Bug#821042: jessie-pu: package zendframework/1.12.9+dfsg-2+deb8u6

To: 821042@bugs.debian.org
Cc: David Prévot <taffit@debian.org>
Subject: Bug#821042: jessie-pu: package zendframework/1.12.9+dfsg-2+deb8u6
From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Date: Wed, 18 May 2016 23:08:29 +0100
Message-id: <[🔎] 1463609309.6062.79.camel@adam-barratt.org.uk>
Reply-to: "Adam D. Barratt" <adam@adam-barratt.org.uk>, 821042@bugs.debian.org
In-reply-to: <[🔎] 1463247785.6062.50.camel@adam-barratt.org.uk>
References: <20160414220617.GA11710@persil.tilapin.org> <[🔎] 1463247785.6062.50.camel@adam-barratt.org.uk>

Control: tags -1 + pending

On Sat, 2016-05-14 at 18:43 +0100, Adam D. Barratt wrote:
> Control: tags -1 + confirmed
> 
> On Thu, 2016-04-14 at 18:06 -0400, David Prévot wrote:
> > As agreed with the security team, I’d like to fix another potential
> > entropy vulnerability has been fixed in zendframework.
> > 
> > The fix also gets rid of openssl_random_pseudo_bytes() introduced in the
> > previous ZF2015-09 fix, and I also added a regression fix from the
> > CVE-2015-7695 (ZF2015-08) patch (this one was introduced in DSA-3369-1).
> 
> Apologies for the delay in getting back to you. Please go ahed.

Uploaded and flagged for acceptance.

Regards,

Adam

Reply to:

References:
- Bug#821042: jessie-pu: package zendframework/1.12.9+dfsg-2+deb8u6
  - From: "Adam D. Barratt" <adam@adam-barratt.org.uk>

Prev by Date: Bug#823752: jessie-pu: package xarchiver/1:0.5.4-1
Next by Date: Processed: Re: Bug#821042: jessie-pu: package zendframework/1.12.9+dfsg-2+deb8u6
Previous by thread: Processed: Re: Bug#821042: jessie-pu: package zendframework/1.12.9+dfsg-2+deb8u6
Next by thread: Processed: Re: Bug#821042: jessie-pu: package zendframework/1.12.9+dfsg-2+deb8u6
Index(es):
- Date
- Thread