Changelog

2.3.5 (2015-02-18)

ID Title (GitHub Link)
#6666 bugfix : options can't be passed to SeparatorToSeparator via PluginManager
#6676 Respecting line endings in AnnotationScanner
#7005 Zend\Http\PhpEnvironment\Request omits query string
#7127 SessionManagerFactory with ArrayStorage triggers undefined variable
#7134 classmap_generator Deprecated: preg_replace():
#7135 Fixing deprecated preg_replace usage in classmap_generator.php
#7137 Request from string
#7139 Fixing comment about email validator, when should be uri
#7142 AbstractConfigFactory returns complete configuration array at first config call
#7144 hotfix/#7142: AbstractConfigFactory now returns requested config array
#7148 ModuleLoader not capable of loading modules contained within an application.phar
#7150 Estonian IDN definition & fixed binary code for HOST_DNS_OR_IPV4_OR_IPV6_OR_REGNAME
#7151 Applications packaged as not capable of loading modules contained within the archive
#7157 Exception message in Zend\Stdlib\AbstractOptions should use the actual used setter
#7162 Incorrect response for HTTP status code 414
#7167 Fixation form collection helper lost second argument
#7168 Typo in #6598 pull request.
#7169 bugfix : options can't be passed to SeparatorToSeparator
#7170 Fixed wrong phpdoc type hint.
#7180 Fix: Inline variable
#7200 Add support for DateTimeImmutable

SECURITY UPDATES

  • ZF2015-02: Zend\Db\Adapter\Platform\Postgresql was incorrectly using \\ to escape double quotes in identifiers and values, which could lead to SQL injection vectors. We have provided patches that use proper escaping. If you use Postgresql with Zend Framework 2, we recommend upgrading immediately.