Accepted zendframework 1.10.6-1squeeze3 (source all) into squeeze-lts
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Mon, 15 Jun 2015 22:36:44 +0200
Source: zendframework
Binary: zendframework zendframework-bin
Architecture: source all
Version: 1.10.6-1squeeze3
Distribution: squeeze-lts
Urgency: medium
Maintainer: Frank Habermann <lordlamer@lordlamer.de>
Changed-By: Santiago Ruano Rincón <santiagorr@riseup.net>
Description:
zendframework - powerful PHP framework
zendframework-bin - binary scripts for zendframework
Changes:
zendframework (1.10.6-1squeeze3) squeeze-lts; urgency=medium
.
* Non-maintainer upload by the Squeeze LTS team.
* Fix ZF2012-02: Denial of Service vector via XEE injection
http://framework.zend.com/security/advisory/ZF2012-02
[CVE-2012-6531].
* Backport security fixes from wheezy:
* Handle patches with gbp pq
* Fix ZF2014-01: Potential XXE/XEE attacks.
Numerous components utilizing PHP's DOMDocument, SimpleXML, and
xml_parse functionality were vulnerable.
http://framework.zend.com/security/advisory/ZF2014-01
[CVE-2014-2681] [CVE-2014-2682] [CVE-2014-2683]
* Fix ZF2014-02: Security fix for OpenID.
Potential security issue in login mechanism of ZendOpenId and
Zend_OpenId consumer.
http://framework.zend.com/security/advisory/ZF2014-02
[CVE-2014-2684] [CVE-2014-2685]
* Fix ZF2014-04: Potential SQL injection.
The implementation of the ORDER BY SQL statement in Zend_Db_Select of
Zend Framework 1 contains a potential SQL injection when the query
string passed contains parentheses.
http://framework.zend.com/security/advisory/ZF2014-04
[CVE-2014-4914]
* Fix ZF2014-05: Potential XML eXternal Entity injection vectors
http://framework.zend.com/security/advisory/ZF2012-05
[CVE-2014-8088]
* Fix ZF2014-06: SQL injection vector when manually quoting values
http://framework.zend.com/security/advisory/ZF2014-06
[CVE-2014-8089]
* Fix ZF2015-04: CRLF injections in HTTP and Mail
http://framework.zend.com/security/advisory/ZF2015-04
[CVE-2015-3154]
Checksums-Sha1:
5caef7a1366bbd795760859c4085d06441438101 1727 zendframework_1.10.6-1squeeze3.dsc
5d1a4fde06ce70a93ac6cd5dd7996380965940fd 26014 zendframework_1.10.6-1squeeze3.diff.gz
1a9a32ac9b224c1be4c7ac58ff173443c38815bc 3592240 zendframework_1.10.6-1squeeze3_all.deb
713ecc5cb7cadef0bb1207a222f3fa7014706cb6 10048 zendframework-bin_1.10.6-1squeeze3_all.deb
Checksums-Sha256:
2a6abb0a17cfc14056604f3ab49fcb0317a0122a24df6c121b843c6476085fb1 1727 zendframework_1.10.6-1squeeze3.dsc
12a25bf08ebada92dd0eb628a09b51b304463b9652028ddd3696e88e5602445a 26014 zendframework_1.10.6-1squeeze3.diff.gz
44cdd13983602e029100d0914db2262073bbfffe8c93455cd13f6bbf72d2d12c 3592240 zendframework_1.10.6-1squeeze3_all.deb
bf6afe59098e531f728dff4b12245ba1bfe5e9fa457c6aa2c6170c7770a18a95 10048 zendframework-bin_1.10.6-1squeeze3_all.deb
Files:
f395858952fbcd0337ccbbac315c8ddf 1727 web optional zendframework_1.10.6-1squeeze3.dsc
de99964742985260718d873555aff4f8 26014 web optional zendframework_1.10.6-1squeeze3.diff.gz
cd9a855570415ef245ec57446b15a275 3592240 web optional zendframework_1.10.6-1squeeze3_all.deb
63aaff8b61a2f62569bf8d0797451362 10048 web optional zendframework-bin_1.10.6-1squeeze3_all.deb
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJVhWErAAoJEN5v/bjI1ki9KWwQAKVUuOQwh7GcRlXqXwYWA8MO
6X8LkV2DJ9HTmfjkEhOYWnnvYv/luW8GMi4Sq/3F07/XdgSXOjiEXpktHM6qJU75
0YdKhc562HDKjwtejZ4EaAQL0JIACaooEhQymcTDVSzlqUZTueRn1OUqljB81SYv
/5EE6rIg/92wM/BIrjF5lnnTYXcbJUscmbUW1RFZ/cyEB0sSuq42aQhsDh9BHXaQ
QjDOFKlYLDAw4x93pfmCmUHTiMBeGNvUkKh9LWiHnQTnVjyAk9FOE+KzXN7K0Tnf
+V/9s9EOOchUr8+LWCmVQGWEdBndSqhCscd59PZ38sh+zzjr/XZRu8xEWCjzvL+I
ptiti2qLBK0bOpXK8DeT8nhF6ES690nIUVAFKBQcQKd6A0GGYAURvrXa5Kf/lsmB
yrMQVdtn1CJ/roVWxI4CMZLWov+9U80FrDY1haoMTaVlgEL6YwRfcQNRosb4+ydY
TrHXPHcS+furHKTLHO0r7SZG+qTUmN57TuDykEprPRhBhXQGA19F9sb9lXio7fS2
0eEdr0m0D8wMxhPrBmrZ476kj0OWjAb5joE+HzSAM6YFM5EmS+mkvejaiNKcmCxI
Lgl29DinENPW6tsACruEDSM1iYam/dB7SP4uNXrEMEw1EvU0WIjvyqQ+X1jrXHiu
YV8nEaCS1uXAUo+n2Wxc
=MyGn
-----END PGP SIGNATURE-----
Reply to: