ZF 1.12.4, 2.1.6, and 2.2.6 Released, with Security Updates!

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

ZF 1.12.4, 2.1.6, and 2.2.6 Released, with Security Updates!


We've just pushed out a ton of new releases:

- Zend Framework 1.12.4
- Zend Framework 2.1.6
- Zend Framework 2.2.6
- a new component, ZendXml
- and a bunch of releases for individual service components.

These releases include a number of very important security fixes, including:

- Fixes for XML eXternal Entity (XXE) and XML Entity Expansion (XEE)
- Fixes to our OpenID consumers to prevent the ability for malicious
Identity Providers to spoof identities from other providers

We highly recommend updating to the latest versions of Zend Framework
at this time.

For more information, please read our release announcement:

- http://framework.zend.com/blog/zend-framework-1-12-4-2-1-6-and-2-2-6-released.html

Matthew Weier O'Phinney
Project Lead            | [hidden email]
Zend Framework          | http://framework.zend.com/
PGP key: http://framework.zend.com/zf-matthew-pgp-key.asc

List: [hidden email]
Info: http://framework.zend.com/archives
Unsubscribe: [hidden email]