Detections
Analytics

Fedora 21 : php-symfony-2.5.4-1.fc21 (2014-10239)

high Nessus Plugin ID 77786

Language:

Synopsis

The remote Fedora host is missing a security update.

Description

## 2.5.4 (2014-09-03)

 - security #11832 CVE-2014-6072 (fabpot)

 - security #11831 CVE-2014-5245 (stof)

 - security #11830 CVE-2014-4931 (aitboudad, Jeremy Derusse)

 - security #11829 CVE-2014-6061 (damz, fabpot)

 - security #11828 CVE-2014-5244 (nicolas-grekas, larowlan)

 - bug #10197 [FrameworkBundle] PhpExtractor bugfix and improvements (mtibben)

 - bug #11772 [Filesystem] Add FTP stream wrapper context option to enable overwrite (Damian Sromek)

 - bug #11791 [Process] fix mustRun() in sigchild environments (xabbuh)

 - bug #11788 [Yaml] fixed mapping keys containing a quoted # (hvt, fabpot)

 - bug #11787 fixed DateComparator if file does not exist (avi123)

 - bug #11160 [DoctrineBridge] Abstract Doctrine Subscribers with tags (merk)

 - bug #11768 [ClassLoader] Add a __call() method to XcacheClassLoader (tstoeckler)

 - bug #11739 [Validator] Pass strict argument into the strict email validator (brianfreytag)

 - bug #11749 [TwigBundle] Remove hard dependency of RequestContext in AssetsExtension (pgodel)

 - bug #11726 [Filesystem Component] mkdir race condition fix #11626 (kcassam)

 - bug #11677 [YAML] resolve variables in inlined YAML (xabbuh)

 - bug #11639 [DependencyInjection] Fixed factory service not within the ServiceReferenceGraph. (boekkooi)

 - bug #11778 [Validator] Fixed wrong translations for Collection constraints (samicemalone)

 - bug #11756 [DependencyInjection] fix @return anno created by PhpDumper (jakubkulhan)

 - bug #11711 [DoctrineBridge] Fix empty parameter logging in the dbal logger (jakzal)

 - bug #11692 [DomCrawler] check for the correct field type (xabbuh)

 - bug #11672 [Routing] fix handling of nullable XML attributes (xabbuh)

 - bug #11624 [DomCrawler] fix the axes handling in a bc way (xabbuh)

 - bug #11676 [Form] Fixed #11675 ValueToDuplicatesTransformer accept '0' value (Nek-)

 - bug #11695 [Validators] Fixed failing tests requiring ICU 52.1 which are skipped otherwise (webmozart)

 - bug #11584 [FrameworkBundle] Fixed validator factory definition when the Validator API is 'auto' for PHP < 5.3.9 (webmozart)

 - bug #11645 [Form] Fixed ValidatorExtension to work with the 2.5 Validation API (webmozart)

 - bug #11529 [WebProfilerBundle] Fixed double height of canvas (hason)

 - bug #11666 [DIC] Fixed: anonymous services are always private (lyrixx)

 - bug #11641 [WebProfilerBundle ] Fix toolbar vertical alignment (blaugueux)

 - bug #11637 fix dependencies on HttpFoundation component (xabbuh)

 - bug #11559 [Validator] Convert objects to string in comparison validators (webmozart)

 - feature #11510 [HttpFoundation] MongoDbSessionHandler supports auto expiry via configurable expiry_field (catchamonkey)

 - bug #11408 [HttpFoundation] Update QUERY_STRING when overrideGlobals (yguedidi)

 - bug #11625 [FrameworkBundle] resolve parameters before the configs are processed in the config:debug command (xabbuh)

 - bug #11633 [FrameworkBundle] add missing attribute to XSD (xabbuh)

 - bug #11601 [Validator] Allow basic auth in url when using UrlValidator. (blaugueux)

 - bug #11609 [Console] fixed style creation when providing an unknown tag option (fabpot)

 - bug #10914 [HttpKernel] added an analyze of environment parameters for built-in server (mauchede)

 - bug #11598 [Finder] Shell escape and windows support (Gordon Franke, gimler)

 - bug #11582 [DoctrineBridge] Changed UniqueEntityValidator to use the 2.5 Validation API (webmozart)

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Solution

Update the affected php-symfony package.

See Also

https://bugzilla.redhat.com/show_bug.cgi?id=1138285

http://www.nessus.org/u?f9541987

Plugin Details

Severity: High

ID: 77786

File Name: fedora_2014-10239.nasl

Version: 1.5

Type: local

Agent: unix

Published: 9/23/2014

Updated: 1/11/2021

Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

Vulnerability Information

CPE: p-cpe:/a:fedoraproject:fedora:php-symfony, cpe:/o:fedoraproject:fedora:21

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list

Patch Publication Date: 9/6/2014

Vulnerability Publication Date: 9/6/2014

Reference Information

FEDORA: 2014-10239