This is an Opinion/Editorial (a.k.a an Old Man Rant) “PHP IS INSECURE!”. Yet another consultant group has decided that their traffic stats are too low so they need to “shake things up a bit”. As usual, they picked PHP as the whipping boy. No, I am not going to link to them; too many people are already doing that unironically…. Read more »
The Zend Framework community is pleased to announce the immediate availability of: Zend Framework 1.12.14 Zend Framework 2.4.6 Zend Framework 2.5.2 You can download the releases from the Zend Framework site: http://framework.zend.com/downloads/latest These releases contain a critical security fix. Security Fix Zend Framework versions 1.12.14, and 2.4.6, and 2.5.2 introduced fixes for ZF2015-06, a serious vulnerability in ZendXml when used… Read more »
The Zend Framework community is pleased to announce the immediate availability of: Zend Framework 1.12.0 Zend Framework 2.2.9 Zend Framework 2.3.4 All releases are available at: http://framework.zend.com/downloads/latest Versions 2.2.9 and 2.3.4 also include security fixes, and we strongly encourage users of the 2.2 and 2.3 series to upgrade. 1.12.10 Zend Framework 1.12 is in maintenance mode, but that has not… Read more »
The Zend Framework community announces the immediate availability of version 2.0.1, the first maintenance release in the 2.0 series. You may download it from the Zend Framework website: http://framework.zend.com/downloads/latest You may also want to read the full release announcement as a minor security issue has also been addressed.
The Zend Framework team announces the immediate availability of Zend Framework’s 1.11.13 release, the thirteenth maintenance release in the 1.11 series, and 1.12.0rc4, our fourth (and likely last) release candidate for the 1.12 series. Downloads are available at: http://framework.zend.com/download/latest These releases include important security fixes. Several components were found to contain additional XML eXternal Entity (XXE) injection vulnerabilities (in addition to the… Read more »
The Zend Framework team announces the immediate availability of Zend Framework’s 1.11.12 release, the twelfth maintenance release in the 1.11 series. This release includes an important security fix for Zend_XmlRpc; if you are using Zend_XmlRpc, we strongly urge you to upgrade immediately. More information is included below, under the heading “Security Announcement.” 1.11.12 includes almost 80 bug fixes and may be downloaded from the… Read more »
If you have a phpfog.com account, you know that they were off-line this weekend. The problem was, their servers were compromised. (That sounds more professional than they got pw0ned) Click on in and let’s talk about it.
The Zend Framework team announces the immediate availability of two
versions of Zend Framework: 1.10.3 and 1.9.8. In addition to around 80
bugfixes between them, these two releases are security releases.
You may download it from the Zend Framework site.
A couple weeks ago, the Dojo Foundation announced a security
advisory regarding Dojo Toolkit, which Zend Framework bundles in its
releases. The new releases of Zend Framework incorporate the updates made to
In a recent post to his blog Rafael Dohms reminds readers to not forget about the security of their applications because it can be “a huge mistake which can take a turn for the worse.”
Presenting the latest edition of The ZendCon Sessions. The podcast that rebroadcasts sessions/talks from the last ZendCon PHP Conference. This episode of The ZendCon Sessions was recorded live at ZendCon 2008 in Santa Clara, CA and features Chris Shiflett giving his talk: “Security Centered Design”