1.12.20 readiness

weierophinney · weierophinney · commit 737ef159654f · 2016-09-08T09:50:34.000-05:00
diff --git a/README.md b/README.md
@@ -18,12 +18,22 @@ Master: [![Build Status](https://api.travis-ci.org/zendframework/zf1.png?branch=
 RELEASE INFORMATION
 ===================
 
-Zend Framework 1.12.20-dev Release.
-Released on MMM DD, YYYY.
+Zend Framework 1.12.20 Release.
+Released on September 08, 2016.
 
 IMPORTANT FIXES FOR 1.12.20
 ---------------------------
 
+**This release contains security updates:**
+
+- **ZF2016-03:** The implementation of `ORDER BY` and `GROUP BY` in
+  `Zend_Db_Select` remained prone to SQL injection when a combination of SQL
+  expressions and comments were used. This release provides a comprehensive
+  solution that identifies and removes comments prior to checking validity of
+  the statement to ensure no SQLi vectors occur. We advise always filtering user
+  input prior to invoking these methods, however, to further protect your
+  applications.
+
 See http://framework.zend.com/changelog for full details.
 
 NEW FEATURES
diff --git a/library/Zend/Version.php b/library/Zend/Version.php
@@ -32,7 +32,7 @@ final class Zend_Version
     /**
      * Zend Framework version identification - see compareVersion()
      */
-    const VERSION = '1.12.20dev';
+    const VERSION = '1.12.20';
 
     /**
      * The latest stable version Zend Framework available
