Debian Bug report logs - #688946
zendframework: CVE-2012-4451

Package: zendframework; Maintainer for zendframework is Frank Habermann <lordlamer@lordlamer.de>; Source for zendframework is src:zendframework.

Reported by: Moritz Muehlenhoff <jmm@inutil.org>

Date: Thu, 27 Sep 2012 07:39:02 UTC

Severity: grave

Tags: security

Done: Moritz Muehlenhoff <jmm@inutil.org>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to debian-bugs-dist@lists.debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Frank Habermann <lordlamer@lordlamer.de>:
Bug#688946; Package zendframework. (Thu, 27 Sep 2012 07:39:04 GMT) Full text and rfc822 format available.

Acknowledgement sent to Moritz Muehlenhoff <jmm@inutil.org>:
New Bug report received and forwarded. Copy sent to team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Frank Habermann <lordlamer@lordlamer.de>. (Thu, 27 Sep 2012 07:39:04 GMT) Full text and rfc822 format available.

Message #5 received at submit@bugs.debian.org (full text, mbox):

From: Moritz Muehlenhoff <jmm@inutil.org>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: zendframework: CVE-2012-4451
Date: Thu, 27 Sep 2012 09:34:24 +0200
Package: zendframework
Severity: grave
Tags: security
Justification: user security hole

This was assigned CVE-2012-4451:
http://seclists.org/oss-sec/2012/q3/571

Remember Debian is in freeze, so please only apply the isolated securitx fix and
request an unblock by filing a bug against release.debian.org

Cheers,
        Moritz



Information forwarded to debian-bugs-dist@lists.debian.org:
Bug#688946; Package zendframework. (Thu, 18 Oct 2012 17:33:03 GMT) Full text and rfc822 format available.

Acknowledgement sent to Frank Habermann <lordlamer@lordlamer.de>:
Extra info received and forwarded to list. (Thu, 18 Oct 2012 17:33:03 GMT) Full text and rfc822 format available.

Message #10 received at submit@bugs.debian.org (full text, mbox):

From: Frank Habermann <lordlamer@lordlamer.de>
To: Moritz Muehlenhoff <jmm@inutil.org>, 688946@bugs.debian.org
Cc: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Re: Bug#688946: zendframework: CVE-2012-4451
Date: Thu, 18 Oct 2012 19:21:29 +0200
close #688946

Hi,

> Remember Debian is in freeze, so please only apply the isolated securitx
> fix and request an unblock by filing a bug against release.debian.org
I contacted upstream to clarify this. Zendframework Version 1 is not affected 
by this. So no fix is needed here!

regards,
Frank



Information forwarded to debian-bugs-dist@lists.debian.org:
Bug#688946; Package zendframework. (Thu, 18 Oct 2012 17:33:04 GMT) Full text and rfc822 format available.

Acknowledgement sent to Frank Habermann <lordlamer@lordlamer.de>:
Extra info received and forwarded to list. (Thu, 18 Oct 2012 17:33:05 GMT) Full text and rfc822 format available.

Reply sent to Moritz Muehlenhoff <jmm@inutil.org>:
You have taken responsibility. (Sun, 21 Oct 2012 18:27:08 GMT) Full text and rfc822 format available.

Notification sent to Moritz Muehlenhoff <jmm@inutil.org>:
Bug acknowledged by developer. (Sun, 21 Oct 2012 18:27:08 GMT) Full text and rfc822 format available.

Message #20 received at 688946-done@bugs.debian.org (full text, mbox):

From: Moritz Muehlenhoff <jmm@inutil.org>
To: 688946-done@bugs.debian.org
Subject: Re: Bug#688946: zendframework: CVE-2012-4451
Date: Sun, 21 Oct 2012 20:21:31 +0200



Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Mon, 19 Nov 2012 07:26:02 GMT) Full text and rfc822 format available.

Send a report that this bug log contains spam.


Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Thu Apr 17 00:23:16 2014; Machine Name: beach.debian.org

Debian Bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.