Skip to content
This repository was archived by the owner on Oct 2, 2019. It is now read-only.

Commit c7d193c

Browse files
weierophinneyweierophinney
committed
Merge branch 'releases/1.12.15'
1.12.15 readiness
2 parents 5356b45 + 51a0441 commit c7d193c

File tree

2 files changed

+18
-17
lines changed

2 files changed

+18
-17
lines changed

README.md

Lines changed: 17 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -7,25 +7,26 @@ Master: [![Build Status](https://api.travis-ci.org/zendframework/zf1.png?branch=
77
RELEASE INFORMATION
88
===================
99

10-
Zend Framework 1.12.14dev Release.
11-
Released on MMM DD, YYYY.
10+
Zend Framework 1.12.15 Release.
11+
Released on Aug 11, 2015.
1212

13-
IMPORTANT FIXES FOR 1.12.14
13+
IMPORTANT FIXES FOR 1.12.15
1414
---------------------------
1515

16-
This release contains a security fix:
17-
18-
- **ZF2015-06**: `ZendXml` runs a heuristic detection for XML Entity Expansion
19-
and XML eXternal Entity vectors when under php-fpm, due to issues with threading
20-
in libxml preventing using that library's built-in mechanisms for disabling
21-
them. However, the heuristic was determined to be faulty when multibyte
22-
encodings are used for the XML. This release contains a patch to ensure that the
23-
heuristic will work with multibyte encodings.
24-
25-
If you use Zend Framework components that utilize DOMDocument or SimpleXML
26-
(which includes `Zend\XmlRpc`, `Zend\Soap`, `Zend\Feed`, and several others),
27-
and deploy using php-fpm in production (or plan to), we recommend upgrading
28-
immediately.
16+
This release contains several fixes that address backwards compatibility issues:
17+
18+
- [#591](https://github.com/zendframework/zf1/pull/591) adds PHP 5.2 support for
19+
the [ZF2015-06](http://framework.zend.com/security/advisory/ZF2015-06)
20+
security fix introduced in 1.12.14.
21+
- [#587](https://github.com/zendframework/zf1/pull/587) fixes the regular
22+
expression used to match a header in `Zend_Http_Response::extractHeaders()`
23+
to ensure it allows any valid header name (previously, it failed with header
24+
names that included `.` characters), as well as empty header values.
25+
- [#597](https://github.com/zendframework/zf1/pull/597) updates
26+
`Zend_Http_Client_Adapter_Curl` to properly distinguish between the `timeout`
27+
configuration setting (which should map to `CURLOPT_CONNECTTIMEOUT` and/or
28+
`CURLOPT_CONNECTTIMEOUT_MS`) and the `request_timeout` setting (which should
29+
map to `CURLOPT_TIMEOUT` and/or `CURLOPT_TIMEOUT_MS`).
2930

3031
See http://framework.zend.com/changelog for full details.
3132

library/Zend/Version.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -32,7 +32,7 @@ final class Zend_Version
3232
/**
3333
* Zend Framework version identification - see compareVersion()
3434
*/
35-
const VERSION = '1.12.14dev';
35+
const VERSION = '1.12.15';
3636

3737
/**
3838
* The latest stable version Zend Framework available

0 commit comments

Comments
 (0)