Doctrine Common 2.1.3, DBAL 2.1.5 and ORM 2.1.3 Releases post

Posted on 2011-11-21 by Benjamin Eberlei


The bugfix release is three weeks overdue, here is it now:

The security fix concerns usage of the ASC/DESC orientation parameters in $repository->findBy($criteria, $orderBy), which is subject to SQL injection when user-input is allowed into this method.

You can grab the downloads from the project page , via PEAR or Git

Please update your installations.