml-dir is now named --with-libxml
  * The recode extension has been moved to PECL.
  * The interbase extension has been moved to PECL.
  * The configure option for zip extension has changed from --enable-zip to --with-zlib
  * The WDDX extension has been deprecated and moved to PECL.
  * The configure options to enable GD extension has changed to --enable-gd and --with-external-gd
  * Regenerated d/control
  * Update the configure options according to UPGRADING file (mostly pkg-config related changes)
  * Cleanup the missing documentation
  * Update phpapi to 20190529

 -- Ondřej Surý <ondrej@sury.org>  Wed, 07 Aug 2019 17:47:41 +0200

php7.4 (7.4.0~alpha2-1) experimental; urgency=low

  * New upstream version 7.4.0~alpha2

 -- Ondřej Surý <ondrej@sury.org>  Wed, 10 Jul 2019 09:36:25 +0200

php7.3 (7.3.7-1) unstable; urgency=medium

  * New upstream version 7.3.7

 -- Ondřej Surý <ondrej@sury.org>  Wed, 10 Jul 2019 08:52:54 +0200

php7.3 (7.3.6-1) unstable; urgency=medium

  [ Ondřej Surý ]
  * New upstream version 7.3.6

  [ Andreas Beckmann ]
  * php7.3-curl: Add Breaks against php7.0-curl for smoother upgrades from stretch.  (Closes: #929689)

 -- Ondřej Surý <ondrej@sury.org>  Fri, 31 May 2019 13:36:51 +0200

php7.3 (7.3.5-1) unstable; urgency=medium

  * New upstream version 7.3.5

 -- Ondřej Surý <ondrej@sury.org>  Fri, 03 May 2019 10:16:15 +0200

php7.3 (7.3.4-2) unstable; urgency=medium

  [Andreas Beckmann]
  * php7.3-common: Add Breaks against php7.0-curl for smoother upgrades from
    stretch.  (Closes: #925106)
  * php7.3-common: Add Breaks against gforge-common from jessie which uses a
    deprecated constructor syntax.
  * Deterministically generate debian/control by sorting the extension
    packages.

 -- Ondřej Surý <ondrej@debian.org>  Sat, 13 Apr 2019 19:05:48 +0000

php7.3 (7.3.4-1) unstable; urgency=medium

  * Update d/watch for new php.net pages
  * New upstream version 7.3.4
  * Enforce C++11 for intl compilation on older distributions

 -- Ondřej Surý <ondrej@debian.org>  Wed, 10 Apr 2019 06:55:43 +0000

php7.3 (7.3.3-1) unstable; urgency=medium

  * New upstream version 7.3.3
  * Update systzdata patch to v18 (Courtesy of RemiRepo)
  * Add patch for OpenSSL 1.1.1b (Courtesy of RemiRepo)

 -- Ondřej Surý <ondrej@debian.org>  Thu, 07 Mar 2019 19:43:34 +0000

php7.3 (7.3.2-3) unstable; urgency=medium

  * Update systzdata patch to v17 (Courtesy of remirepo)

 -- Ondřej Surý <ondrej@debian.org>  Fri, 08 Feb 2019 15:05:54 +0000

php7.3 (7.3.2-2) unstable; urgency=medium

  * Fix the icu patch condition for icu >= 60

 -- Ondřej Surý <ondrej@debian.org>  Fri, 08 Feb 2019 10:49:26 +0000

php7.3 (7.3.2-1) unstable; urgency=medium

  * New upstream version 7.3.2

 -- Ondřej Surý <ondrej@debian.org>  Thu, 07 Feb 2019 17:58:05 +0000

php7.3 (7.3.1-3) unstable; urgency=medium

  * Always build spoofchecker, because we are enforcing icu >= 50.1
    (Closes: #921199)

 -- Ondřej Surý <ondrej@debian.org>  Tue, 05 Feb 2019 10:25:33 +0000

php7.3 (7.3.1-2) unstable; urgency=high

  * Add patch to use pkg-config instead of icu-config to detect icu
    libraries (Closes: #916110)

 -- Ondřej Surý <ondrej@debian.org>  Mon, 21 Jan 2019 09:09:55 +0000

php7.3 (7.3.1-1) unstable; urgency=medium

  * New upstream version 7.3.1

 -- Ondřej Surý <ondrej@debian.org>  Sun, 13 Jan 2019 10:13:20 +0000

php7.3 (7.3.0-2) unstable; urgency=medium

  * Add upstream patch to fix OPcache optimization problem for
    ArrayAccess->offsetGet
  * Add upstream patch to fix infinite loop in preg_replace_callback
  * Fix check for rl_completion_matches in readline extension

 -- Ondřej Surý <ondrej@debian.org>  Mon, 17 Dec 2018 09:51:53 +0000

php7.3 (7.3.0-1) unstable; urgency=medium

  * Update d/watch for the final PHP 7.3.0 release
  * New upstream version 7.3.0

 -- Ondřej Surý <ondrej@debian.org>  Thu, 06 Dec 2018 20:22:15 +0000

php7.3 (7.3.0~rc6-1) unstable; urgency=medium

  * New upstream version 7.3.0~rc6

 -- Ondřej Surý <ondrej@debian.org>  Sun, 25 Nov 2018 10:01:25 +0000

php7.3 (7.3.0~rc5-2) unstable; urgency=medium

  * Don't use sed found by configure, use the sed command as available in
    the host system (Closes: #913620)

 -- Ondřej Surý <ondrej@debian.org>  Tue, 13 Nov 2018 09:10:56 +0000

php7.3 (7.3.0~rc5-1) unstable; urgency=medium

  * New upstream version 7.3.0~rc5
  * Enable lmdb support in dba extension

 -- Ondřej Surý <ondrej@debian.org>  Mon, 12 Nov 2018 09:54:24 +0000

php7.3 (7.3.0~rc4-2) unstable; urgency=medium

  * Restore correct patch name for
    0040-Add-patch-to-install-php7-module-directly-to-APXS_LI.patch

 -- Ondřej Surý <ondrej@debian.org>  Sun, 04 Nov 2018 04:54:20 +0000

php7.3 (7.3.0~rc4-1) unstable; urgency=medium

  * New upstream version 7.3.0~rc4
  * Rebase patches for PHP 7.4.0~rc4

 -- Ondřej Surý <ondrej@debian.org>  Thu, 25 Oct 2018 08:57:33 +0000

php7.3 (7.3.0~rc3-3) unstable; urgency=medium

  * Add patch to use pkg-config for FreeType2 library detection
    (Closes: #911460)
  * Remove libmcrypt-dev from Build-Depends

 -- Ondřej Surý <ondrej@debian.org>  Thu, 25 Oct 2018 06:39:32 +0000

php7.3 (7.3.0~rc3-2) unstable; urgency=medium

  * Disable the enabled modules in prerm, because in postrm the phpquery
    script is not aware of already removed sapi (Closes: #911018)

 -- Ondřej Surý <ondrej@debian.org>  Mon, 15 Oct 2018 09:53:04 +0000

php7.3 (7.3.0~rc3-1) unstable; urgency=medium

  * New upstream version 7.3.0~rc3
  * Rebase patches for PHP 7.3.0~rc3

 -- Ondřej Surý <ondrej@debian.org>  Sat, 13 Oct 2018 13:47:36 +0000

php7.3 (7.3.0~rc2-3) unstable; urgency=medium

  * Remove ancient mv_conffile (from php5)
  * Remove spurious L from phpize script (Closes: #909110)
  * Downgrade dh-php from Recommends to Suggests (Closes: #910620)

 -- Ondřej Surý <ondrej@debian.org>  Tue, 09 Oct 2018 13:22:52 +0000

php7.3 (7.3.0~rc2-2) unstable; urgency=medium

  * Fix the Vcs-* links
  * Apply upstream patch to allow disabling pcre jit and disable it on
    mips and s390x archs
  * Extra 'L' is gone (Closes: #909110)

 -- Ondřej Surý <ondrej@debian.org>  Thu, 04 Oct 2018 14:25:15 +0000

php7.3 (7.3.0~rc2-1) unstable; urgency=medium

  * New upstream version 7.3.0~rc2
  * Rebase patches for PHP 7.3.0~rc2

 -- Ondřej Surý <ondrej@debian.org>  Mon, 01 Oct 2018 11:42:35 +0000

php7.3 (7.3.0~beta2-3) unstable; urgency=medium

  * Disable assembly code with gcc 4.8 on i386

 -- Ondřej Surý <ondrej@debian.org>  Mon, 20 Aug 2018 08:07:58 +0000

php7.3 (7.3.0~beta2-2) unstable; urgency=medium

  * Remove dependency on pcre3 and add libpcre2-dev to phpX.Y-dev

 -- Ondřej Surý <ondrej@debian.org>  Sun, 19 Aug 2018 16:12:50 +0000

php7.3 (7.3.0~beta2-1) unstable; urgency=medium

  * New upstream version 7.3.0~beta2
  * Rebase patches for PHP 7.3.0~beta2
  * Fix phpdbg.1 installation path from srcdir to builddir
  * Bump d/phpapi to 20180731

 -- Ondřej Surý <ondrej@debian.org>  Sun, 19 Aug 2018 07:49:10 +0000

php7.3 (7.3.0~beta1-1) unstable; urgency=medium

  [ Lior Kaplan ]
  * Fix syntax typo

  [ Ondřej Surý ]
  * New upstream version 7.3.0~beta1
  * Rebase patches for PHP 7.3.0beta1

 -- Ondřej Surý <ondrej@debian.org>  Fri, 03 Aug 2018 13:52:09 +0000

php7.3 (7.3.0~alpha4-1) unstable; urgency=medium

  * Use cpuid.h instead of custom assembler
  * New upstream version 7.3.0~alpha4
  * Rebase patches for PHP 7.3.0~alpha4

 -- Ondřej Surý <ondrej@debian.org>  Wed, 25 Jul 2018 11:11:09 +0000

php7.3 (7.3.0~alpha3-2) unstable; urgency=medium

  * Remove traces of ext_skel modifications
  * Add <!nocheck> profile to all default-mysql-server alternatives
  * Bump d/phpapi for PHP 7.3
  * Add libargon2-dev as new alternative build-dependency to
    libargon2-0-dev

 -- Ondřej Surý <ondrej@debian.org>  Sat, 14 Jul 2018 13:57:34 +0000

php7.3 (7.3.0~alpha3-1) unstable; urgency=medium

  * Update upstream signing-key.asc for PHP 7.3
  * New upstream version 7.3.0~alpha3
  * Build-Depend on libpcre2-dev
  * Rebase patches for PHP 7.3.0~alpha3

 -- Ondřej Surý <ondrej@debian.org>  Mon, 09 Jul 2018 13:49:59 +0000

php7.2 (7.2.7-2) unstable; urgency=medium

  * Update the maintainer email to team+pkg-php@tracker.debian.org
  * Update the Vcs-* links to salsa.d.o

 -- Ondřej Surý <ondrej@debian.org>  Mon, 09 Jul 2018 12:28:45 +0000

php7.2 (7.2.7-1) unstable; urgency=medium

  * New upstream version 7.2.7
  * Refresh patches for PHP 7.2.7

 -- Ondřej Surý <ondrej@debian.org>  Fri, 22 Jun 2018 07:35:11 +0000

php7.2 (7.2.6-1) unstable; urgency=medium

  * New upstream version 7.2.6
  * Rebase patches for PHP version 7.2.6

 -- Ondřej Surý <ondrej@debian.org>  Mon, 11 Jun 2018 14:54:56 +0000

php7.2 (7.2.5-1) unstable; urgency=medium

  * New upstream version 7.2.5
  * Rebase patches for PHP 7.2.5

 -- Ondřej Surý <ondrej@debian.org>  Sat, 05 May 2018 04:56:32 +0000

php7.2 (7.2.4-1) unstable; urgency=medium

  * New upstream version 7.2.4
  * Rebase patches on top of new upstream release.

 -- Ondřej Surý <ondrej@debian.org>  Thu, 05 Apr 2018 08:50:27 +0000

php7.2 (7.2.3-1) unstable; urgency=medium

  * New upstream version 7.2.3
  * Rebase patches on top of new upstream release.

 -- Ondřej Surý <ondrej@debian.org>  Tue, 06 Mar 2018 11:15:04 +0000

php7.2 (7.2.2-3) unstable; urgency=medium

  * Add explicit libpcre3 >= 2:8.35 dependency as dh_genshlibs is failing
    to add versioned dependency for some reason.

 -- Ondřej Surý <ondrej@debian.org>  Tue, 06 Feb 2018 16:07:40 +0000

php7.2 (7.2.2-2) unstable; urgency=medium

  * Remove explicit libpcre3 dependency and let dh_genshlibs do its magic

 -- Ondřej Surý <ondrej@debian.org>  Tue, 06 Feb 2018 13:00:04 +0000

php7.2 (7.2.2-1) unstable; urgency=medium

  * New upstream version 7.2.2
  * Rebase patches on top of new upstream release
  * Regenerate d/control to finish php7.2-sodium removal

 -- Ondřej Surý <ondrej@debian.org>  Thu, 01 Feb 2018 15:19:04 +0000

php7.2 (7.2.1-1) unstable; urgency=medium

  * Update the Vcs-* to salsa.d.o
  * Slightly update debian/copyright (most changes were already in)
  * New upstream version 7.2.1
  * Rebase patches on top of new upstream release

 -- Ondřej Surý <ondrej@debian.org>  Fri, 05 Jan 2018 11:21:04 +0000

php7.2 (7.2.0-2) unstable; urgency=medium

  * Get rid of extra php7.2-sodium module

 -- Ondřej Surý <ondrej@debian.org>  Wed, 06 Dec 2017 14:15:47 +0000

php7.2 (7.2.0-1) unstable; urgency=low

  * Update PHP 7.2 signing keys
  * New upstream version 7.2.0
  * Rebase patches for new upstream release.

 -- Ondřej Surý <ondrej@debian.org>  Thu, 30 Nov 2017 13:55:57 +0000

php7.2 (7.2.0~rc6-1) unstable; urgency=medium

  * New upstream version 7.2.0~rc6
  * Rebase patches for new upstream version.

 -- Ondřej Surý <ondrej@debian.org>  Sun, 12 Nov 2017 03:30:05 +0000

php7.2 (7.2.0~rc5-1) unstable; urgency=medium

  * New upstream version 7.2.0~rc5
  * Rebase patches for new upstream release

 -- Ondřej Surý <ondrej@debian.org>  Fri, 27 Oct 2017 13:33:55 +0000

php7.2 (7.2.0~rc4-2) unstable; urgency=medium

  * Fix the usage of internal allocator in xmlrpc extension

 -- Ondřej Surý <ondrej@debian.org>  Tue, 24 Oct 2017 18:54:46 +0000

php7.2 (7.2.0~rc4-1) unstable; urgency=medium

  * New upstream version 7.2.0~rc4
  * Rebase patches on top of new upstream version 7.2.0~rc4

 -- Ondřej Surý <ondrej@debian.org>  Sun, 22 Oct 2017 13:07:11 +0000

php7.2 (7.2.0~rc3-1) unstable; urgency=medium

  * New upstream version 7.2.0~rc3
  * Refresh patches for PHP 7.2.0~rc3

 -- Ondřej Surý <ondrej@debian.org>  Thu, 28 Sep 2017 18:26:49 +0200

php7.2 (7.2.0~rc2-1) unstable; urgency=medium

  * New upstream version 7.2.0~rc2
  * Rebase patches on top of PHP 7.2.0~rc2

 -- Ondřej Surý <ondrej@debian.org>  Mon, 18 Sep 2017 11:24:14 +0200

php7.2 (7.2.0~rc1-1) unstable; urgency=medium

  * New upstream version 7.2.0~rc1
  * Rebase patches on top of PHP 7.2.0~rc1
  * Update d/copyright (License check courtesy of Luca Falavigna)
  * Rewrap the files in d/ with wrap-and-sort -a

 -- Ondřej Surý <ondrej@debian.org>  Thu, 31 Aug 2017 14:00:16 +0200

php7.2 (7.2.0~beta3-2) unstable; urgency=medium

  * Enable Argon2 support for password hashing functions
  * Enable shared libsodium extension

 -- Ondřej Surý <ondrej@debian.org>  Fri, 25 Aug 2017 11:35:23 +0200

php7.2 (7.2.0~beta3-1) unstable; urgency=medium

  * Allow libgcrypt11-dev when it's not a transitional package
  * New upstream version 7.2.0~beta3
  * Refresh patches on top of PHP 7.2.0~beta3

 -- Ondřej Surý <ondrej@debian.org>  Fri, 18 Aug 2017 15:00:36 +0200

php7.2 (7.2.0~beta2-2) experimental; urgency=medium

  * Update Vcs-* links to https://gitlab.com/deb.sury.org/...
  * Stop depending on obsolete automake1.11
  * Switch build-depends to libgcrypt20-dev

 -- Ondřej Surý <ondrej@debian.org>  Fri, 04 Aug 2017 11:56:09 +0200

php7.2 (7.2.0~beta2-1) experimental; urgency=medium

  * Update d/watch for PHP 7.2
  * New upstream version 7.2.0~beta2
  * Rebase patches for PHP 7.2.0~beta2

 -- Ondřej Surý <ondrej@debian.org>  Thu, 03 Aug 2017 20:42:38 +0200

php7.2 (7.2.0~beta1-1) experimental; urgency=medium

  * New upstream version 7.2.0~beta1
  * Enable support for libsodium crypto
  * Rebase patches on top of PHP 7.2.0~beta1
  * Update phpapi for PHP 7.2 to 20170718

 -- Ondřej Surý <ondrej@debian.org>  Thu, 27 Jul 2017 13:29:34 +0200

php7.2 (7.2.0~alpha3-1) experimental; urgency=medium

  * New upstream version 7.2.0~alpha3
  * Rebase patches on top of PHP 7.2.0~alpha3
  * Update d/rules with configure.in -> configure.ac rename
  * Remove mcrypt extension that has been removed upstream
  * Update phpapi to 20160731

 -- Ondřej Surý <ondrej@debian.org>  Thu, 06 Jul 2017 13:50:44 +0200
