Bug 15143

Summary: php-ZendFramework2 new security issue ZF2015-01
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: Guillaume Rousse <guillomovitch>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: normal    
Priority: Normal    
Version: Cauldron   
Target Milestone: ---   
Hardware: i586   
OS: Linux   
Whiteboard:
Source RPM: php-ZendFramework2-2.3.3-3.mga5.src.rpm CVE:
Status comment:

Description David Walser 2015-01-27 17:04:33 CET 
Upstream has issued an advisory on January 14:
http://framework.zend.com/security/advisory/ZF2015-01

The issue is fixed upstream in 2.3.4:
http://framework.zend.com/blog/zend-framework-2-2-9-and-2-3-4-released.html

php-ZendFramework (and thus Mageia 4) is not affected.

Reproducible: 

Steps to Reproduce:
David Walser 2015-01-27 23:37:36 CET

Blocks: (none) => 14674

Comment 1 David Walser 2015-01-31 15:39:49 CET 
Fixed in php-ZendFramework2-2.3.4-1.mga5 by guillomovitch.

Status: NEW => RESOLVED
Blocks: 14674 => (none)
Resolution: (none) => FIXED