Bug 1151276 (CVE-2014-8088)
| Summary: | CVE-2014-8088 php-ZendFramework: null byte issue, connect to LDAP without knowing the password (ZF2014-05) | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Murray McAllister <mmcallis> |
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
| Status: | CLOSED CURRENTRELEASE | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | unspecified | CC: | fedora, felix, fweimer, jrusnack, mmcallis, shawn, vdanen |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Zend Framework 1.12.9, Zend Framework 2.2.8, Zend Framework 2.3.3 | Doc Type: | Bug Fix |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2015-01-03 15:44:27 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 1151278, 1151279, 1151280, 1151281 | ||
| Bug Blocks: | |||
|
Description
Murray McAllister
2014-10-10 03:08:20 UTC
Created php-ZendFramework2 tracking bugs for this issue: Affects: fedora-all [bug 1151278] Affects: epel-6 [bug 1151280] Affects: epel-7 [bug 1151281] Created php-ZendFramework tracking bugs for this issue: Affects: epel-6 [bug 1151279] Notice: Fedora is not affected by this bug which is fixed in PHP. From official annoucement "This corrects for unpatched versions of PHP (versions 5.5.11 and below, 5.4.27 and below, and any prior releases)." php-ZendFramework2-2.3.3-1.fc21 has been pushed to the Fedora 21 stable repository. If problems still persist, please make note of it in this bug report. php-ZendFramework-1.12.9-1.fc19 has been pushed to the Fedora 19 stable repository. If problems still persist, please make note of it in this bug report. php-ZendFramework-1.12.9-1.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report. php-ZendFramework2-2.3.3-2.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report. php-ZendFramework-1.12.9-1.el6 has been pushed to the Fedora EPEL 6 stable repository. If problems still persist, please make note of it in this bug report. php-ZendFramework2-2.3.3-1.el7 has been pushed to the Fedora EPEL 7 stable repository. If problems still persist, please make note of it in this bug report. php-ZendFramework-1.12.9-1.fc21 has been pushed to the Fedora 21 stable repository. If problems still persist, please make note of it in this bug report. php-ZendFramework2-2.2.8-2.fc19 has been pushed to the Fedora 19 stable repository. If problems still persist, please make note of it in this bug report. php-ZendFramework2-2.2.8-2.el6 has been pushed to the Fedora EPEL 6 stable repository. If problems still persist, please make note of it in this bug report. All dependent bugs have been addressed and are closed. Can this bug be closed? Thanks for the hint! |