Greetings, all, and happy new year! We've released three new versions of Zend Framework today:
- 1.12.10, which is a scheduled maintenance release. - 2.2.9, which is a security release, addressing ZF2015-01 - 2.3.4, which is both a maintenance release, and a security release (also ZF2015-01) You can download them from: - http://framework.zend.com/downloads/latest and you can visit the changelogs at: - http://framework.zend.com/changelog/1.12.10 - http://framework.zend.com/changelog/2.2.9 - http://framework.zend.com/changelog/2.3.4 The security issue patched with 2.2.9 and 2.3.4 is ZF2015-01: - http://framework.zend.com/security/advisory/ZF2015-01 The advisory is for users of Zend\Session's validators; prior to these releases, validator metadata was not being properly persisted to the session, which meant it was being re-initialized on every request, making every request valid. If you use this feature, we recommend upgrading immediately. -- Matthew Weier O'Phinney Principal Engineer Project Lead, Zend Framework and Apigility matt...@zend.com http://framework.zend.com http://apigility.org PGP key: http://framework.zend.com/zf-matthew-pgp-key.asc -- List: fw-general@lists.zend.com Info: http://framework.zend.com/archives Unsubscribe: fw-general-unsubscr...@lists.zend.com
