Added note to README

weierophinney · weierophinney · commit 98701c9a65d2 · 2014-09-16T13:39:53.000-05:00
diff --git a/README.md b/README.md
@@ -13,6 +13,16 @@ Released on MMMMM DD, YYYY.
 IMPORTANT FIXES FOR 1.12.9
 --------------------------
 
+**This release contains security updates:**
+
+- **ZF2014-05:** Due to an issue that existed in PHP's LDAP extension, it is
+  possible to perform an unauthenticated simple bind against a LDAP server by
+  using a null byte for the password, regardless of whether or not the user
+  normally requires a password. We have provided a patch in order to protect
+  users of unpatched PHP versions (PHP 5.5 <= 5.5.11, PHP 5.4 <= 5.4.27, all
+  versions of PHP 5.3 and below). If you use `Zend_Ldap` and are on an affected
+  version of PHP, we recommend upgrading immediately.
+
 See http://framework.zend.com/changelog for full details.
 
 NEW FEATURES
