-
zendframework (1.12.20+dfsg-1) unstable; urgency=medium
[ Matthew Weier O'Phinney ]
* Preparation for 1.12.20
[ David Prévot ]
* Document now assigned CVE in previous changelog entry
[ Enrico Zimuel ]
* Fixed SQL Injection in order and group
-- David Prévot <email address hidden> Sat, 10 Sep 2016 11:33:39 -1000
-
zendframework (1.12.19+dfsg-1) unstable; urgency=medium
[ Matthew Weier O'Phinney ]
* Added EOL announcement to README and CONTRIBUTING guide
* Prepared for 1.12.19 release
[ Enrico Zimuel ]
* Fixed potential SQL injections in order() and group()
-- David Prévot <email address hidden> Fri, 15 Jul 2016 15:14:39 -0400
-
zendframework (1.12.18+dfsg-1) unstable; urgency=medium
[ Matthew Weier O'Phinney ]
* 1.12.18 preparations
[ Enrico Zimuel ]
* Fixed the rand usage
[ Frank Brückner ]
* Removes Zend_Gdata_YouTube which is based on Data API v2
[ David Prévot ]
* Update Standards-Version to 3.9.8
-- David Prévot <email address hidden> Wed, 13 Apr 2016 16:57:00 -0400
-
zendframework (1.12.17+dfsg-2) unstable; urgency=medium
* PHP 7.0 transition:
- Update php5-* dependencies to php-*
- Suggest other php- extensions no longer builtin
- Rebuild with latest pkg-php-tools
* Drop ownCloud for Debian maintainers from uploaders
* Update Standards-Version to 3.9.7
-- David Prévot <email address hidden> Sat, 05 Mar 2016 10:32:52 -0400
-
zendframework (1.12.17+dfsg-1) unstable; urgency=medium
[ Martin Hujer ]
* Zend_Validate_Hostname - updated TLD list to the version 2015102801
[ Enrico Zimuel ]
* Fixed the null byte test for Zend_Db_Adapter_Pdo
* ZF2015-09: Fixed entropy issue in word CAPTCHA
-- David Prévot <email address hidden> Mon, 23 Nov 2015 21:57:00 -0400
-
zendframework (1.12.16+dfsg-1) unstable; urgency=medium
[ Matthew Weier O'Phinney ]
* [ZF2015-07] Use umask of 0002 [CVE-2015-5723]
* [1.12.16] release readiness
[ Enrico Zimuel ]
* [ZF2015-08] Fix null byte injection for PDO MsSql [CVE-2014-8089]
-- David Prévot <email address hidden> Wed, 16 Sep 2015 08:08:40 -0400
-
zendframework (1.12.15+dfsg-1) unstable; urgency=medium
[ Matthew Weier O'Phinney ]
* [1.12.15] Release readinesss
-- David Prévot <email address hidden> Sat, 29 Aug 2015 15:58:10 -0400
-
zendframework (1.12.14+dfsg-1) unstable; urgency=medium
[ Frank Brückner ]
* Classes for Technorati removed
[ Matthew Weier O'Phinney ]
* [ZF2015-06] Fix potential XXE vector via BOM detection [CVE-2015-5161]
[ Martin Hujer ]
* Drop DeveloperGarden API implementation as it shuts down on 30th June 2015
-- David Prévot <email address hidden> Tue, 11 Aug 2015 09:34:58 +0200
-
zendframework (1.12.13+dfsg-1) unstable; urgency=medium
[ Matthew Weier O'Phinney ]
* Cast int and float to string when creating headers
* [1.12.13] Release readiness
-- David Prévot <email address hidden> Wed, 20 May 2015 12:09:09 -0400
-
zendframework (1.12.12+dfsg-1) unstable; urgency=high
* Upload to unstable, with high urgency because of the security fix
[ Matthew Weier O'Phinney ]
* [ZF2015-04] Fix CRLF injections in HTTP and Mail [CVE-2015-3154]
* [1.12.12] Release readiness
-- David Prévot <email address hidden> Tue, 19 May 2015 14:56:04 -0400
-
zendframework (1.12.9+dfsg-2) unstable; urgency=medium
* Revert tests during package build (Closes: #765155)
* Use repacksuffix feature of uscan
-- David Prévot <email address hidden> Mon, 13 Oct 2014 22:40:34 -0400
-
zendframework (1.12.9+dfsg-1) unstable; urgency=medium
[ Matthew Weier O'Phinney ]
* [ZF2014-05] Fix for null-byte binding
* [#372] Quote null byte characters
* [1.12.9] Release readiness
[ David Prévot ]
* Bump standards version to 3.9.6
-- David Prévot <email address hidden> Thu, 18 Sep 2014 20:28:35 -0400
-
zendframework (1.12.7-0.1) unstable; urgency=medium
* Non-maintainer upload
* New upstream release, fixes a security issue (Closes: #754201):
- ZF2014-04: Potential SQL injection in the ORDER implementation of
Zend_Db_Select
http://framework.zend.com/security/advisory/ZF2014-04
-- David Prévot <email address hidden> Tue, 08 Jul 2014 12:33:40 -0400
-
zendframework (1.12.5-0.1) unstable; urgency=medium
* Non-maintainer upload
* New upstream release, fixes several security issues (Closes: #743175):
- ZF2014-01: Potential XXE/XEE attacks using PHP functions:
simplexml_load_*, DOMDocument::loadXML, and xml_parse
http://framework.zend.com/security/advisory/ZF2014-01
[CVE-2014-2681] [CVE-2014-2682] [CVE-2014-2683]
- F2014-02: Potential security issue in login mechanism of ZendOpenId and
Zend_OpenId consumer
http://framework.zend.com/security/advisory/ZF2014-02
[CVE-2014-2684] [CVE-2014-2685]
* Update copyright years
-- David Prévot <email address hidden> Mon, 14 Apr 2014 14:48:35 -0400
-
zendframework (1.12.3-1) unstable; urgency=low
* new upstream release
* removed windows azure stuff for windows platform from library path
-- Frank Habermann <email address hidden> Wed, 24 May 2013 22:17:00 +0200
-
zendframework (1.11.13-1.1) unstable; urgency=high
* Non-maintainer upload.
* debian/patches/02-ZF2012-05:
- Fix for CVE-2012-5657: remove the XXE vector by calling
libxml_disable_entity_loader() before attempting to parse the
feed via DOMDocument::loadXML(). Patch taken from upstream SVN
repository, revision 25159 (Closes: #696483).
-- Luca Falavigna <email address hidden> Fri, 28 Dec 2012 20:24:22 +0100
-
zendframework (1.11.13-1) unstable; urgency=high
* new upstream release
- fixed XML eXternal Entity (XXE) and XML Entity Expansion (XEE)
vulnerabilities in Zend_Dom, Zend_Feed, Zend_Soap, Zend_XmlRpc
-- Frank Habermann <email address hidden> Thu, 23 Aug 2012 22:53:00 +0200
-
zendframework (1.11.12-1) unstable; urgency=high
* new upstream release
- fixes Local file disclosure via XXE injection (Closes: #679215)
* changed Standards-Version to 3.9.3
* added DM-Upload-Allowed to control
-- Frank Habermann <email address hidden> Wed, 27 Jun 2012 21:36:00 +0200
-
zendframework (1.11.11-1) unstable; urgency=low
* new upstream release
* changed Standards-Version to 3.9.2
-- Frank Habermann <email address hidden> Sat, 11 Feb 2012 21:53:00 +0200
-
zendframework (1.11.10-1) unstable; urgency=low
* new upstream release
-- Frank Habermann <email address hidden> Sun, 07 Aug 2011 20:24:00 +0200
-
zendframework (1.11.9-1) unstable; urgency=low
* new upstream release -- Frank Habermann <email address hidden> Fri, 15 Jul 2011 19:15:00 +0200
-
zendframework (1.11.8-1) unstable; urgency=low
* new upstream release -- Frank Habermann <email address hidden> Sat, 9 Jul 2011 22:28:00 +0200
-
zendframework (1.11.6-1) unstable; urgency=low
* new upstream release -- Frank Habermann <email address hidden> Sat, 21 May 2011 21:04:00 +0200
-
zendframework (1.11.4-1) unstable; urgency=low
* new upstream release -- Frank Habermann <email address hidden> Sun, 06 Mar 2011 22:38:00 +0200
-
zendframework (1.11.3-1) unstable; urgency=low
* new upstream release -- Frank Habermann <email address hidden> Tue, 08 Feb 2011 22:10:00 +0200
-
zendframework (1.10.7-1) unstable; urgency=low
* new upstream release
* changed Standards-Version to 3.9.1
-- Frank Habermann <email address hidden> Sun, 08 Aug 2010 22:01:00 +0200
-
zendframework (1.10.6-1) unstable; urgency=low
* new upstream release
-- Frank Habermann <email address hidden> Tue, 22 Jun 2010 20:42:00 +0200
-
zendframework (1.10.5-1) unstable; urgency=low
* new upstream release
-- Frank Habermann <email address hidden> Mon, 31 May 2010 21:21:00 +0200
-
zendframework (1.10.4-1) unstable; urgency=low
* new upstream release
-- Frank Habermann <email address hidden> Wed, 28 Apr 2010 20:10:00 +0200
-
zendframework (1.10.3-1) unstable; urgency=low
* new upstream release
* set debian source format
-- Frank Habermann <email address hidden> Mon, 5 Apr 2010 18:55:00 +0200
-
zendframework (1.10.2-1) unstable; urgency=low
* new upstream release
-- Frank Habermann <email address hidden> Sun, 28 Feb 2010 20:00:00 +0200
-
zendframework (1.10.1-2) unstable; urgency=low
* added manpage for zf command
* changed Standards-Version to 3.8.4
-- Frank Habermann <email address hidden> Tue, 16 Feb 2010 21:00:00 +0200
-
zendframework (1.10.1-1) unstable; urgency=low
* new upstream release
-- Frank Habermann <email address hidden> Fri, 12 Feb 2010 21:40:00 +0200
-
zendframework (1.10.0-1) unstable; urgency=low
* new upstream release
-- Frank Habermann <email address hidden> Wed, 27 Jan 2010 20:50:00 +0200
-
zendframework (1.9.7-1) unstable; urgency=low
* new upstream release
-- Frank Habermann <email address hidden> Tue, 12 Jan 2010 22:00:00 +0200
-
zendframework (1.9.6-2) unstable; urgency=low
* use quillt to set paths for shell scripts
-- Frank Habermann <email address hidden> Mon, 28 Dec 2009 22:00:00 +0200
-
zendframework (1.9.6-1) unstable; urgency=low
* new upstream release
-- Frank Habermann <email address hidden> Sun, 06 Dec 2009 20:40:00 +0200
-
zendframework (1.9.5-1) unstable; urgency=low
* new upstream release
-- Frank Habermann <email address hidden> Sun, 28 Oct 2009 10:02:00 +0200
-
zendframework (1.9.4-1) unstable; urgency=low
* new upstream release
-- Frank Habermann <email address hidden> Sun, 17 Oct 2009 14:40:00 +0200
-
zendframework (1.9.3pl1-1) unstable; urgency=low
* new upstream release
- corrects a BC break found in the 1.9.3 release
-- Frank Habermann <email address hidden> Sun, 27 Sep 2009 20:20:00 +0200
-
zendframework (1.9.3-1) unstable; urgency=low
* new upstream release
- fixed more than 100 bugs in over 40 components
-- Frank Habermann <email address hidden> Tue, 22 Sep 2009 21:10:00 +0200
-
zendframework (1.9.2-2) unstable; urgency=low
* Fixed spelling (Closes: #547125)
* Created bin package with that you can creat a default
MVC environment (Closes: #544793)
-- Frank Habermann <email address hidden> Sun, 20 Sep 2009 13:45:00 +0200
-
zendframework (1.9.2-1) unstable; urgency=low
* Initial release.
-- Frank Habermann <email address hidden> Wed, 26 Aug 2009 21:15:00 +0200
