eZ Systems describe the issues as following on their webpage:

Approval of pending objects can be forced

When defining an approval workflow, you also specify a set of users and groups who are allowed to approve the objects. In previous releases, it was possible for users without sufficient credentials to approve the objects. This security issue cannot be exploited in a default installation, as only Administrator users have the privileges to access the collaboration view. In order to exploit this weakness, the user first needs to be given access to the collaboration module. Usually only users who approve content would need to have access to this module on sites using approval workflows.

A bug in the pdf library may cause memory exhaustion

In previous releases, a bug in the pdf library could cause memory loss when handling specially crafted content. This could make the server run out of memory and become completely unresponsive. On servers where PHP's memory_limit setting was configured correctly, this was handled more gracefully as the request would be aborted immediately when the memory limit was reached.

Updates with the automatic maintenance service of eZ publish

eZ systems can inform that everybody that been subscribing to the automatic maintenance service eZ Network are already automatically updated before the security bug are public known.

Read the full story and download the last version from:
http://ez.no/community/news/ez_publish_security_fixes_3_9_1_3_8_7_3_7_10_and_3_6_12

Open Sources CMSes, please subscribe to our Newsletter.