8000 Merge pull request #56 from DavidPrevot/master · jderusse/symfony@c567c97 · GitHub
[go: up one dir, main page]

Skip to content

Commit c567c97

Browse files
committed
Merge pull request symfony#56 from DavidPrevot/master
Review last ZF issues
2 parents c24331b + 4e342fa commit c567c97

File tree

10 files changed

+74
-4
lines changed

10 files changed

+74
-4
lines changed

zendframework/zend-db/ZF2014-06.yaml

Lines changed: 17 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,17 @@
1+
title: SQL injection vector when manually quoting values for sqlsrv extension, using null byte
2+
link: http://framework.zend.com/security/advisory/ZF2014-06
3+
cve: CVE-2014-8089
4+
branches:
5+
2.0.x:
6+
time: 2014-09-16 22:00:00
7+
versions: [>=2.0.0,<2.0.99]
8+
2.1.x:
9+
time: 2014-09-16 22:00:00
10+
versions: [>=2.1.0,<2.1.99]
11+
2.2.x:
12+
time: 2014-09-16 22:00:00
13+
versions: [>=2.2.0,<2.2.8]
14+
2.3.x:
15+
time: 2014-09-16 22:00:00
16+
versions: [>=2.3.0,<2.3.3]
17+
reference: composer://zendframework/zend-db

zendframework/zend-db/ZF2015-02.yaml

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,12 @@ title: Potential SQL injection in PostgreSQL Zend\Db adapter
22
link: http://framework.zend.com/security/advisory/ZF2015-02
33
cve: CVE-2015-0270
44
branches:
5+
2.0.x:
6+
time: 2015-02-18 19:15:09
7+
versions: [>=2.0.0,<2.0.99]
8+
2.1.x:
9+
time: 2015-02-18 19:15:09
10+
versions: [>=2.1.0,<2.1.99]
511
2.2.x:
612
time: 2015-02-18 19:15:09
713
versions: [>=2.2.0,<2.2.10]
Lines changed: 17 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,17 @@
1+
title: Anonymous authentication in ldap_bind() function of PHP, using null byte
2+
link: http://framework.zend.com/security/advisory/ZF2014-05
3+
cve: CVE-2014-8088
4+
branches:
5+
2.0.x:
6+
time: 2014-09-16 22:00:00
7+
versions: [>=2.0.0,<2.0.99]
8+
2.1.x:
9+
time: 2014-09-16 22:00:00
10+
versions: [>=2.1.0,<2.1.99]
11+
2.2.x:
12+
time: 2014-09-16 22:00:00
13+
versions: [>=2.2.0,<2.2.8]
14+
2.3.x:
15+
time: 2014-09-16 22:00:00
16+
versions: [>=2.3.0,<2.3.3]
17+
reference: composer://zendframework/zend-ldap

zendframework/zend-session/ZF2015-01.yaml

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,12 @@ title: Session validation vulnerability
22
link: http://framework.zend.com/security/advisory/ZF2015-01
33
cve: ~
44
branches:
5+
2.0.x:
6+
time: 2015-01-14 22:00:00
7+
versions: [>=2.0.0,<2.0.99]
8+
2.1.x:
9+
time: 2015-01-14 22:00:00
10+
versions: [>=2.1.0,<2.1.99]
511
2.2.x:
612
time: 2015-01-14 22:00:00
713
versions: [>=2.2.0,<2.2.9]

zendframework/zendframework/ZF2014-05.yaml

Lines changed: 7 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,13 @@
11
title: Anonymous authentication in ldap_bind() function of PHP, using null byte
22
link: http://framework.zend.com/security/advisory/ZF2014-05
3-
cve: ~
3+
cve: CVE-2014-8088
44
branches:
5+
2.0.x:
6+
time: 2014-09-16 22:00:00
7+
versions: [>=2.0.0,<2.0.99]
8+
2.1.x:
9+
time: 2014-09-16 22:00:00
10+
versions: [>=2.1.0,<2.1.99]
511
2.2.x:
612
time: 2014-09-16 22:00:00
713
versions: [>=2.2.0,<2.2.8]

zendframework/zendframework/ZF2014-06.yaml

Lines changed: 7 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,13 @@
11
title: SQL injection vector when manually quoting values for sqlsrv extension, using null byte
22
link: http://framework.zend.com/security/advisory/ZF2014-06
3-
cve: ~
3+
cve: CVE-2014-8089
44
branches:
5+
2.0.x:
6+
time: 2014-09-16 22:00:00
7+
versions: [>=2.0.0,<2.0.99]
8+
2.1.x:
9+
time: 2014-09-16 22:00:00
10+
versions: [>=2.1.0,<2.1.99]
511
2.2.x:
612
time: 2014-09-16 22:00:00
713
versions: [>=2.2.0,<2.2.8]

zendframework/zendframework/ZF2015-01.yaml

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,12 @@ title: Session validation vulnerability
22
link: http://framework.zend.com/security/advisory/ZF2015-01
33
cve: ~
44
branches:
5+
2.0.x:
6+
time: 2015-01-14 22:00:00
7+
versions: [>=2.0.0,<2.0.99]
8+
2.1.x:
9+
time: 2015-01-14 22:00:00
10+
versions: [>=2.1.0,<2.1.99]
511
2.2.x:
612
time: 2015-01-14 22:00:00
713
versions: [>=2.2.0,<2.2.9]

zendframework/zendframework/ZF2015-02.yaml

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,12 @@ title: Potential SQL injection in PostgreSQL Zend\Db adapter
22
link: http://framework.zend.com/security/advisory/ZF2015-02
33
cve: CVE-2015-0270
44
branches:
5+
2.0.x:
6+
time: 2015-02-18 19:15:09
7+
versions: [>=2.0.0,<2.0.99]
8+
2.1.x:
9+
time: 2015-02-18 19:15:09
10+
versions: [>=2.1.0,<2.1.99]
511
2.2.x:
612
time: 2015-02-18 19:15:09
713
versions: [>=2.2.0,<2.2.10]

zendframework/zendframework1/ZF2014-05.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
title: Anonymous authentication in ldap_bind() function of PHP, using null byte
22
link: http://framework.zend.com/security/advisory/ZF2014-05
3-
cve: ~
3+
cve: CVE-2014-8088
44
branches:
55
1.12.x:
66
time: 2014-09-16 22:00:00

zendframework/zendframework1/ZF2014-06.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
title: SQL injection vector when manually quoting values for sqlsrv extension, using null byte
22
link: http://framework.zend.com/security/advisory/ZF2014-06
3-
cve: ~
3+
cve: CVE-2014-8089
44
branches:
55
1.12.x:
66
time: 2014-09-16 22:00:00

0 commit comments

Comments
 (0)
0