Accepted zendframework 1.11.13-1.1+deb7u5 (source all) into oldstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 27 Sep 2016 18:33:02 +0200
Source: zendframework
Binary: zendframework zendframework-bin zendframework-resources
Architecture: source all
Version: 1.11.13-1.1+deb7u5
Distribution: wheezy-security
Urgency: high
Maintainer: Frank Habermann <lordlamer@lordlamer.de>
Changed-By: Thorsten Alteholz <debian@alteholz.de>
Description:
zendframework - powerful PHP framework
zendframework-bin - binary scripts for zendframework
zendframework-resources - resource scripts for zendframework
Changes:
zendframework (1.11.13-1.1+deb7u5) wheezy-security; urgency=high
.
* Non-maintainer upload by the Wheezy LTS Team.
* CVE-2016-4861
The implementation of ORDER BY and GROUP BY in Zend_Db_Select
remained prone to SQL injection when a combination of SQL
expressions and comments were used. This security patch provides
a comprehensive solution that identifies and removes comments
prior to checking validity of the statement to ensure no SQLi
vectors occur.
Checksums-Sha1:
95198b9d9616edd220ee976bf6e785ca8a3ec668 2072 zendframework_1.11.13-1.1+deb7u5.dsc
b0921984bd2edc64a238c0a8db2f5be57844a751 20217474 zendframework_1.11.13.orig.tar.gz
28a9ef8f76b9ae889074f077dde4adeb456bdd17 45243 zendframework_1.11.13-1.1+deb7u5.diff.gz
94c952a0cc741c6a2d27c031bcd35ec00e06284d 3742300 zendframework_1.11.13-1.1+deb7u5_all.deb
e5a9a50337b37f4dc87a35f5391cd648ba62db8a 11272 zendframework-bin_1.11.13-1.1+deb7u5_all.deb
9f7f9f9548d7f0c0bb619f1abc6aed40e942cf86 39648 zendframework-resources_1.11.13-1.1+deb7u5_all.deb
Checksums-Sha256:
350d4a87f4784cbee7ba313b86057c1bd660bd110df36bc71e1701f36d2cb334 2072 zendframework_1.11.13-1.1+deb7u5.dsc
2d7349ae9133bd4fee39c5c7ab605c70d3a6db89bca229b4105a9b53b6a12996 20217474 zendframework_1.11.13.orig.tar.gz
dad0bea73e46f300a811be4a92aaed37b23f96e4728c8f48d782f3aba1593f12 45243 zendframework_1.11.13-1.1+deb7u5.diff.gz
da4d4bac71b4a0ddb462651e50b2801dc619376c35c6dac9a11cfaa09fdd0d38 3742300 zendframework_1.11.13-1.1+deb7u5_all.deb
2c7724323c7339e25fbdebc91a938df8d93115d03b10e8502688e4790916853a 11272 zendframework-bin_1.11.13-1.1+deb7u5_all.deb
149fc990f4e2ebb26b8d94e682ebb57bf1acb4b742f616b24f4fb668a9c08feb 39648 zendframework-resources_1.11.13-1.1+deb7u5_all.deb
Files:
88c9033da70c485adb8f88f9cf3b2c14 2072 web optional zendframework_1.11.13-1.1+deb7u5.dsc
db77b24f2ad4dbaf36f2a5b517522780 20217474 web optional zendframework_1.11.13.orig.tar.gz
ae1c02d4ef2b61e9d54e85d68713c5d2 45243 web optional zendframework_1.11.13-1.1+deb7u5.diff.gz
e9efbf61926668b3bdc6220701647517 3742300 web optional zendframework_1.11.13-1.1+deb7u5_all.deb
522c71ebeb90b2d73b63020465ecb497 11272 web optional zendframework-bin_1.11.13-1.1+deb7u5_all.deb
5560b6ba5bb7f4adb00fafa128e761ae 39648 web optional zendframework-resources_1.11.13-1.1+deb7u5_all.deb
-----BEGIN PGP SIGNATURE-----
iQKQBAEBCgB6BQJX9TtnXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2MjAxRkJGRkRCQkRFMDc4MjJFQUJCOTY5
NkZDQUMwRDM4N0I1ODQ3ExxkZWJpYW5AYWx0ZWhvbHouZGUACgkQlvysDTh7WEeY
4w//b+sG4K0P/T0GRa5NuexQxjrvqYJ08OGkrVS/ZeI8epoQjgNrHxLhGSA8tUnn
+w4pbsuEU6tSmF1IoK+xNxwl4WxsbXArnFOCaR/c5JAmESzEWI0ZzH438tM/ZZYo
l9AoCMgSioOQwtacrSJGszqbpTfwGB31j8W2NLic2xAovNYh5viMvAptkCI/wHlY
yGQGtuUgQmxufXIlHnNHvBTKs9syS9qNe45ozS3gqgm1+FN+pmyeqq0ZsQM1wygw
puFzEzCafptlFegrEQ1Lqv+H2+ZECME2KQqlZaO9lxyz9bGrOKtZ0zO5EYmLnDys
AFKKf9Sk8LNtznHe1qENeg+SMoSBGnKCy//PY4x/XqABOg381TBdGi0OrgNQ1rv8
JZsuk/3cP8omQ3KMdzo9F6afTfSVAlnkH3UIl+DnfVoS4GggE1MS/GzUSxIGBHpR
Oo/6jxeL75mU8+9CTZgStaQzqc/XmNmuDqlqpBgsQhBAo3J34EPi1+45Opioxg7A
cfCGp26RwP4oV3EQ/OmJAS+67rzYYllD4v+jhOHvdQGxci7/zuFlf/q4m4bL58nY
SL/qaQbREq0j9OiCtAkl21o3ad+iEVZdpMYlYU0nM1+gXuZuMnntJnNilMbfzHVQ
sfJ029z2r9NoZkJEfO8gBRT7nou8c7PjJrFNuLs20eWQTWA=
=5J9V
-----END PGP SIGNATURE-----
Reply to: