Hi,
CVE names have been assigned for these issues. The assignment is rather
complicated. If you fix both issues in one upload it's ok to just mention
that it addresses the 5 CVE's named below.
http://framework.zend.com/security/advisory/ZF2014-01
CVE-2014-2681 - This CVE is for the lack of
Package: zendframework
Severity: serious
Tags: security fixed-upstream patch
Hi,
Two new security advisories were published for the Zend Framework.
* ZF2014-01: Potential XXE/XEE attacks using PHP functions:
simplexml_load_*, DOMDocument::loadXML, and xml_parse
2 matches
Mail list logo
