Advisories » MGASA-2016-0156

Updated php-ZendFramework packages fix security vulnerability

Publication date: 29 Apr 2016
Modification date: 29 Apr 2016
Type: security
Affected Mageia releases : 5

Description

The php-ZendFramework package has been updated to version 1.12.18 to fix a
potential information disclosure and insufficient entropy vulnerability in
the word CAPTCHA (ZF2015-09) and several other functions (ZF2016-01).
                

References

• https://bugs.mageia.org/show_bug.cgi?id=18258
• http://framework.zend.com/security/advisory/ZF2015-09
• http://framework.zend.com/security/advisory/ZF2016-01
• http://framework.zend.com/blog/zend-framework-1-12-17-and-2-4-9-released.html
• http://framework.zend.com/blog/zend-framework-1-12-18-released.html

SRPMS

5/core

• php-ZendFramework-1.12.18-1.mga5