php7.2 (7.2.24-0ubuntu0.18.04.17) bionic-security; urgency=medium

  * SECURITY UPDATE: password_verify() accepts invalid Blowfish hashes
    - debian/patches/CVE-2023-0567-1.patch: fix validation of malformed
      BCrypt hashes in ext/standard/crypt_blowfish.c,
      ext/standard/tests/crypt/bcrypt_salt_dollar.phpt.
    - debian/patches/CVE-2023-0567-2.patch: fix possible buffer overread in
      php_crypt() in ext/standard/crypt.c,
      ext/standard/tests/password/password_bcrypt_short.phpt.
    - CVE-2023-0567
  * SECURITY UPDATE: off-by-one in core path resolution function
    - debian/patches/CVE-2023-0568.patch: fix array overrun when appending
      slash to paths in ext/dom/document.c, ext/xmlreader/php_xmlreader.c,
      main/fopen_wrappers.c.
    - CVE-2023-0568
  * SECURITY UPDATE: DoS via excessive number of parts in HTTP form upload
    - debian/patches/CVE-2023-0662-1.patch: introduce
      max_multipart_body_parts INI in main/main.c, main/rfc1867.c.
    - debian/patches/CVE-2023-0662-2.patch: fix repeated warning for file
      uploads limit exceeding in main/rfc1867.c.
    - CVE-2023-0662

 -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Thu, 23 Feb 2023 08:29:25 -0500

php7.2 (7.2.24-0ubuntu0.18.04.16) bionic-security; urgency=medium

  * SECURITY UPDATE: Integer overflow
    - debian/patches/CVE-2022-31631.patch: fix check
      unquotedlen size in ext/pdo_sqlite/sqlite_driver.c.
    - CVE-2022-31631

 -- Leonidas Da Silva Barbosa <leo.barbosa@canonical.com>  Tue, 10 Jan 2023 12:47:23 -0300

php7.2 (7.2.24-0ubuntu0.18.04.15) bionic-security; urgency=medium

  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2022-31628-1.patch: adding a recursion limit
      in ext/phar/phar.c, ext/phar/tests/bug81726.phpt.
    - debian/source/include-binaries: add ext/phar/tests/bug81726.gz.
    - debian/patches/CVE-2022-31628-2.patch: avoid a second check in
      ext/phar/phar.c.
    - CVE-2022-31628
  * SECURITY UPDATE: Cookie injection
    - debian/patches/CVE-2022-31629.patch: don't mangle HTTP
      variable names that clash with ones that have a specific semantic
      meaning in ext/standard/test/bug81727.phpt,
      main/php_variables.c.
    - CVE-2022-31629
  * SECURITY UPDATE: Buffer overflow
    - debian/patches/CVE-2022-37454.patch: fixes buffer overflow in
      hash_update() on long parameter in
      ext/hash/sha3/generic32lc/KeccakSponge.inc,
      ext/hash/sha3/generic64lc/KeccakSponge.inc.
    - CVE-2022-37454

 -- Leonidas Da Silva Barbosa <leo.barbosa@canonical.com>  Wed, 02 Nov 2022 06:09:52 -0300

php7.2 (7.2.24-0ubuntu0.18.04.13) bionic-security; urgency=medium

  * SECURITY REGRESSION: Incomplete fix for CVE-2022-31625 (LP: #1980550)
    - debian/patches/CVE-2022-31625-2.patch: include the fix for not
      freeing parameters which haven't initialized yet in
      ext/pgsql/pgsql.c in other methods.

 -- Rodrigo Figueiredo Zaiden <rodrigo.zaiden@canonical.com>  Wed, 06 Jul 2022 09:23:22 -0300

php7.2 (7.2.24-0ubuntu0.18.04.12) bionic-security; urgency=medium

  * SECURITY UPDATE: RCE via Uninitialized array in pg_query_params()
    - debian/patches/CVE-2022-31625.patch: don't free parameters which
      haven't initialized yet in ext/pgsql/pgsql.c,
      ext/pgsql/tests/bug81720.phpt.
    - CVE-2022-31625
  * SECURITY UPDATE: RCE via mysqlnd/pdo password buffer overflow
    - debian/patches/CVE-20022-31626.patch: properly calculate size in
      ext/mysqlnd/mysqlnd_wireprotocol.c.
    - CVE-2022-31626

 -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Mon, 13 Jun 2022 09:41:53 -0400

php7.2 (7.2.24-0ubuntu0.18.04.11) bionic-security; urgency=medium

  * SECURITY UPDATE: DoS in zend_string_extend function
    - debian/patches/CVE-2017-8923.patch: fix integer Overflow when
      concatenating strings in Zend/zend_vm_def.h, Zend/zend_vm_execute.h.
    - CVE-2017-8923
  * SECURITY UPDATE: out of bounds access in php_pcre_replace_impl
    - debian/patches/CVE-2017-9118-pre1.patch: fix heap buffer overflow via
      str_repeat in Zend/zend_operators.c, Zend/zend_string.h.
    - debian/patches/CVE-2017-9118.patch: fix out of bounds in
      php_pcre_replace_impl in Zend/zend_string.h, ext/pcre/php_pcre.c.
    - CVE-2017-9118
  * SECURITY UPDATE: DoS via memory consumption in i_zval_ptr_dtor
    - debian/patches/CVE-2017-9119.patch: handle memory limit error during
      string reallocation correctly in Zend/zend_string.h.
    - CVE-2017-9119
  * SECURITY UPDATE: DoS via integer overflow in mysqli_real_escape_string
    - debian/patches/CVE-2017-9120.patch: fix overflow in
      ext/mysqli/mysqli_api.c.
    - CVE-2017-9120
  * SECURITY UPDATE: filename truncation issue in XML parsing functions
    - debian/patches/CVE-2021-21707.patch: special character is breaking
      the path in xml function in ext/dom/domimplementation.c,
      ext/dom/tests/bug79971_2.phpt, ext/libxml/libxml.c,
      ext/simplexml/tests/bug79971_1.phpt,
      ext/simplexml/tests/bug79971_1.xml.
    - CVE-2021-21707

 -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Wed, 02 Mar 2022 12:52:35 -0500

php7.2 (7.2.24-0ubuntu0.18.04.10) bionic-security; urgency=medium

  * SECURITY UPDATE: Out of bounds read/write
    - debian/patches/CVE-2021-21703.patch: The main change is to
      store scoreboard procs directly to the variable sized
      array rather than indirectly through the pointer in
      sapi/fpm/fpm/fpm_children.c, sapi/fpm/fpm/fpm_request.c,
      sapi/fpm/fpm/fpm_scoreboard.c, sapi/fpm/fpm/fpm_scoreboard.h,
      sapi/fpm/fpm/fpm_status.c, sapi/fpm/fpm/fpm_worker_pool.c.
    - CVE-2021-21703

 -- Leonidas Da Silva Barbosa <leo.barbosa@canonical.com>  Mon, 25 Oct 2021 14:47:59 -0300

php7.2 (7.2.24-0ubuntu0.18.04.9) bionic; urgency=medium

  * Fix a segmentation fault and implement support for using cursors
    on prepared statements in the mysqli database driver. (LP: #1939853)
    - d/p/lp-1939853-1-Fix-Segfault-with-get_result-and-PS-cursors.patch
    - d/p/lp-1939853-2-MySQLnd-Support-cursors-in-store-get-result.patch 

 -- Matthew Ruffell <matthew.ruffell@canonical.com>  Mon, 16 Aug 2021 17:46:32 +1200

php7.2 (7.2.24-0ubuntu0.18.04.8) bionic-security; urgency=medium

  * SECURITY UPDATE: crash or info disclosure via PHAR zip file
    - debian/patches/CVE-2020-7068.patch: fix use after free in
      ext/phar/zip.c.
    - CVE-2020-7068
  * SECURITY UPDATE: incorrect URL validation
    - debian/patches/CVE-2020-7071-1.patch: make sure userinfo is valid
      according to RFC 3986 in ext/filter/tests/bug77423.phpt,
      ext/standard/url.c.
    - debian/patches/CVE-2020-7071-2.patch: revert previous fix and use a
      better one in ext/filter/logical_filters.c,
      ext/filter/tests/bug77423.phpt, ext/standard/url.c.
    - debian/patches/CVE-2020-7071-3.patch: remove unneeded function in
      ext/standard/url.c.
    - CVE-2020-7071
  * SECURITY UPDATE: crash via malformed XML data in SOAP extension
    - debian/patches/CVE-2021-21702-1.patch: check strings in
      ext/soap/php_sdl.c, ext/soap/php_xml.c, ext/soap/tests/bug80672.phpt,
      ext/soap/tests/bug80672.xml.
    - debian/patches/CVE-2021-21702-2.patch: fix compiler warning in
      ext/soap/php_sdl.c.
    - CVE-2021-21702
  * SECURITY UPDATE: multiple issues in the pdo_firebase module
    - debian/patches/CVE-2021-21704-1.patch: prevent overflow in
      ext/pdo_firebird/firebird_statement.c.
    - debian/patches/CVE-2021-21704-2.patch: verify result_size in
      ext/pdo_firebird/firebird_statement.c.
    - debian/patches/CVE-2021-21704-3.patch: verify result_size in
      ext/pdo_firebird/firebird_driver.c.
    - debian/patches/CVE-2021-21704-4.patch: don't overflow stack in
      ext/pdo_firebird/firebird_driver.c.
    - CVE-2021-21704
  * SECURITY UPDATE: SSRF bypass
    - debian/patches/CVE-2021-21705.patch: check password in
      ext/filter/logical_filters.c, ext/filter/tests/bug81122.phpt.
    - debian/patches/CVE-2021-21705-2.patch: fix compiler warning in
      ext/filter/logical_filters.c.
    - CVE-2021-21705

 -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Mon, 05 Jul 2021 13:41:32 -0400

php7.2 (7.2.24-0ubuntu0.18.04.7) bionic-security; urgency=medium

  * SECURITY UPDATE: Incorrect encryption data
    - debian/patches/CVE-2020-7069.patch: fix wrong ciphertext/tag
      in AES-CCM encryption for a 12 bytes IV in ext/openssl/openssl.c,
      ext/openssl/tests/cipher_tests.inc, ext/openssl/openssl_*_ccm.phpt.
    - CVE-2020-7069
  * SECURITY UPDATE: Possibly forge cookie
    - debian/patches/CVE-2020-7070.patch: do not decode cookie names anymore
      in main/php_variables.c, tests/basic/022.phpt, tests/basic/023.phpt,
      tests/basic/bug79699.phpt.
    - CVE-2020-7070

 -- Leonidas S. Barbosa <leo.barbosa@canonical.com>  Wed, 07 Oct 2020 12:24:25 -0300

php7.2 (7.2.24-0ubuntu0.18.04.6) bionic-security; urgency=medium

  * SECURITY UPDATE: Denial of service through oversized memory allocated
    - debian/patches/CVE-2019-11048.patch: changes types int to size_t
      in main/rfc1867.c.
    - CVE-2019-11048

 -- Leonidas S. Barbosa <leo.barbosa@canonical.com>  Tue, 26 May 2020 10:09:11 -0300

php7.2 (7.2.24-0ubuntu0.18.04.5) bionic; urgency=medium

  * libapache2-mod-php.postinst.extra: Disable other mod-php
    versions. Fixes failure when upgrading from previous versions of
    mod-php.
   (LP: #1865218)

 -- Bryce Harrington <bryce@canonical.com>  Sat, 25 Apr 2020 02:40:59 +0000

php7.2 (7.2.24-0ubuntu0.18.04.4) bionic-security; urgency=medium

  * SECURITY UDPATE: Null dereference pointer
    - debian/patches/CVE-2020-7062.patch: avoid null dereference in
      ext/session/session.c.
    - CVE-2020-7062
  * SECURITY UPDATE: Lax permissions on files added to tar with Phar
    - debian/patches/CVE-2020-7063.patch: enforce correct permissions
      for files add to tar with Phar in ext/phar/phar_object.c,
      ext/phar/tests/bug79082.phpt, ext/phar/tests/test79082*.
    - CVE-2020-7063
  * SECURITY UPDATE: Read one byte of uninitialized memory
    - debian/patches/CVE-2020-7064.patch: check length in
      exif_process_TIFF_in_JPEG to avoid read uninitialized memory
      ext/exif/exif.c, ext/exif/tests/bug79282.phpt.
    - debian/patches/Fix_test_bug79282.patch: fix test in
      ext/exif/tests/bug79282.phpt.
    - CVE-2020-7064
  * SECURITY UPDATE: Truncated url due \0
    - debian/patches/CVE-2020-7066.patch: check for get_headers
      not accepting \0 in ext/standard/url.c.
    - CVE-2020-7066

 -- Leonidas S. Barbosa <leo.barbosa@canonical.com>  Wed, 08 Apr 2020 12:45:57 -0300

php7.2 (7.2.24-0ubuntu0.18.04.3) bionic-security; urgency=medium

  * SECURITY UPDATE: Out of bounds read
    - debian/patches/CVE-2020-7059.patch: fix OOB read in
      php_strip_tags_ex in ext/standard/string.c and added test
      ext/standard/tests/file/bug79099.phpt.
    - CVE-2020-7059
  * SECURITY UPDATE: Buffer-overflow
    - debian/patches/CVE-2020-7060.patch: fix adding a check function
      is_in_cp950_pua in  ext/mbstring/libmbfl/filters/mbfilter_big5.c
      and added test ext/mbstring/tests/bug79037.phpt.
    - CVE-2020-7060

 -- Leonidas S. Barbosa <leo.barbosa@canonical.com>  Tue, 11 Feb 2020 12:55:52 -0300

php7.2 (7.2.24-0ubuntu0.18.04.2) bionic-security; urgency=medium

  * SECURITY UPDATE: silently truncates
    a class after a null byte
    - debian/patches/CVE-2019-11045.patch:  not accept
      arbitrary strings in ext/spl/spl_directory.c,
      ext/spl/tests/bug78863.phpt.
    - CVE-2019-11045
  * SECURITY UPDATE: Buffer underflow
    - debian/patches/CVE-2019-11046.patch: not rely on `isdigit()`
      to detect digits in ext/bcmath/libbcmath/src/str2num.c,
      ext/bcmath/tests/bug78878.phpt.
    - CVE-2019-11046
  * SECURITY UPDATE: Heap-buffer-overflow
    - debian/patches/CVE-2019-11047.patch: fix in ext/exif/exif.c,
      ext/exif/tests/bug78910.phpt.
    - CVE-2019-11047
  * SECURITY UPDATE: Use-after-free
    - debian/patches/CVE-2019-11050.patch: fix in
      ext/exif/exif.c, ext/exif/tests/bug78793.phpt.
    - CVE-2019-11050

 -- Leonidas S. Barbosa <leo.barbosa@canonical.com>  Mon, 13 Jan 2020 15:39:59 -0300

php7.2 (7.2.24-0ubuntu0.18.04.1) bionic-security; urgency=medium

  * SECURITY UPDATE: updated to 7.2.24 to fix security issue
    - CVE-2019-11043
  * Rebased patches:
    - debian/patches/0022-lp564920-fix-big-files.patch
  * Removed patches no longer required:
    - debian/patches/CVE-2019-11041.patch
    - debian/patches/CVE-2019-11042.patch

 -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Mon, 28 Oct 2019 08:07:07 -0400

php7.2 (7.2.19-0ubuntu0.18.04.2) bionic-security; urgency=medium

  * SECURITY UPDATE: Heap-buffer-overflow
    - debian/patches/CVE-2019-11041.patch: check Thumbnail.size in order
      to avoid an overflow in ext/exif.exif.c and adding test to
      ext/exif/tests/bug78222.phpt.
    - CVE-2019-11041
  * SECURITY UPDATE: Heap-buffer-overflow
    - debian/patches/CVE-2019-11042.patch: check ByteCount in order to
      avoid an overflow in ext/exif/exif.c and adding tests to
      ext/exif/tests/bug78256.phpt.
    - CVE-2019-11042

 -- Leonidas S. Barbosa <leo.barbosa@canonical.com>  Mon, 12 Aug 2019 16:34:28 -0300

php7.2 (7.2.19-0ubuntu0.18.04.1) bionic-security; urgency=medium

  * Updated to 7.2.19 to fix multiple security issues.
    - CVE-2019-11036
    - CVE-2019-11039
    - CVE-2019-11040
  * Refreshed patches:
    - debian/patches/0039-hack-phpdbg-to-explicitly-link-with-libedit.patch

 -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Tue, 04 Jun 2019 10:48:12 -0400

php7.2 (7.2.17-0ubuntu0.18.04.1) bionic-security; urgency=medium

  * Updated to 7.2.17 to fix multiple security issues.
    - CVE-2019-11034
    - CVE-2019-11035
  * Refreshed patches:
    - debian/patches/0013-Add-support-for-use-of-the-system-timezone-database.patch
  * Removed patches included in new version:
    - debian/patches/CVE-2019-9637.patch
    - debian/patches/CVE-2019-9638-and-CVE-2019-9639-1.patch
    - debian/patches/CVE-2019-9638-and-CVE-2019-9639-2.patch
    - debian/patches/CVE-2019-9640.patch
    - debian/patches/CVE-2019-9641.patch
    - debian/patches/CVE-2019-9675.patch

 -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Thu, 18 Apr 2019 10:12:38 -0400

php7.2 (7.2.15-0ubuntu0.18.04.2) bionic-security; urgency=medium

  * SECURITY UPDATE: Unauthorized users access
    - debian/patches/CVE-2019-9637.patch: fix in
      main/streams/plain_wrapper.c.
    - CVE-2019-9637
  * SECURITY UPDATE: Invalid read in exif_process_IFD_MAKERNOTE
    - debian/patches/CVE-2019-9638-and-CVE-2019-9639-*.patch: fix in
      ext/exif/exif.c, added tests in ext/exif/tests/bug77563.jpg,
      ext/exif/tests/bug77563.phpt.
    - CVE-2019-9638
    - CVE-2019-9639
  * SECURITY UPDATE: Invalid read
    - debian/patches/CVE-2019-9640.patch: fix in
      ext/exif/exif.c, added tests in ext/exif/tests/bug77540.jpg,
      ext/exif/tests/bug77540.phpt.
    - CVE-2019-9640
  * SECURITY UPDATE: Unitialized read
    - debian/patches/CVE-2019-9641.patch: fix in ext/exif/exif.c.
    - CVE-2019-9641
  * SECURITY UPDATE: Buffer overflow
    - debian/patches/CVE-2019-9675.patch: fix in
      ext/phar/tar.c, added tests in ext/phar/tests/bug71488.phpt,
      ext/phar/tests/bug77586,phpt, ext/phar/tests/bug77586/files/*.

 -- Leonidas S. Barbosa <leo.barbosa@canonical.com>  Fri, 22 Mar 2019 14:05:14 -0300

php7.2 (7.2.15-0ubuntu0.18.04.1) bionic-security; urgency=medium

  * SECURITY UPDATE: Update to 7.2.15 to fix security issues
    - CVE-2018-19935
    - CVE-2018-19518

 -- Mike Salvatore <mike.salvatore@canonical.com>  Fri, 08 Feb 2019 09:54:22 -0500

php7.2 (7.2.10-0ubuntu0.18.04.1) bionic-security; urgency=medium

  * SECURITY UPDATE: Update to 7.2.10 to fix security issues
    - CVE-2015-9253
    - CVE-2018-14851
    - CVE-2018-14883

 -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Thu, 13 Sep 2018 09:45:02 -0400

php7.2 (7.2.7-0ubuntu0.18.04.2) bionic-security; urgency=medium

  * SECURITY UPDATE: 7.2.7 did not actually include the fix for the
    CVE-2018-12882 exif security issue. This release adds backported
    patches to fix the issue.
    - debian/patches/CVE-2018-12882-1.patch: fix heap use after free in
      _php_stream_free in ext/exif/exif.c, ext/exif/tests/bug76409.phpt.
    - debian/patches/CVE-2018-12882-2.patch: fix test portability in
      ext/exif/tests/bug76409.phpt.
    - CVE-2018-12882

 -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Wed, 04 Jul 2018 12:55:24 -0400

php7.2 (7.2.7-0ubuntu0.18.04.1) bionic-security; urgency=medium

  * SECURITY UPDATE: Update to 7.2.7 to fix security issue
    - CVE-2018-12882

 -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Tue, 03 Jul 2018 11:16:52 -0400

php7.2 (7.2.5-0ubuntu0.18.04.1) bionic-security; urgency=medium

  * SECURITY UPDATE: Update to 7.2.5 to fix security issues
    - CVE-2018-10545, CVE-2018-10546, CVE-2018-10547, CVE-2018-10548,
      CVE-2018-10549
  * d/p/0036-php-5.4.9-fixheader.patch: updated for new version.

 -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Wed, 09 May 2018 13:21:02 -0400

php7.2 (7.2.3-1ubuntu1) bionic; urgency=medium

  * Merge with Debian unstable (LP: #1744148). Remaining changes:
    - Drop dh-php from Recommends to Suggests so it can be demoted to
      universe as it depends on xml2/universe.

 -- Nishanth Aravamudan <nish.aravamudan@canonical.com>  Wed, 14 Mar 2018 15:03:58 -0700

php7.2 (7.2.3-1) unstable; urgency=medium

  * New upstream version 7.2.3
  * Rebase patches on top of new upstream release.

 -- Ondřej Surý <ondrej@debian.org>  Tue, 06 Mar 2018 11:15:04 +0000

php7.2 (7.2.2-3) unstable; urgency=medium

  * Add explicit libpcre3 >= 2:8.35 dependency as dh_genshlibs is failing
    to add versioned dependency for some reason.

 -- Ondřej Surý <ondrej@debian.org>  Tue, 06 Feb 2018 16:07:40 +0000

php7.2 (7.2.2-2) unstable; urgency=medium

  * Remove explicit libpcre3 dependency and let dh_genshlibs do its magic

 -- Ondřej Surý <ondrej@debian.org>  Tue, 06 Feb 2018 13:00:04 +0000

php7.2 (7.2.2-1ubuntu2) bionic; urgency=medium

  * No-change rebuild against libcurl4

 -- Steve Langasek <steve.langasek@ubuntu.com>  Wed, 28 Feb 2018 08:43:55 +0000

php7.2 (7.2.2-1ubuntu1) bionic; urgency=low

  * Merge from Debian unstable.  Remaining changes:
    - Drop dh-php from Recommends to Suggests so it can be demoted to
      universe as it depends on xml2/universe.

 -- Dimitri John Ledkov <xnox@ubuntu.com>  Fri, 09 Feb 2018 21:18:55 +0000

php7.2 (7.2.2-1) unstable; urgency=medium

  * New upstream version 7.2.2
  * Rebase patches on top of new upstream release
  * Regenerate d/control to finish php7.2-sodium removal

 -- Ondřej Surý <ondrej@debian.org>  Thu, 01 Feb 2018 15:19:04 +0000

php7.2 (7.2.1-1ubuntu2) bionic; urgency=medium

  * d/control.in: also needs update to keep dh-php in universe.

 -- Nishanth Aravamudan <nish.aravamudan@canonical.com>  Wed, 31 Jan 2018 10:36:35 -0800

php7.2 (7.2.1-1ubuntu1) bionic; urgency=medium

  * Drop dh-php from Recommends to Suggests so it can be demoted to
    universe (LP #1590623).
    + dh-php has gained a dependency on xml2 which is in universe. 

 -- Nishanth Aravamudan <nish.aravamudan@canonical.com>  Thu, 25 Jan 2018 11:32:42 -0800

php7.2 (7.2.1-1) unstable; urgency=medium

  * Update the Vcs-* to salsa.d.o
  * Slightly update debian/copyright (most changes were already in)
  * New upstream version 7.2.1
  * Rebase patches on top of new upstream release

 -- Ondřej Surý <ondrej@debian.org>  Fri, 05 Jan 2018 11:21:04 +0000

php7.2 (7.2.0-2) unstable; urgency=medium

  * Get rid of extra php7.2-sodium module

 -- Ondřej Surý <ondrej@debian.org>  Wed, 06 Dec 2017 14:15:47 +0000

php7.2 (7.2.0-1) unstable; urgency=low

  * Update PHP 7.2 signing keys
  * New upstream version 7.2.0
  * Rebase patches for new upstream release.

 -- Ondřej Surý <ondrej@debian.org>  Thu, 30 Nov 2017 13:55:57 +0000

php7.2 (7.2.0~rc6-1) unstable; urgency=medium

  * New upstream version 7.2.0~rc6
  * Rebase patches for new upstream version.

 -- Ondřej Surý <ondrej@debian.org>  Sun, 12 Nov 2017 03:30:05 +0000

php7.2 (7.2.0~rc5-1) unstable; urgency=medium

  * New upstream version 7.2.0~rc5
  * Rebase patches for new upstream release

 -- Ondřej Surý <ondrej@debian.org>  Fri, 27 Oct 2017 13:33:55 +0000

php7.2 (7.2.0~rc4-2) unstable; urgency=medium

  * Fix the usage of internal allocator in xmlrpc extension

 -- Ondřej Surý <ondrej@debian.org>  Tue, 24 Oct 2017 18:54:46 +0000

php7.2 (7.2.0~rc4-1) unstable; urgency=medium

  * New upstream version 7.2.0~rc4
  * Rebase patches on top of new upstream version 7.2.0~rc4

 -- Ondřej Surý <ondrej@debian.org>  Sun, 22 Oct 2017 13:07:11 +0000

php7.2 (7.2.0~rc3-1) unstable; urgency=medium

  * New upstream version 7.2.0~rc3
  * Refresh patches for PHP 7.2.0~rc3

 -- Ondřej Surý <ondrej@debian.org>  Thu, 28 Sep 2017 18:26:49 +0200

php7.2 (7.2.0~rc2-1) unstable; urgency=medium

  * New upstream version 7.2.0~rc2
  * Rebase patches on top of PHP 7.2.0~rc2

 -- Ondřej Surý <ondrej@debian.org>  Mon, 18 Sep 2017 11:24:14 +0200

php7.2 (7.2.0~rc1-1) unstable; urgency=medium

  * New upstream version 7.2.0~rc1
  * Rebase patches on top of PHP 7.2.0~rc1
  * Update d/copyright (License check courtesy of Luca Falavigna)
  * Rewrap the files in d/ with wrap-and-sort -a

 -- Ondřej Surý <ondrej@debian.org>  Thu, 31 Aug 2017 14:00:16 +0200

php7.2 (7.2.0~beta3-2) unstable; urgency=medium

  * Enable Argon2 support for password hashing functions
  * Enable shared libsodium extension

 -- Ondřej Surý <ondrej@debian.org>  Fri, 25 Aug 2017 11:35:23 +0200

php7.2 (7.2.0~beta3-1) unstable; urgency=medium

  * Allow libgcrypt11-dev when it's not a transitional package
  * New upstream version 7.2.0~beta3
  * Refresh patches on top of PHP 7.2.0~beta3

 -- Ondřej Surý <ondrej@debian.org>  Fri, 18 Aug 2017 15:00:36 +0200

php7.2 (7.2.0~beta2-2) experimental; urgency=medium

  * Update Vcs-* links to https://gitlab.com/deb.sury.org/...
  * Stop depending on obsolete automake1.11
  * Switch build-depends to libgcrypt20-dev

 -- Ondřej Surý <ondrej@debian.org>  Fri, 04 Aug 2017 11:56:09 +0200

php7.2 (7.2.0~beta2-1) experimental; urgency=medium

  * Update d/watch for PHP 7.2
  * New upstream version 7.2.0~beta2
  * Rebase patches for PHP 7.2.0~beta2

 -- Ondřej Surý <ondrej@debian.org>  Thu, 03 Aug 2017 20:42:38 +0200

php7.2 (7.2.0~beta1-1) experimental; urgency=medium

  * New upstream version 7.2.0~beta1
  * Enable support for libsodium crypto
  * Rebase patches on top of PHP 7.2.0~beta1
  * Update phpapi for PHP 7.2 to 20170718

 -- Ondřej Surý <ondrej@debian.org>  Thu, 27 Jul 2017 13:29:34 +0200

php7.2 (7.2.0~alpha3-1) experimental; urgency=medium

  * New upstream version 7.2.0~alpha3
  * Rebase patches on top of PHP 7.2.0~alpha3
  * Update d/rules with configure.in -> configure.ac rename
  * Remove mcrypt extension that has been removed upstream
  * Update phpapi to 20160731

 -- Ondřej Surý <ondrej@debian.org>  Thu, 06 Jul 2017 13:50:44 +0200

