This repository has been archived by the owner on May 16, 2018. It is now read-only.
Zend Framework 1.12.14
·
107 commits
to master
since this release
- 492: Fix regexp to detect functions in column definition
- 597: Test that e-mail on non-reserved IP is valid
- 580: Azerbaijani language pluralization rule is wrong
- 551: Drop DeveloperGarden API implementation as it shuts down on 30th June 2015
- 583: Fix typo in Zend_Validate_EmailAddress
- 553: Drop Technorati API implementation as it is no longer available
SECURITY UPDATES
-
ZF2015-06:
ZendXmlruns a heuristic detection for XML Entity Expansion and XML eXternal Entity vectors when under php-fpm, due to issues with threading in libxml preventing using that library's built-in mechanisms for disabling them. However, the heuristic was determined to be faulty when multibyte encodings are used for the XML. This release contains a patch to ensure that the heuristic will work with multibyte encodings.If you use Zend Framework components that utilize DOMDocument or SimpleXML (which includes
Zend\XmlRpc,Zend\Soap,Zend\Feed, and several others), and deploy using php-fpm in production (or plan to), we recommend upgrading immediately.