Zend Developer Zone

The Zend Framework community announces the immediate availability of version 2.0.1, the first maintenance release in the 2.0 series. You may download it from the Zend Framework website: http://framework.zend.com/downloads/latest You may also want to read the full release announcement as a minor security issue has also been addressed.

The Zend Framework team announces the immediate availability of Zend Framework’s 1.11.13 release, the thirteenth maintenance release in the 1.11 series, and 1.12.0rc4, our fourth (and likely last) release candidate for the 1.12 series. Downloads are available at: http://framework.zend.com/download/latest These releases include important security fixes. Several components were found to contain additional XML eXternal Entity (XXE) injection [...]

The Zend Framework team announces the immediate availability of Zend Framework’s 1.11.12 release, the twelfth maintenance release in the 1.11 series. This release includes an important security fix for Zend_XmlRpc; if you are using Zend_XmlRpc, we strongly urge you to upgrade immediately. More information is included below, under the heading “Security Announcement.” 1.11.12 includes almost 80 bug fixes and [...]

If you have a phpfog.com account, you know that they were off-line this weekend. The problem was, their servers were compromised. (That sounds more professional than they got pw0ned) Click on in and let’s talk about it.

The Zend Framework team announces the immediate availability of two
versions of Zend Framework: 1.10.3 and 1.9.8. In addition to around 80
bugfixes between them, these two releases are security releases.

You may download it from the href="http://framework.zend.com/download/latest">Zend Framework site.

A couple weeks ago, the Dojo Foundation announced a security
advisory regarding Dojo Toolkit, which Zend Framework bundles in its
releases. The new releases of Zend Framework incorporate the updates made to
Dojo Toolkit.

In a recent post to his blog Rafael Dohms reminds readers to not forget about the security of their applications because it can be “a huge mistake which can take a turn for the worse.”

Presenting the latest edition of The ZendCon Sessions. The podcast that rebroadcasts sessions/talks from the last ZendCon PHP Conference. This episode of The ZendCon Sessions was recorded live at ZendCon 2008 in Santa Clara, CA and features Chris Shiflett giving his talk: “Security Centered Design”

Welcome to The ZendCon Sessions. This episode of The ZendCon Sessions was recorded live at ZendCon 2007 in Burlingame, CA. We hope you enjoy today’s session as we listen to Chris Shiflett present “Security 2.0″.

Welcome to The ZendCon Sessions. This episode of The ZendCon Sessions was recorded live at ZendCon 2007in Burlingame, CA. We hope you enjoy today’s session as we listen to Ilia Alshanetsky present “The State of PHP Security”.

p. There is a new blog post in the PHPClasses site that talks about a PHP security exploit that can be performed using specially crafted GIF images that embed malicious PHP code.