Merge pull request symfony#23 from sensiolabs/CVE-2014-4931

fabpot · fabpot · commit 622ca9061b05 · 2014-07-15T23:04:58.000+02:00
added CVE-2014-4931
diff --git a/symfony/framework-bundle/CVE-2014-4931.yaml b/symfony/framework-bundle/CVE-2014-4931.yaml
@@ -0,0 +1,23 @@
+title:     Code injection in the way Symfony implements translation caching in FrameworkBundle
+link:      http://symfony.com/blog/security-releases-cve-2014-4931-symfony-2-3-18-2-4-8-and-2-5-2-released
+cve:       CVE-2014-4931
+branches:
+    2.0.x:
+        time:     2014-07-15 15:35:51
+        versions: [>=2.0.0]
+    2.1.x:
+        time:     2014-07-15 15:35:51
+        versions: [>=2.1.0]
+    2.2.x:
+        time:     2014-07-15 15:35:51
+        versions: [>=2.2.0]
+    2.3.x:
+        time:     2014-07-15 15:35:51
+        versions: [>=2.3.0,<2.3.18]
+    2.4.x:
+        time:     2014-07-15 15:35:51
+        versions: [>=2.4.0,<2.4.7]
+    2.5.x:
+        time:     2014-07-15 15:35:51
+        versions: [>=2.5.0,<2.5.2]
+reference: composer://symfony/framework-bundle
diff --git a/symfony/symfony/CVE-2014-4931.yaml b/symfony/symfony/CVE-2014-4931.yaml
@@ -0,0 +1,23 @@
+title:     Code injection in the way Symfony implements translation caching in FrameworkBundle
+link:      http://symfony.com/blog/security-releases-cve-2014-4931-symfony-2-3-18-2-4-8-and-2-5-2-released
+cve:       CVE-2014-4931
+branches:
+    2.0.x:
+        time:     2014-07-15 15:35:51
+        versions: [>=2.0.0]
+    2.1.x:
+        time:     2014-07-15 15:35:51
+        versions: [>=2.1.0]
+    2.2.x:
+        time:     2014-07-15 15:35:51
+        versions: [>=2.2.0]
+    2.3.x:
+        time:     2014-07-15 15:35:51
+        versions: [>=2.3.0,<2.3.18]
+    2.4.x:
+        time:     2014-07-15 15:35:51
+        versions: [>=2.4.0,<2.4.7]
+    2.5.x:
+        time:     2014-07-15 15:35:51
+        versions: [>=2.5.0,<2.5.2]
+reference: composer://symfony/symfony
