stable

php-ZendFramework2-2.2.10-1.el6 and php-zendframework-zendxml-1.0.2-2.el6

FEDORA-EPEL-2016-42cb1b4ac8 created by siwinski 8 years ago for Fedora EPEL 6

2.2.10 (2015-02-18)

SECURITY UPDATES

  • ZF2015-02: Zend\Db\Adapter\Platform\Postgresql was incorrectly using \\ to escape double quotes in identifiers and values, which could lead to SQL injection vectors. We have provided patches that use proper escaping. If you use Postgresql with Zend Framework 2, we recommend upgrading immediately.

2.2.9 (2015-01-14)

SECURITY UPDATES

  • ZF2015-01: Session validators were not run if set before session start. Essentially, the validators were writing to the $_SESSION superglobal before session start, which meant the data was overwritten once the session began. This meant on subsequent calls, the validators had no data to compare against, making the sessions automatically valid. We have provided patches to ensure that validators are run only after the session has begun, which will ensure they validate sessions correctly going forward. If you use Zend\Session validators, we recommend upgrading immediately.

This update has been submitted for testing by siwinski.

8 years ago

This update has been pushed to testing.

8 years ago

This update has reached 14 days in testing and can be pushed to stable now if the maintainer wishes

8 years ago

This update has been submitted for stable by siwinski.

8 years ago

This update has been pushed to stable.

8 years ago

Please login to add feedback.

Metadata
Type
security
Karma
0
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
disabled
Dates
submitted
8 years ago
in testing
8 years ago
in stable
8 years ago
BZ#1343989 [epel6][security] php-ZendFramework2-2.2.10 is available
0
0

Automated Test Results