The Zend Framework project released security advisory ZF2016-03 to address a potential SQL injection in ORDER and GROUP statements of Zend_Db_Select. External References: https://framework.zend.com/security/advisory/ZF2016-03
Created php-ZendFramework tracking bugs for this issue: Affects: fedora-all [bug 1376341] Affects: epel-all [bug 1376342]
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.