Zend Framework 1.12.5 Released!

2014-03-07 | By: Matthew Weier O'Phinney

The Zend Framework community is pleased to announce the immediate availability of Zend Framework 1.12.5!

This release fixes PHP 5.2 support for the 1.12 series. If you use PHP 5.2 with Zend Framework 1.12, we encourage you to upgrade immediately.

5.2 support

Yesterday's 1.12.4 release provided several security fixes around XML eXternal Entity and XML Entity Expansion attack vectors. Unfortunately, we had not reviewed our patch to consider PHP 5.2 support, and the code contained PHP closures -- which have only been available since PHP 5.3.

The code in the Zend\Xml component was updated to remove the closures, and tests for all affected components were run to ensure they worked across PHP versions from 5.2 - 5.5.

Thank You!

A big thank you to those contributors who spotted the errors and provided the initial fixes, particularly Martin Hujer and Frank Br├╝ckner.



© 2006-2016 by Zend, a Rogue Wave Company. Made with by awesome contributors.

This website is built using zend-expressive and it runs on PHP 7.