In association with heise online

12 January 2010, 17:00

Security updates released for Zend Framework

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Zend Framework Logo The Zend developers have announced the release of version 1.9.7, 1.8.5 and 1.7.9 of their open source Zend Framework. In addition to more than 40 bug fixes, the latest releases address a total of six security related vulnerabilities. The updates fix a total of five cross-site scripting (XSS) related issues and the sixth update corrects a potential MIME type injection problem. According to Matthew Weier O'Phinney, Software Architect for the Zend Framework, the latest updates are the first to comply with Zend's new security policy. The developers advise all users to update to the latest releases as soon as possible.

O'Phinney also notes that version 1.9.7 is the last scheduled release in the 1.9 series. An alpha release for version 1.10 of the Zend Framework was released in December and a beta release is expected to arrive this week. The final version of 1.10 is scheduled to arrive later this month.

More details about the releases can be found in the Zend Framework 1.9.7, 1.8.5 and 1.7.9 change logs. Version 1.9.7, 1.8.5 and 1.7.9 of the Zend Framework are available to download. The Zend Framework is released under the New BSD License.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit