15143 – php-ZendFramework2 new security issue ZF2015-01

Bug 15143 - php-ZendFramework2 new security issue ZF2015-01

Summary: php-ZendFramework2 new security issue ZF2015-01

Status:	RESOLVED FIXED

Alias:	None

Product:	Mageia
Classification:	Unclassified
Component:	Security (show other bugs)
Version:	Cauldron
Hardware:	i586 Linux

Priority:	Normal Severity: normal
Target Milestone:	---
Assignee:	Guillaume Rousse
QA Contact:	Sec team

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2015-01-27 17:04 CET by David Walser
Modified:	2015-01-31 15:39 CET (History)
CC List:	0 users

See Also:
Source RPM:	php-ZendFramework2-2.3.3-3.mga5.src.rpm
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description David Walser 2015-01-27 17:04:33 CET

Upstream has issued an advisory on January 14:
http://framework.zend.com/security/advisory/ZF2015-01

The issue is fixed upstream in 2.3.4:
http://framework.zend.com/blog/zend-framework-2-2-9-and-2-3-4-released.html

php-ZendFramework (and thus Mageia 4) is not affected.

Reproducible: 

Steps to Reproduce:

David Walser 2015-01-27 23:37:36 CET

Blocks: (none) => 14674

Comment 1 David Walser 2015-01-31 15:39:49 CET

Fixed in php-ZendFramework2-2.3.4-1.mga5 by guillomovitch.

Status: NEW => RESOLVED
Blocks: 14674 => (none)
Resolution: (none) => FIXED

Note You need to log in before you can comment on or make changes to this bug.