drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Fehlerhafte Zugriffsrechte in php-doctrine-orm
Name: |
Fehlerhafte Zugriffsrechte in php-doctrine-orm |
|
ID: |
FEDORA-2016-f0c8b7b115 |
|
Distribution: |
Fedora |
|
Plattformen: |
Fedora 24 |
|
Datum: |
Mi, 20. Juli 2016, 07:54 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5723 |
|
Applikationen: |
php-doctrine-orm |
|
Originalnachricht |
Name : php-doctrine-orm Product : Fedora 24 Version : 2.4.8 Release : 1.fc24 URL : http://www.doctrine-project.org/projects/orm.html Summary : Doctrine Object-Relational-Mapper (ORM) Description : Object relational mapper (ORM) for PHP that sits on top of a powerful database abstraction layer (DBAL). One of its' key features is the option to write database queries in a proprietary object oriented SQL dialect called Doctrine Query Language (DQL), inspired by Hibernate's HQL. This provides developers with a powerful alternative to SQL that maintains flexibility without requiring unnecessary code duplication.
Autoloader: /usr/share/php/Doctrine/ORM/autoload.php
------------------------------------------------------------------------------- - Update Information:
## v2.4.8 ### Security - CVE-2015-5723 php-doctrine-orm filesystem permission issues - https://access.redhat.com/security/cve/CVE-2015-5723 - security_misconfiguration_vulnerabili ty_in_various_doctrine_projects.html ### Bug - [DDC-3310] - [GH-1138] Join column index names - [DDC-3343] - `PersistentCollection::removeElement` schedules an entity for deletion when relationship is EXTRA_LAZY, with `orphanRemoval` false. - [DDC-3464] - [GH-1231] Backport 'Merge pull request #1098 from encoder32/DDC-1590' to 2.4 branch - [DDC-3482] - [GH-1242] Attempting to lock a proxy object fails as UOW doesn't init proxy first - [DDC-3493] - New (PHP 5.5) "class" keyword - wrong parsing by EntityGenerator - [DDC-3494] - [GH-1250] Test case for "class" keyword - [DDC-3500] - [GH-1254] Fix applying ON/WITH conditions to first join in Class Table Inheritance - [DDC-3502] - [GH-1256] DDC-3493 - fixed EntityGenerator parsing for php 5.5 "::class" syntax - [DDC-3518] - [GH-1266] [2.4] Fix schema generation in the test suite - [DDC-3537] - [GH-1282] Hotfix/#1169 extra lazy one to many should not delete referenced entities (backport to 2.4) - [DDC-3551] - [GH-1294] Avoid Connection error when calling ClassMetadataFactor::getAllMetadata() - [DDC-3560] - [GH-1300] [2.4] #1169 DDC-3343 one-to-omany persister deletes only on EXTRA_LAZY plus orphanRemoval - [DDC-3608] - [GH-1327] Properly generate default value from yml & xml mapping - [DDC-3619] - spl_object_hash collision - [DDC-3624] - [GH-1338] [DDC-3619] Update identityMap when entity gets managed again - [DDC-3643] - [GH-1352] fix EntityGenerator RegenerateEntityIfExists ### Improvement - [DDC-3530] - [GH-1276] travis: run coverage just once ------------------------------------------------------------------------------- - References:
[ 1 ] Bug #1347926 - CVE-2015-5723 php-doctrine-orm filesystem permission issues https://bugzilla.redhat.com/show_bug.cgi?id=1347926 ------------------------------------------------------------------------------- -
This update can be installed with the "yum" update program. Use su -c 'yum update php-doctrine-orm' at the command line. For more information, refer to "Managing Software with yum", available at https://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys ------------------------------------------------------------------------------- - _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://lists.fedoraproject.org/admin/lists/package-announce@lists.fedoraproject.org
|
|
|
|