-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Mon, 14 Apr 2014 14:48:35 -0400 Source: zendframework Binary: zendframework zendframework-bin zendframework-resources Architecture: source all Version: 1.12.5-0.1 Distribution: unstable Urgency: medium Maintainer: Frank Habermann <lordlamer@lordlamer.de> Changed-By: David Prévot <taffit@debian.org> Description: zendframework - powerful PHP framework zendframework-bin - binary scripts for zendframework zendframework-resources - resource scripts for zendframework Closes: 743175 Changes: zendframework (1.12.5-0.1) unstable; urgency=medium . * Non-maintainer upload * New upstream release, fixes several security issues (Closes: #743175): - ZF2014-01: Potential XXE/XEE attacks using PHP functions: simplexml_load_*, DOMDocument::loadXML, and xml_parse http://framework.zend.com/security/advisory/ZF2014-01 [CVE-2014-2681] [CVE-2014-2682] [CVE-2014-2683] - F2014-02: Potential security issue in login mechanism of ZendOpenId and Zend_OpenId consumer http://framework.zend.com/security/advisory/ZF2014-02 [CVE-2014-2684] [CVE-2014-2685] * Update copyright years Checksums-Sha1: 00de5e07954023e9368c964ec9d35dc97582b26a 1525 zendframework_1.12.5-0.1.dsc e7473ef2fcbd3d3fbb30c2151385c431426f352b 27249981 zendframework_1.12.5.orig.tar.gz 17358423996a1d73764063a5dc21a30ccb42bd36 5214 zendframework_1.12.5-0.1.diff.gz ea7dc07d6bc788883593de7b36de97e7f9684fef 4191072 zendframework_1.12.5-0.1_all.deb 53734e42cfa21305449f55dbbb3c1a43e9d82f73 9422 zendframework-bin_1.12.5-0.1_all.deb d77c9d570c9b4c30a6021ea3288119acc45de7b5 35760 zendframework-resources_1.12.5-0.1_all.deb Checksums-Sha256: 6a76916d56f809fe59ffff8ab21283f258d6ddcad063d8750d49ffad9048dbcc 1525 zendframework_1.12.5-0.1.dsc 9f9cd38f9f8f70061feadcd88e96b23a396ca9fcfd9a940cb948711503a39993 27249981 zendframework_1.12.5.orig.tar.gz 7ce3b642e2e01a8747ea8a8117ac56f55600bb2a75810c4dd433623c025c247e 5214 zendframework_1.12.5-0.1.diff.gz 65a7acee9286537139115b649cd1622114f92d00a7a4de3854344dcb23168b11 4191072 zendframework_1.12.5-0.1_all.deb 8a750ab5edb2e94e1bbc585bf50eaf8fa831e072198653b888bb8d99e2a9dd0f 9422 zendframework-bin_1.12.5-0.1_all.deb 40ba26ebe6101223f629e743fe5ff362796d3f03e18331144eef1e69516630e5 35760 zendframework-resources_1.12.5-0.1_all.deb Files: 457f4d6c3f34eec8876eeba48ba93b53 1525 web optional zendframework_1.12.5-0.1.dsc 5a37c0f2e8e66ad07768a262f22b9913 27249981 web optional zendframework_1.12.5.orig.tar.gz 8b87ec13fd22fd48c723690acf62daa0 5214 web optional zendframework_1.12.5-0.1.diff.gz 823e116a1a9d479762d634e6c4976e3b 4191072 web optional zendframework_1.12.5-0.1_all.deb f6af66c45071b8a2b100698565e8bcf0 9422 web optional zendframework-bin_1.12.5-0.1_all.deb 0a9e323142780e43809783b09585e593 35760 web optional zendframework-resources_1.12.5-0.1_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEcBAEBCAAGBQJTTC9cAAoJEAWMHPlE9r08I1YH/35EaxGsU6m6TnBemMsAFuzD R4Dg5DNJZKSIZT/2mvSXT9yKk1mb0HTWfTP/NYRXSYgk4xdFxbQOwdKwrgeF9Tfh dPeP1vJDvUbpAcssuxfro02OobiHvDU5kld5p+YJyQ9o43KMxhNw/XhBHoxnuyQ3 vOGzTcI3ooBTbHwVf2EAOItTv8kHmznmM56VnjK/JMRf5S/+4IFlahbSH6GdXaNj wl8WT7ZwxwPBwurf3x8U0O9M2pTm6YVMSuB6UK3PavPCrQK4VP5dSmK5hyYTF8Uf lYC9hBjY8JsNWn/u4JOheFzP/3iBUZzXjPYWeDHDaQdNpX94kgv+BawLdmfSPDU= =9mKW -----END PGP SIGNATURE-----