Noted security vector in README file

weierophinney · weierophinney · commit 29fff0e041dd · 2014-09-16T15:41:18.000-05:00
diff --git a/README.md b/README.md
@@ -13,6 +13,14 @@ Released on MMMMM DD, YYYY.
 IMPORTANT FIXES FOR 1.12.9
 --------------------------
 
+**This release contains security updates:**
+
+- **ZF2014-06** `Zend_Db_Adapter_Sqlsrv` had a potential SQL injection
+  vulnerability via improperly quoted null bytes. The code has been updated to
+  ensure proper quoting and thus remove the security vector. If you are using
+  `Zend_Db_Adapter_Sqlsrv` and manually quoting values via the adapter, we
+  encourage you to upgrade immediately.
+
 See http://framework.zend.com/changelog for full details.
 
 NEW FEATURES
