Hi David, On Tue, Jul 08, 2014 at 12:32:11PM -0400, David Prévot wrote: > Package: zendframework > Version: 1.12.5-0.1 > Severity: grave > Tags: security upstream patch > > Affected versions: v1.12.0 up to v1.12.6 (Squeeze and Wheezy are not > affected)
I have not looked in detail about the reason, but could you clarify if this is true for wheezy and squeeze? It looks same code is present at least in wheezy here[1]. [1] http://sources.debian.net/src/zendframework/1.11.13-1.1/library/Zend/Db/Select.php#L604 Regards, Salvatore -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org