This release is a security release, and contains fixes to both the
Zend\Session\Validator\RemoteAddr and Zend\View\Helper\ServerUrl
classes. If you are using either, we recommend upgrading immediately.
For more information, please read the ZF2012-04 advisory details
(http://framework.zend.com/security/advisory/ZF2012-04). Thanks goes to
Fabien Potencier for alerting us of the issues and working with us on
In addition to the security fixes mentioned above, this release included
five other patches, mostly trivial. The full list is as follows:
3004: Zend\Db unit tests fail with code coverage enabled
3039: combine double if into single conditional
3042: fix typo 'consist of' should be 'consists of' in singular
3045: Reduced the #calls of rawurlencode() using a cache mechanism
3048: Applying quickfix for zendframework/zf2#3004
3095: Process X-Forwarded-For header in correct order
Many thanks to all contributors to this release!
Maintenance releases happen monthly on the third Wednesday.
Additionally, we have the next minor release, 2.1.0, slated for sometime