Unsubscribe
Joe Gray, CISSP-ISSMP, GSNA | Encompass Digital Media
DVIDS ISSO/Director of IT Security
3845 Pleasantdale Road | Atlanta, GA 30340 | www.encompass.tv
direct +1 678 421 6696 | mobile +1 678 429 8697 |
[hidden email]
DVIDS - Defense Video & Imagery Distribution System You Tell The Story / We Tell The World
Powered by U.S. Third Army www.dvidshub.net www.twitter.com/DVIDShub www.facebook.com/dvids
[hidden email]
-----Original Message-----
From: Matthew Weier O'Phinney [mailto:
[hidden email]]
Sent: Wednesday, January 14, 2015 5:52 PM
To: lists lists
Cc: lists lists; lists lists
Subject: [zf-contributors] Zend Framework 1.12.10, 2.2.9, and 2.3.4 Released!
Greetings, all, and happy new year!
We've released three new versions of Zend Framework today:
- 1.12.10, which is a scheduled maintenance release.
- 2.2.9, which is a security release, addressing ZF2015-01
- 2.3.4, which is both a maintenance release, and a security release (also ZF2015-01)
You can download them from:
-
http://framework.zend.com/downloads/latestand you can visit the changelogs at:
-
http://framework.zend.com/changelog/1.12.10-
http://framework.zend.com/changelog/2.2.9-
http://framework.zend.com/changelog/2.3.4The security issue patched with 2.2.9 and 2.3.4 is ZF2015-01:
-
http://framework.zend.com/security/advisory/ZF2015-01The advisory is for users of Zend\Session's validators; prior to these releases, validator metadata was not being properly persisted to the session, which meant it was being re-initialized on every request, making every request valid. If you use this feature, we recommend upgrading immediately.
--
Matthew Weier O'Phinney
Principal Engineer
Project Lead, Zend Framework and Apigility
[hidden email] http://framework.zend.com http://apigility.org PGP key:
http://framework.zend.com/zf-matthew-pgp-key.asc