** Potential XXE/XEE attacks using PHP functions:
`simplexml_load_*`, `DOMDocument::loadXML`, and `xml_parse`. A new component,
`Zend_Xml`, was introduced to mitigate XML eXternal Entity and XML Entity
Expansion vectors that are present in older versions of libxml2 and/or PHP.
Components that could contain these vectors include:
If you use one or more of these components, we strongly urge that you upgrade
** Potential security issue in login mechanism of `Zend_OpenId`
consumer. Using the Consumer component in conjunction with a malicious OpenID
provider, one could login to a service using an arbitrary OpenID Identity
without requiring credentials, allowing impersonation of an OpenID Identity.
If you use this component, we strongly urge that you upgrade immediately.
IMPORTANT FIXES FOR 1.12.4
//github.com/zendframework/zf1/pull/221) removes the TinySrc view
helper, as the TinySrc service no longer exists
//github.com/zendframework/zf1/pull/222) removes the InfoCard
component, as the CardSpace service no longer exists
//github.com/zendframework/zf1/pull/271) removes the Nirvanix
component, as the Nirvanix service shut down in October 2013