Bug 18958

Summary: php-ZendFramework new security issue ZF2016-02 (CVE-2016-6233)
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: QA Team <qa-bugs>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: normal    
Priority: Normal CC: brtians1, davidwhodgins, sysadmin-bugs
Version: 5Keywords: validated_update
Target Milestone: ---   
Hardware: All   
OS: Linux   
URL: http://lwn.net/Vulnerabilities/696219/
Whiteboard: has_procedure mga5-32-ok advisory
Source RPM: php-ZendFramework-1.12.18-1.mga5.src.rpm CVE:
Status comment:

Description David Walser 2016-07-16 12:24:51 CEST 
Upstream has issued an advisory on July 13:
https://framework.zend.com/security/advisory/ZF2016-02

The issue is fixed in 1.12.19.

More info is here:
http://openwall.com/lists/oss-security/2016/07/16/1
Comment 1 David Walser 2016-07-17 22:22:21 CEST 
CVE-2016-6233 has been assigned:
http://openwall.com/lists/oss-security/2016/07/16/4

Summary: php-ZendFramework new security issue ZF2016-02 => php-ZendFramework new security issue ZF2016-02 (CVE-2016-6233)

Comment 2 David Walser 2016-07-20 21:14:46 CEST 
1.12.19 release announcement:
https://framework.zend.com/blog/2016-07-13-ZF-1.12.19-Released.html

Note that ZF1 will be EOL in September:
https://framework.zend.com/blog/2016-06-28-zf1-eol.html
Comment 3 David Walser 2016-07-20 21:27:24 CEST 
Updated package uploaded for Mageia 5.

Testing procedure:
https://bugs.mageia.org/show_bug.cgi?id=13708#c3

Advisory:
========================

Updated php-ZendFramework packages fix security vulnerability:

The implementation of ORDER BY and GROUP BY in Zend_Db_Select of ZendFramework
is vulnerable to an SQL injection (CVE-2016-6233).

References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6233
https://framework.zend.com/security/advisory/ZF2016-02
https://framework.zend.com/blog/2016-07-13-ZF-1.12.19-Released.html
========================

Updated packages in core/updates_testing:
========================
php-ZendFramework-1.12.19-1.mga5
php-ZendFramework-demos-1.12.19-1.mga5
php-ZendFramework-tests-1.12.19-1.mga5
php-ZendFramework-extras-1.12.19-1.mga5
php-ZendFramework-Cache-Backend-Apc-1.12.19-1.mga5
php-ZendFramework-Cache-Backend-Memcached-1.12.19-1.mga5
php-ZendFramework-Captcha-1.12.19-1.mga5
php-ZendFramework-Dojo-1.12.19-1.mga5
php-ZendFramework-Feed-1.12.19-1.mga5
php-ZendFramework-Gdata-1.12.19-1.mga5
php-ZendFramework-Pdf-1.12.19-1.mga5
php-ZendFramework-Search-Lucene-1.12.19-1.mga5
php-ZendFramework-Services-1.12.19-1.mga5

from php-ZendFramework-1.12.19-1.mga5.src.rpm

Assignee: thomas => qa-bugs
Whiteboard: (none) => has_procedure

Comment 4 Brian Rockwell 2016-07-30 23:01:42 CEST 
installed all of the components successfully - now working on testing listed above.

CC: (none) => brtians1

Comment 5 Brian Rockwell 2016-07-30 23:25:23 CEST 
followed Claire's instructions listed in https://bugs.mageia.org/show_bug.cgi?id=13708#c3 and was able to sign the guest book

MGS5-32-ok.

Whiteboard: has_procedure => has_procedure mga5-32-ok

Dave Hodgins 2016-08-03 06:33:23 CEST

Keywords: (none) => validated_update
Whiteboard: has_procedure mga5-32-ok => has_procedure mga5-32-ok advisory
CC: (none) => davidwhodgins, sysadmin-bugs

Comment 6 Mageia Robot 2016-08-03 12:57:36 CEST 
An update for this issue has been pushed to the Mageia Updates repository.

http://advisories.mageia.org/MGASA-2016-0272.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED

David Walser 2016-08-08 21:33:05 CEST

URL: (none) => http://lwn.net/Vulnerabilities/696219/