Tag Archives: Security

Discussing PHP Security, Encryption, & Hashing

      No Comments on Discussing PHP Security, Encryption, & Hashing
phproundtable-logo

If you take a look around the PHP community, you will find a lot of smart people. Sammy K Powers seems to have a knack for finding them and inviting them onto his podcast. In Episode 54, he partners up with the Chief Development Officer of Paragon Initiative Enterprises, Scott Arciszewski. (I’m not EVEN going to try to pronounce that… Read more »

On Security and PHP

      40 Comments on On Security and PHP

This is an Opinion/Editorial (a.k.a an Old Man Rant) “PHP IS INSECURE!”. Yet another consultant group has decided that their traffic stats are too low so they need to “shake things up a bit”. As usual, they picked PHP as the whipping boy. No, I am not going to link to them; too many people are already doing that unironically…. Read more »

Zend Framework 1.12.14, 2.4.6, and 2.5.2 Released!

The Zend Framework community is pleased to announce the immediate availability of: Zend Framework 1.12.14 Zend Framework 2.4.6 Zend Framework 2.5.2 You can download the releases from the Zend Framework site: http://framework.zend.com/downloads/latest These releases contain a critical security fix. Security Fix Zend Framework versions 1.12.14, and 2.4.6, and 2.5.2 introduced fixes for ZF2015-06, a serious vulnerability in ZendXml when used… Read more »

Zend Framework 1.12.10, 2.2.9, and 2.3.4 released!

The Zend Framework community is pleased to announce the immediate availability of: Zend Framework 1.12.0 Zend Framework 2.2.9 Zend Framework 2.3.4 All releases are available at: http://framework.zend.com/downloads/latest Versions 2.2.9 and 2.3.4 also include security fixes, and we strongly encourage users of the 2.2 and 2.3 series to upgrade. 1.12.10 Zend Framework 1.12 is in maintenance mode, but that has not… Read more »

Zend Framework 2.0.1 Released!

      No Comments on Zend Framework 2.0.1 Released!

The Zend Framework community announces the immediate availability of version 2.0.1, the first maintenance release in the 2.0 series. You may download it from the Zend Framework website: http://framework.zend.com/downloads/latest You may also want to read the full release announcement as a minor security issue has also been addressed.

Zend Framework 1.11.13 and 1.12.0rc4 Released!

The Zend Framework team announces the immediate availability of Zend Framework’s 1.11.13 release, the thirteenth maintenance release in the 1.11 series, and 1.12.0rc4, our fourth (and likely last) release candidate for the 1.12 series. Downloads are available at: http://framework.zend.com/download/latest These releases include important security fixes. Several components were found to contain additional XML eXternal Entity (XXE) injection vulnerabilities (in addition to the… Read more »

Zend Framework 1.11.12 Released!

The Zend Framework team announces the immediate availability of Zend Framework’s 1.11.12 release, the twelfth maintenance release in the 1.11 series. This release includes an important security fix for Zend_XmlRpc; if you are using Zend_XmlRpc, we strongly urge you to upgrade immediately. More information is included below, under the heading “Security Announcement.” 1.11.12 includes almost 80 bug fixes and may be downloaded from the… Read more »

PHPFog get compromised fixed it, owns it, explains it

      Comments Off on PHPFog get compromised fixed it, owns it, explains it

If you have a phpfog.com account, you know that they were off-line this weekend. The problem was, their servers were compromised. (That sounds more professional than they got pw0ned) Click on in and let’s talk about it.

Zend Framework 1.10.3 and 1.9.8 Released

      Comments Off on Zend Framework 1.10.3 and 1.9.8 Released

The Zend Framework team announces the immediate availability of two
versions of Zend Framework: 1.10.3 and 1.9.8. In addition to around 80
bugfixes between them, these two releases are security releases.

You may download it from the Zend Framework site.

A couple weeks ago, the Dojo Foundation announced a security
advisory regarding Dojo Toolkit
, which Zend Framework bundles in its
releases. The new releases of Zend Framework incorporate the updates made to
Dojo Toolkit.