——————————————————————————–
Fedora Update Notification
FEDORA-2015-7887
2015-05-10 04:04:12
——————————————————————————–

Name : php-ZendFramework2
Product : Fedora 20
Version : 2.3.8
Release : 1.fc20
URL : http://framework.zend.com
Summary : Zend Framework 2
Description :
Zend Framework 2 is an open source framework for developing web applications
and services using PHP 5.3+. Zend Framework 2 uses 100% object-oriented code
and utilizes most of the new features of PHP 5.3, namely namespaces, late
static binding, lambda functions and closures.

Zend Framework 2 evolved from Zend Framework 1, a successful PHP framework
with over 15 million downloads.

Note: This meta package installs all base Zend Framework component packages
(Authentication, Barcode, Cache, Captcha, Code, Config, Console, Crypt, Db,
Debug, Di, Dom, Escaper, EventManager, Feed, File, Filter, Form, Http, I18n,
InputFilter, Json, Ldap, Loader, Log, Mail, Math, Memory, Mime, ModuleManager,
Mvc, Navigation, Paginator, Permissions-Acl, Permissions-Rbac, ProgressBar,
Serializer, Server, ServiceManager, Session, Soap, Stdlib, Tag, Test, Text,
Uri, Validator, Version, View, XmlRpc) except the optional Cache-apc and
Cache-memcached packages.

——————————————————————————–
Update Information:

* **ZF2015-04**: Zend\Mail and Zend\Http were both susceptible to CRLF Injection Attack vectors (for HTTP, this is often referred to as HTTP Response Splitting). Both components were updated to perform header value validations to ensure no values contain characters not detailed in their corresponding specifications, and will raise exceptions on detection. Each also provides new facilities for both validating and filtering header values prior to injecting them into header classes. If you use either Zend\Mail or Zend\Http (which includes users of Zend\Mvc), we recommend upgrading immediately.
——————————————————————————–
ChangeLog:

* Fri May 8 2015 Remi Collet <remi@fedoraproject.org> – 2.3.8-1
– Update to 2.3.8
* Fri Mar 13 2015 Remi Collet <remi@fedoraproject.org> – 2.3.7-1
– Update to 2.3.7
* Tue Feb 24 2015 Remi Collet <remi@fedoraproject.org> – 2.3.5-1
– Update to 2.3.5
– add patch for icu 54, FTBFS detected by Koschei
* Fri Jan 16 2015 Remi Collet <remi@fedoraproject.org> – 2.3.4-1
– Update to 2.3.4
– drop GLPI patch, fixed upstream
– add dependency on ircmaxell/random-lib
– apply upstream changes to inter-package dependencies
* Fri Oct 17 2014 Shawn Iwinski <shawn.iwinski@gmail.com> – 2.3.3-2
– Drop php-gmp dependency from Math component (BZ #1152440)
– Fix tests’ autoloader
* Fri Oct 10 2014 Remi Collet <remi@fedoraproject.org> – 2.3.3-1
– Update to 2.3.3
– fix SQL injection with SqlSrv ZF2014-05 CVE-2014-8088 #1151276
– fix null byte issue on Ldap connect ZF2014-06 CVE-2014-8089 #1151277
* Wed Aug 20 2014 Remi Collet <remi@fedoraproject.org> – 2.3.2-1
– Update to 2.3.2
– tests from github
– run test suite during build
* Sun Jul 20 2014 Remi Collet <remi@fedoraproject.org> – 2.3.1-3
– composer dependencies
– add missing license
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> – 2.3.1-2
– Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Tue May 20 2014 Shawn Iwinski <shawn.iwinski@gmail.com> – 2.3.1-1
– Updated to 2.3.1
* Sun May 18 2014 Shawn Iwinski <shawn.iwinski@gmail.com> – 2.2.7-1
– Updated to 2.2.7 (security update for ZF2014-03)
* Tue Apr 1 2014 Remi Collet <remi@fedoraproject.org> – 2.2.6-1
– Updated to 2.2.6 for CVE-2014-2681 CVE-2014-2682
CVE-2014-2683 CVE-2014-2684 CVE-2014-2685
– new package ZendXml
– fix for unversioned doc directory
——————————————————————————–

This update can be installed with the “yum” update program. Use
su -c ‘yum update php-ZendFramework2’ at the command line.
For more information, refer to “Managing Software with yum”,
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce

——————————————————————————–
Fedora Update Notification
FEDORA-2015-7687
2015-05-10 03:55:16
——————————————————————————–

Name : php-ZendFramework2
Product : Fedora 21
Version : 2.3.8
Release : 1.fc21
URL : http://framework.zend.com
Summary : Zend Framework 2
Description :
Zend Framework 2 is an open source framework for developing web applications
and services using PHP 5.3+. Zend Framework 2 uses 100% object-oriented code
and utilizes most of the new features of PHP 5.3, namely namespaces, late
static binding, lambda functions and closures.

Zend Framework 2 evolved from Zend Framework 1, a successful PHP framework
with over 15 million downloads.

Note: This meta package installs all base Zend Framework component packages
(Authentication, Barcode, Cache, Captcha, Code, Config, Console, Crypt, Db,
Debug, Di, Dom, Escaper, EventManager, Feed, File, Filter, Form, Http, I18n,
InputFilter, Json, Ldap, Loader, Log, Mail, Math, Memory, Mime, ModuleManager,
Mvc, Navigation, Paginator, Permissions-Acl, Permissions-Rbac, ProgressBar,
Serializer, Server, ServiceManager, Session, Soap, Stdlib, Tag, Test, Text,
Uri, Validator, Version, View, XmlRpc) except the optional Cache-apc and
Cache-memcached packages.

——————————————————————————–
Update Information:

* **ZF2015-04**: Zend\Mail and Zend\Http were both susceptible to CRLF Injection Attack vectors (for HTTP, this is often referred to as HTTP Response Splitting). Both components were updated to perform header value validations to ensure no values contain characters not detailed in their corresponding specifications, and will raise exceptions on detection. Each also provides new facilities for both validating and filtering header values prior to injecting them into header classes. If you use either Zend\Mail or Zend\Http (which includes users of Zend\Mvc), we recommend upgrading immediately.
——————————————————————————–
ChangeLog:

* Fri May 8 2015 Remi Collet <remi@fedoraproject.org> – 2.3.8-1
– Update to 2.3.8
* Fri Mar 13 2015 Remi Collet <remi@fedoraproject.org> – 2.3.7-1
– Update to 2.3.7
* Tue Feb 24 2015 Remi Collet <remi@fedoraproject.org> – 2.3.5-1
– Update to 2.3.5
– add patch for icu 54, FTBFS detected by Koschei
* Fri Jan 16 2015 Remi Collet <remi@fedoraproject.org> – 2.3.4-1
– Update to 2.3.4
– drop GLPI patch, fixed upstream
– add dependency on ircmaxell/random-lib
– apply upstream changes to inter-package dependencies
——————————————————————————–

This update can be installed with the “yum” update program. Use
su -c ‘yum update php-ZendFramework2’ at the command line.
For more information, refer to “Managing Software with yum”,
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce

 

 

 

 

——————————————————————————–
Fedora Update Notification
FEDORA-2015-7708
2015-05-10 03:56:08
——————————————————————————–

Name : php-ZendFramework2
Product : Fedora 22
Version : 2.3.8
Release : 1.fc22
URL : http://framework.zend.com
Summary : Zend Framework 2
Description :
Zend Framework 2 is an open source framework for developing web applications
and services using PHP 5.3+. Zend Framework 2 uses 100% object-oriented code
and utilizes most of the new features of PHP 5.3, namely namespaces, late
static binding, lambda functions and closures.

Zend Framework 2 evolved from Zend Framework 1, a successful PHP framework
with over 15 million downloads.

Note: This meta package installs all base Zend Framework component packages
(Authentication, Barcode, Cache, Captcha, Code, Config, Console, Crypt, Db,
Debug, Di, Dom, Escaper, EventManager, Feed, File, Filter, Form, Http, I18n,
InputFilter, Json, Ldap, Loader, Log, Mail, Math, Memory, Mime, ModuleManager,
Mvc, Navigation, Paginator, Permissions-Acl, Permissions-Rbac, ProgressBar,
Serializer, Server, ServiceManager, Session, Soap, Stdlib, Tag, Test, Text,
Uri, Validator, Version, View, XmlRpc) except the optional Cache-apc and
Cache-memcached packages.

——————————————————————————–
Update Information:

* **ZF2015-04**: Zend\Mail and Zend\Http were both susceptible to CRLF Injection Attack vectors (for HTTP, this is often referred to as HTTP Response Splitting). Both components were updated to perform header value validations to ensure no values contain characters not detailed in their corresponding specifications, and will raise exceptions on detection. Each also provides new facilities for both validating and filtering header values prior to injecting them into header classes. If you use either Zend\Mail or Zend\Http (which includes users of Zend\Mvc), we recommend upgrading immediately.
——————————————————————————–
ChangeLog:

* Fri May 8 2015 Remi Collet <remi@fedoraproject.org> – 2.3.8-1
– Update to 2.3.8
——————————————————————————–

This update can be installed with the “yum” update program. Use
su -c ‘yum update php-ZendFramework2’ at the command line.
For more information, refer to “Managing Software with yum”,
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce