Change log for zendframework package in Debian
| 1 → 58 of 58 results | First • Previous • Next • Last |
| Deleted in stretch-release (Reason: None provided.) |
| Deleted in stretch-release (Reason: None provided.) |
| Deleted in sid-release (Reason: None provided.) |
zendframework (1.12.20+dfsg-1) unstable; urgency=medium [ Matthew Weier O'Phinney ] * Preparation for 1.12.20 [ David Prévot ] * Document now assigned CVE in previous changelog entry [ Enrico Zimuel ] * Fixed SQL Injection in order and group -- David Prévot <email address hidden> Sat, 10 Sep 2016 11:33:39 -1000
zendframework (1.12.19+dfsg-1) unstable; urgency=medium [ Matthew Weier O'Phinney ] * Added EOL announcement to README and CONTRIBUTING guide * Prepared for 1.12.19 release [ Enrico Zimuel ] * Fixed potential SQL injections in order() and group() -- David Prévot <email address hidden> Fri, 15 Jul 2016 15:14:39 -0400
| Published in wheezy-release |
zendframework (1.11.13-1.1+deb7u6) wheezy; urgency=medium
* Fix regression from ZF2015-08: binary data corruption
* Backport security fix from 1.12.18:
- ZF2016-01: Potential Insufficient Entropy Vulnerability in ZF1
http://framework.zend.com/security/advisory/ZF2016-01
-- David Prévot <email address hidden> Wed, 13 Apr 2016 16:34:02 -0400
| Published in jessie-release |
zendframework (1.12.9+dfsg-2+deb8u6) jessie; urgency=medium
* Fix regression from ZF2015-08: binary data corruption
* Backport security fix from 1.12.18:
- ZF2016-01: Potential Insufficient Entropy Vulnerability in ZF1
http://framework.zend.com/security/advisory/ZF2016-01
-- David Prévot <email address hidden> Wed, 13 Apr 2016 16:37:00 -0400
zendframework (1.12.18+dfsg-1) unstable; urgency=medium [ Matthew Weier O'Phinney ] * 1.12.18 preparations [ Enrico Zimuel ] * Fixed the rand usage [ Frank Brückner ] * Removes Zend_Gdata_YouTube which is based on Data API v2 [ David Prévot ] * Update Standards-Version to 3.9.8 -- David Prévot <email address hidden> Wed, 13 Apr 2016 16:57:00 -0400
| Superseded in wheezy-release |
zendframework (1.11.13-1.1+deb7u5) wheezy; urgency=medium
* Backport security fix from 1.12.17
- ZF2015-09: Fixed entropy issue in word CAPTCHA
http://framework.zend.com/security/advisory/ZF2015-09
-- David Prévot <email address hidden> Tue, 24 Nov 2015 18:28:53 -0400
zendframework (1.12.17+dfsg-2) unstable; urgency=medium
* PHP 7.0 transition:
- Update php5-* dependencies to php-*
- Suggest other php- extensions no longer builtin
- Rebuild with latest pkg-php-tools
* Drop ownCloud for Debian maintainers from uploaders
* Update Standards-Version to 3.9.7
-- David Prévot <email address hidden> Sat, 05 Mar 2016 10:32:52 -0400
| Superseded in jessie-release |
zendframework (1.12.9+dfsg-2+deb8u5) jessie; urgency=medium
* Backport security fix from 1.12.17
- ZF2015-09: Fixed entropy issue in word CAPTCHA
http://framework.zend.com/security/advisory/ZF2015-09
-- David Prévot <email address hidden> Tue, 24 Nov 2015 18:21:26 -0400
zendframework (1.12.17+dfsg-1) unstable; urgency=medium [ Martin Hujer ] * Zend_Validate_Hostname - updated TLD list to the version 2015102801 [ Enrico Zimuel ] * Fixed the null byte test for Zend_Db_Adapter_Pdo * ZF2015-09: Fixed entropy issue in word CAPTCHA -- David Prévot <email address hidden> Mon, 23 Nov 2015 21:57:00 -0400
zendframework (1.12.16+dfsg-1) unstable; urgency=medium [ Matthew Weier O'Phinney ] * [ZF2015-07] Use umask of 0002 [CVE-2015-5723] * [1.12.16] release readiness [ Enrico Zimuel ] * [ZF2015-08] Fix null byte injection for PDO MsSql [CVE-2014-8089] -- David Prévot <email address hidden> Wed, 16 Sep 2015 08:08:40 -0400
| Superseded in wheezy-release |
zendframework (1.11.13-1.1+deb7u3) wheezy-security; urgency=high
* ZF2015-06: XXE/XEE vector when using ZendXml on multibyte payloads
[CVE-2015-5161]
-- David Prévot <email address hidden> Mon, 10 Aug 2015 15:03:59 +0200
| Superseded in jessie-release |
zendframework (1.12.9+dfsg-2+deb8u3) jessie-security; urgency=high
* ZF2015-06: XXE/XEE vector when using ZendXml on multibyte payloads
http://framework.zend.com/security/advisory/ZF2015-06
[CVE-2015-5161]
-- David Prévot <email address hidden> Tue, 18 Aug 2015 18:00:37 +0200
zendframework (1.12.15+dfsg-1) unstable; urgency=medium [ Matthew Weier O'Phinney ] * [1.12.15] Release readinesss -- David Prévot <email address hidden> Sat, 29 Aug 2015 15:58:10 -0400
zendframework (1.12.14+dfsg-1) unstable; urgency=medium [ Frank Brückner ] * Classes for Technorati removed [ Matthew Weier O'Phinney ] * [ZF2015-06] Fix potential XXE vector via BOM detection [CVE-2015-5161] [ Martin Hujer ] * Drop DeveloperGarden API implementation as it shuts down on 30th June 2015 -- David Prévot <email address hidden> Tue, 11 Aug 2015 09:34:58 +0200
| Superseded in jessie-release |
zendframework (1.12.9+dfsg-2+deb8u2) jessie-security; urgency=high
* Update ZF2015-04 patch.
Use the final upstream patch instead of the initial one.
No actual change other than spaces, comments and tests.
It will ease cherry-picking further fixes if needed.
* Fix regression in headers creation.
Non-string and non-stringable objects were not allowed anymore with the
ZF2015-04 patch. This broke a number of other classes, however, which
required integer and/or float values (e.g., to set a Content-Length
header).
-- David Prévot <email address hidden> Sat, 23 May 2015 12:13:17 -0400
zendframework (1.12.13+dfsg-1) unstable; urgency=medium [ Matthew Weier O'Phinney ] * Cast int and float to string when creating headers * [1.12.13] Release readiness -- David Prévot <email address hidden> Wed, 20 May 2015 12:09:09 -0400
| Superseded in sid-release |
zendframework (1.12.12+dfsg-1) unstable; urgency=high * Upload to unstable, with high urgency because of the security fix [ Matthew Weier O'Phinney ] * [ZF2015-04] Fix CRLF injections in HTTP and Mail [CVE-2015-3154] * [1.12.12] Release readiness -- David Prévot <email address hidden> Tue, 19 May 2015 14:56:04 -0400
| Deleted in experimental-release (Reason: None provided.) |
zendframework (1.12.11+dfsg-1) experimental; urgency=medium [ Matthew Weier O'Phinney ] * Promoted to stable version 1.12.11 [ Frank Brückner ] * Adds condition in ViewRenderer action helper -- David Prévot <email address hidden> Tue, 17 Feb 2015 19:53:26 -0400
| Superseded in experimental-release |
zendframework (1.12.10+dfsg-1) experimental; urgency=medium [ Matthew Weier O'Phinney ] * [1.12.10] release preparation [ Rob Allen ] * Update copyright to 2015. [ David Prévot ] * Update copyright * Simplify rules * Add upstream changelog * Upload to experimental to respect the freeze -- David Prévot <email address hidden> Fri, 23 Jan 2015 15:18:20 -0400
zendframework (1.12.9+dfsg-2) unstable; urgency=medium * Revert tests during package build (Closes: #765155) * Use repacksuffix feature of uscan -- David Prévot <email address hidden> Mon, 13 Oct 2014 22:40:34 -0400
zendframework (1.12.9+dfsg-1) unstable; urgency=medium [ Matthew Weier O'Phinney ] * [ZF2014-05] Fix for null-byte binding * [#372] Quote null byte characters * [1.12.9] Release readiness [ David Prévot ] * Bump standards version to 3.9.6 -- David Prévot <email address hidden> Thu, 18 Sep 2014 20:28:35 -0400
zendframework (1.12.7-0.1) unstable; urgency=medium
* Non-maintainer upload
* New upstream release, fixes a security issue (Closes: #754201):
- ZF2014-04: Potential SQL injection in the ORDER implementation of
Zend_Db_Select
http://framework.zend.com/security/advisory/ZF2014-04
-- David Prévot <email address hidden> Tue, 08 Jul 2014 12:33:40 -0400
zendframework (1.12.5-0.1) unstable; urgency=medium
* Non-maintainer upload
* New upstream release, fixes several security issues (Closes: #743175):
- ZF2014-01: Potential XXE/XEE attacks using PHP functions:
simplexml_load_*, DOMDocument::loadXML, and xml_parse
http://framework.zend.com/security/advisory/ZF2014-01
[CVE-2014-2681] [CVE-2014-2682] [CVE-2014-2683]
- F2014-02: Potential security issue in login mechanism of ZendOpenId and
Zend_OpenId consumer
http://framework.zend.com/security/advisory/ZF2014-02
[CVE-2014-2684] [CVE-2014-2685]
* Update copyright years
-- David Prévot <email address hidden> Mon, 14 Apr 2014 14:48:35 -0400
zendframework (1.12.3-1) unstable; urgency=low * new upstream release * removed windows azure stuff for windows platform from library path -- Frank Habermann <email address hidden> Wed, 24 May 2013 22:17:00 +0200
| Published in squeeze-release |
zendframework (1.10.6-1squeeze2) squeeze-security; urgency=high
* Fix for CVE-2012-5657: remove the XXE vector by calling
libxml_disable_entity_loader() before attempting to parse the
feed via DOMDocument::loadXML() (Closes: #696483).
-- Frank Habermann <email address hidden> Mon, 7 Jan 2013 20:52:00 +0200
zendframework (1.11.13-1.1) unstable; urgency=high
* Non-maintainer upload.
* debian/patches/02-ZF2012-05:
- Fix for CVE-2012-5657: remove the XXE vector by calling
libxml_disable_entity_loader() before attempting to parse the
feed via DOMDocument::loadXML(). Patch taken from upstream SVN
repository, revision 25159 (Closes: #696483).
-- Luca Falavigna <email address hidden> Fri, 28 Dec 2012 20:24:22 +0100
| Superseded in squeeze-release |
zendframework (1.10.6-1squeeze1) squeeze-security; urgency=high * fixes Local file disclosure via XXE injection (Closes: #679215) -- Frank Habermann <email address hidden> Thu, 28 Jun 2012 21:42:00 +0200
zendframework (1.11.13-1) unstable; urgency=high
* new upstream release
- fixed XML eXternal Entity (XXE) and XML Entity Expansion (XEE)
vulnerabilities in Zend_Dom, Zend_Feed, Zend_Soap, Zend_XmlRpc
-- Frank Habermann <email address hidden> Thu, 23 Aug 2012 22:53:00 +0200
zendframework (1.11.12-1) unstable; urgency=high
* new upstream release
- fixes Local file disclosure via XXE injection (Closes: #679215)
* changed Standards-Version to 3.9.3
* added DM-Upload-Allowed to control
-- Frank Habermann <email address hidden> Wed, 27 Jun 2012 21:36:00 +0200
zendframework (1.11.11-1) unstable; urgency=low * new upstream release * changed Standards-Version to 3.9.2 -- Frank Habermann <email address hidden> Sat, 11 Feb 2012 21:53:00 +0200
zendframework (1.11.10-1) unstable; urgency=low * new upstream release -- Frank Habermann <email address hidden> Sun, 07 Aug 2011 20:24:00 +0200
zendframework (1.11.9-1) unstable; urgency=low * new upstream release -- Frank Habermann <email address hidden> Fri, 15 Jul 2011 19:15:00 +0200
zendframework (1.11.8-1) unstable; urgency=low * new upstream release -- Frank Habermann <email address hidden> Sat, 9 Jul 2011 22:28:00 +0200
zendframework (1.11.6-1) unstable; urgency=low * new upstream release -- Frank Habermann <email address hidden> Sat, 21 May 2011 21:04:00 +0200
zendframework (1.11.4-1) unstable; urgency=low * new upstream release -- Frank Habermann <email address hidden> Sun, 06 Mar 2011 22:38:00 +0200
zendframework (1.11.3-1) unstable; urgency=low * new upstream release -- Frank Habermann <email address hidden> Tue, 08 Feb 2011 22:10:00 +0200
| Deleted in experimental-release (Reason: None provided.) |
zendframework (1.11.2-2) experimental; urgency=low * Remove Suggests on php5-sqlite3 for debcheck since the package is php5-sqlite and is no longer built by php5 under that name (Closes: #603515) -- Frank Habermann <email address hidden> Wed, 19 Jan 2011 21:20:00 +0200
| Superseded in experimental-release |
zendframework (1.11.2-1) experimental; urgency=low * new upstream release -- Frank Habermann <email address hidden> Thu, 30 Dec 2010 20:59:00 +0200
| Superseded in experimental-release |
zendframework (1.11.0-1) experimental; urgency=low * new upstream release * fixing wrong rights on resources/languages/pt_BR/Zend_Validate.php * using php5 or php5-cli for zendframework dependencies (Closes: #598378) -- Frank Habermann <email address hidden> Thu, 18 Nov 2010 23:29:00 +0200
| Superseded in experimental-release |
zendframework (1.10.8-1) experimental; urgency=low
* new upstream release
* created new package zendframework-resources that contains pre-translated
error messages (Closes: #592385)
-- Frank Habermann <email address hidden> Fri, 27 Aug 2010 20:54:00 +0200
zendframework (1.10.7-1) unstable; urgency=low * new upstream release * changed Standards-Version to 3.9.1 -- Frank Habermann <email address hidden> Sun, 08 Aug 2010 22:01:00 +0200
zendframework (1.10.6-1) unstable; urgency=low * new upstream release -- Frank Habermann <email address hidden> Tue, 22 Jun 2010 20:42:00 +0200
zendframework (1.10.5-1) unstable; urgency=low * new upstream release -- Frank Habermann <email address hidden> Mon, 31 May 2010 21:21:00 +0200
zendframework (1.10.4-1) unstable; urgency=low * new upstream release -- Frank Habermann <email address hidden> Wed, 28 Apr 2010 20:10:00 +0200
zendframework (1.10.3-1) unstable; urgency=low * new upstream release * set debian source format -- Frank Habermann <email address hidden> Mon, 5 Apr 2010 18:55:00 +0200
zendframework (1.10.2-1) unstable; urgency=low * new upstream release -- Frank Habermann <email address hidden> Sun, 28 Feb 2010 20:00:00 +0200
zendframework (1.10.1-2) unstable; urgency=low * added manpage for zf command * changed Standards-Version to 3.8.4 -- Frank Habermann <email address hidden> Tue, 16 Feb 2010 21:00:00 +0200
zendframework (1.10.1-1) unstable; urgency=low * new upstream release -- Frank Habermann <email address hidden> Fri, 12 Feb 2010 21:40:00 +0200
zendframework (1.10.0-1) unstable; urgency=low * new upstream release -- Frank Habermann <email address hidden> Wed, 27 Jan 2010 20:50:00 +0200
zendframework (1.9.7-1) unstable; urgency=low * new upstream release -- Frank Habermann <email address hidden> Tue, 12 Jan 2010 22:00:00 +0200
zendframework (1.9.6-2) unstable; urgency=low * use quillt to set paths for shell scripts -- Frank Habermann <email address hidden> Mon, 28 Dec 2009 22:00:00 +0200
zendframework (1.9.6-1) unstable; urgency=low * new upstream release -- Frank Habermann <email address hidden> Sun, 06 Dec 2009 20:40:00 +0200
zendframework (1.9.5-1) unstable; urgency=low * new upstream release -- Frank Habermann <email address hidden> Sun, 28 Oct 2009 10:02:00 +0200
zendframework (1.9.4-1) unstable; urgency=low * new upstream release -- Frank Habermann <email address hidden> Sun, 17 Oct 2009 14:40:00 +0200
zendframework (1.9.3pl1-1) unstable; urgency=low
* new upstream release
- corrects a BC break found in the 1.9.3 release
-- Frank Habermann <email address hidden> Sun, 27 Sep 2009 20:20:00 +0200
zendframework (1.9.3-1) unstable; urgency=low
* new upstream release
- fixed more than 100 bugs in over 40 components
-- Frank Habermann <email address hidden> Tue, 22 Sep 2009 21:10:00 +0200
zendframework (1.9.2-2) unstable; urgency=low
* Fixed spelling (Closes: #547125)
* Created bin package with that you can creat a default
MVC environment (Closes: #544793)
-- Frank Habermann <email address hidden> Sun, 20 Sep 2009 13:45:00 +0200
zendframework (1.9.2-1) unstable; urgency=low * Initial release. -- Frank Habermann <email address hidden> Wed, 26 Aug 2009 21:15:00 +0200
| 1 → 58 of 58 results | First • Previous • Next • Last |
