| Errata ID | 490 |
|---|---|
| Date | 2018-08-15 |
| Source package | zendframework |
| Fixed in version | 1.12.9+dfsg-2+deb8u7 |
| Description | This update addresses the following issue: * Allowing remote attackers to conduct SQL injection attacks by leveraging failure to remove comments from an SQL statement before validation. (CVE-2016-4861) |
| Additional notes | |
| CVE ID | CVE-2016-4861 |
| UCS Bug number | #47531 |
