We've just released version 1.12.7, which contains an important
security fix for potential SQLi vulnerabilities in
Zend_Db_Select::order().
You can download Zend Framework 1.12.7 from the website:
-
http://framework.zend.com/download/latest#ZF1For more information on the release:
-
http://framework.zend.com/blog/zend-framework-1-12-7-released.htmland on the security fix:
-
http://framework.zend.com/security/advisory/ZF2014-04--
Matthew Weier O'Phinney
Project Lead |
[hidden email]
Zend Framework |
http://framework.zend.com/PGP key:
http://framework.zend.com/zf-matthew-pgp-key.asc