CVE Request -- php-doctrine-Doctrine -- SQL injection flaw

[Jan Lieskovsky <jlieskov () redhat com>]

Hello Steve, vendors,

  a SQL injection flaw has been reported against Doctrine, the PHP Object Relational Mapper:
  [1] http://www.doctrine-project.org/blog/doctrine-security-fix
  [2] https://bugzilla.redhat.com/show_bug.cgi?id=689396

Further from [1]:
"The security hole was found today and affects the Doctrine\DBAL\Platforms\AbstractPlatform::modifyLimitQuery()
function which does not cast input values for limit and offset to integer and allows malicious SQL to be executed
if these parameters are passed into Doctrine 2 directly from request variables without previous cast to integer."

Could you allocate a CVE id for this?

Thanks && Regards, Jan.
--
Jan iankko Lieskovsky / Red Hat Security Response Team