[Secure-testing-commits] r43231 - data/CVE

[David Prévot]

Author: taffit
Date: 2016-07-15 22:22:14 +0000 (Fri, 15 Jul 2016)
New Revision: 43231

Modified:
   data/CVE/list
Log:
Add ZF2016-02/zendframework

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-07-15 21:10:12 UTC (rev 43230)
+++ data/CVE/list	2016-07-15 22:22:14 UTC (rev 43231)
@@ -1,3 +1,8 @@
+CVE-2016-XXXX [ZF2016-02: Potential SQL injection in ORDER and GROUP statements of Zend_Db_Select]
+        - zendframework 1.12.19+dfsg-1
+        [jessie] - zendframework <not-affected> (introduced after 1.12.9)
+        NOTE: http://framework.zend.com/security/advisory/ZF2016-02
+        NOTE: https://github.com/zendframework/zf1/commit/bf3f40605be3d8f136a07ae991079a7dcb34d967
 CVE-2016-6217
 	RESERVED
 CVE-2016-6216