Changelog for
php5-ZendFramework-pdf-1.12.20-150300.9.3.noarch.rpm :
* Mon Sep 19 2016 jweberhoferAATTweberhofer.at- update to 1.12.20 - ZF2016-03: The implementation of ORDER BY and GROUP BY in Zend_Db_Select remained prone to SQL injection when a combination of SQL expressions and comments were used. This release provides a comprehensive solution that identifies and removes comments prior to checking validity of the statement to ensure no SQLi vectors occur. We advise always filtering user input prior to invoking these methods, however, to further protect your applications.
* Fri Jul 15 2016 ecsosAATTopensuse.org- update to 1.12.19 - ZF2016-02: The implementation of ORDER BY and GROUP BY in Zend_Db_Select contained potential SQL injection vulnerabilities, and have been patched.- update to 1.12.18 - 575: Please Remove YouTube Zend GData Page - 607: PHP7 debug_backtrace BC break - 628: Solve problem with subqueries in SELECT block - 637: List-separator attribute is not being unset for MultiCheckboxes due to a typo. - 641: Wrong regex pattern in Zend_Validate_Iban class - 647: VERSION constant incorrect for 1.12.17 release tag. - 649: ZF2015-09: The Zend_Crypt_MathTest should run on PHP 5.2/5.3 - 651: Update Vagrantfile to use Rasmus\' php7 box - 655: ZF2015-08 breaks binary data - 656: zf1-extra is missing in release-1.12.17 - 670: Fix for 655 issue - 677: Wrong PHPDoc in Zend_Mail - 679: Non-existing method getRequired() in Zend_Form-Elements docs - 683: Zend_Form_Element_Button::isChecked has wrong documentation
* Tue Feb 16 2016 jweberhoferAATTweberhofer.at- ZendFramework requires php 5.2.11+, not version 5.3
* Thu Feb 11 2016 jweberhoferAATTweberhofer.at- Fixed dependency again: php5-memcached
* Thu Feb 11 2016 jweberhoferAATTweberhofer.at- Fixed dependency: cache-backend-memcached requires php5-memcache instead of php5-pecl-memcache
* Wed Feb 10 2016 jweberhoferAATTweberhofer.at- Build the APC-cache only when PHP < 5.5- Include the extras package directly from source as it\'s no longer included in the main package. Version of the extras-package is not the best, as it is aligned to the main package- Update to 1.12.17. Changes in this version: - 638: Fixes null byte tests in Zend_Db_Adapter_Pdo - 632: Updates the TLD list for Zend_Validate_Hostname to version 2015102801 SECURITY UPDATES - ZF2015-09: Zend_Captcha_Word generates a \"word\" for a CAPTCHA challenge by selecting a sequence of random letters from a character set. Prior to this version, the selection was performed using PHP\'s internal array_rand() function. This function does not generate sufficient entropy due to its usage of rand() instead of more cryptographically secure methods such as openssl_pseudo_random_bytes(). This could potentially lead to information disclosure should an attacker be able to brute force the random number generation. This release updates Zend_Crypt_Math to provide cryptographically secure RNG, and updates Zend_Captcha_Word to use these new facilities.
* Thu Oct 29 2015 larsAATTlinux-schulserver.de- Update to 1.12.16. Changes in this version: - #504: Cannot parse huge documents in Zend_Dom_Query - #599: Wrong return type in DocBlock of Zend_Console_Getopt::getOption() - #600: Undefined property $config in Zend_Http_Client_Adapter_Curl - #604: add doccomments to Zend_Log covering its magic methods - #606: Fix typo in Zend_Cache-Backends documentation. - #610: Add ß (Latin small letter sharp s) to .de domain IDNA check - #612: Zend_Validate_Hostname does not validate NTP hostnames starting with \'0\' character SECURITY UPDATES - ZF2015-07: A number of components, including Zend_Cloud, Zend_Search_Lucene, and Zend_Service_WindowsAzure were creating directories with a liberal umask that could lead to local arbitrary code execution and/or local privilege escalation. This release contains a patch that ensures the directories are created using permissions of 0775 and files using 0664 (essentially umask 0002). - ZF2015-08: ZF2014-06 uncovered an issue in the sqlsrv adapter provided by the framework whereby null bytes were not filtered correctly when generating SQL. A reporter discovered the same vulnerability is present in our PDO implementation when used with pdo_dblib, and could potentially be applied to other PDO adapters. This release contains a patch to properly escape null bytes used in SQL queries across all PDO adapters shipped with the framework.
* Tue Sep 08 2015 ajAATTajaissle.de- Update to 1.12.15. Changes in this version: - #582 Incorrect application of timeout option in curl http client adapter - #587 \"Invalid header line detected\" error if HTTP header value is empty - #591 ZF2015-06 fix broke the ZF on PHP 5.2 - #593 fix typo in PHPDoc AATTthrows annotation of Zend_Registry::get() - #595 Removing annoying warning. - #597 Fix setting of CURLOPT_TIMEOUT- Changes in 1.12.14: - Security fix for ZF2015-06 - #492 Fix regexp to detect functions in column definition - #597 Test that e-mail on non-reserved IP is valid - #580 Azerbaijani language pluralization rule is wrong - #551 Drop DeveloperGarden API implementation as it shuts down on 30th June 2015 - #583 Fix typo in Zend_Validate_EmailAddress - #553 Drop Technorati API implementation as it is no longer available- Changes in 1.12.13: - #567 Cast int and float to string when creating headers- Changes in 1.12.12: - Security fix for ZF2015-04 - #493 PHPUnit not being installed - #511 Add PATCH to the list of allowed methods in Zend_Controller_Request_HttpTestCase - #513 Save time and space when cloning PHPUnit - #515 !IE conditional comments bug - #516 Zend_Locale does not honor parentLocale configuration - #518 Run travis build also on PHP 7 builds - #534 Failing unit test: Zend_Validate_EmailAddressTest::testIdnHostnameInEmaillAddress - #536 Zend_Measure_Number convert some decimal numbers to roman with space char - #537 Extend view renderer controller fix (#440) - #540 Fix PHP 7 BC breaks in Zend_XmlRpc/Amf_Server - #541 Fixed errors in tests on PHP7 - #542 Correctly reset the sub-path when processing routes - #545 Fixed path delimeters being stripped by chain routes affecting later routes - #546 TravisCI: Skip memcache(d) on PHP 5.2 - #547 Session Validators throw \'general\' Session Exception during Session start - #550 Notice \"Undefined index: browser_version\" - #557 doc: Zend Framework Dependencies table unreadable - #559 Fixes a typo in Zend_Validate messages for SK - #561 Zend_Date not expected year - #564 Zend_Application tries to load ZendX_Application_Resource_FrontController during instantiation
* Thu Apr 30 2015 jweberhoferAATTweberhofer.at
* Updated PHP-version dependencies (5.2.11+)
* Defined download addresses
* Formatetd spec with the new spec-cleaner
* Version 1.12.11
* [Zend_Translate\\ Extend PHPDocumentation to cover \'magic\' behavior (gh#zendframework/zf1#491)
* Added AATTmethod PHPDocumentation to allow IDE code-completion (gh#zendframework/zf1#502)
* View renderer controller name fix breaks use of custom dispatcher (gh#zendframework/zf1#506)
* Version 1.12.10
* isLast not working as expected in Zend_Service_Amazon_SimpleDb_Page (gh#zendframework/zf1#1)
* Zend_Loader_ClassMapAutoloader is not auto included when using Zend_Loader_AutoloaderFactory::factory (gh#zendframework/zf1#8)
* Zend_Db_Table_Abstract::delete does not delete from dependent table (gh#zendframework/zf1#15)
* Zend_Soap_Client has no \'exceptions\' flag. (gh#zendframework/zf1#32)
* Zend_Validate_EmailAddress->_validateMXRecords() fails on Umlaut-Domains (gh#zendframework/zf1#62)
* Zend_Rest_Server does not properly handle optional parameters when anonymous (arg1, etc) parameters are passed in (gh#zendframework/zf1#187)
* Zend_Validate_Hostname: disallowed Unicode code point (gh#zendframework/zf1#322)
* SlideShare API change some tag names. (gh#zendframework/zf1#324)
* CallbackHandler throws warning if WeakRef-extension not installed (gh#zendframework/zf1#345)
* Zend_Console_Getopt: Missing required parameter consumes next option as its parameter value (gh#zendframework/zf1#377)
* PHPUnit contraints: use real class names to help classmap generators (gh#zendframework/zf1#400)
* Use relative filenames for _validIdns for direct include in Zend_Validate_Hostname (gh#zendframework/zf1#426)
* Corrected type of property _currentRoute (gh#zendframework/zf1#434)
* Zend_Controller_Dispatcher_Abstract::_formatName() inconsistent with Action name handling (gh#zendframework/zf1#440)
* Loosen regex to allow nested function calls in SQL (gh#zendframework/zf1#441)
* Update Zend_Validate_Hostname TLDs list to 2014102301 version (gh#zendframework/zf1#444)
* fix typo unkown -> unknown (gh#zendframework/zf1#446)
* fix travis ci build for php 5.2 (gh#zendframework/zf1#448)
* Zend_Date doesn\'t create correct date when seconds are missing from 8601 format (gh#zendframework/zf1#449)
* \"fluent\", not \"fluid\" (gh#zendframework/zf1#452)
* Zend_Cache_Backend_Memcached looks at \"bytes\", but Couchbase 1.x returns \"mem_used\" (gh#zendframework/zf1#453)
* Documentation of Zend_Feed_Pubsubhubbub_Model_ModelAbstract (gh#zendframework/zf1#456)
* Fixed bug in quoteInto with $count parameter and question sign in $value (gh#zendframework/zf1#458)
* CDATA section for category elements in RSS feed (gh#zendframework/zf1#461)
* Zend_Currency creates invalid cache ids for values with fractions (gh#zendframework/zf1#465)
* debug_backtrace() called twice when only once needed (gh#zendframework/zf1#467)
* Zend_Validate_Hostname improvements (gh#zendframework/zf1#468)
* [Zend_Validate\\ Testcase for #322 (gh#zendframework/zf1#469)
* End of life for PHPUnit installation using pear (gh#zendframework/zf1#471)
* Zend Json Server Exception is missing the method name (gh#zendframework/zf1#475)
* Create .gitattributes to mirror archive { } in composer.json (gh#zendframework/zf1#478)
* Virtual machine doesn\'t install initial packages (gh#zendframework/zf1#480)
* Update copyright to 2015 (gh#zendframework/zf1#483)
* Adds content headers on POST request in Zend_Controller_Request_HTTP (gh#zendframework/zf1#484)
* Allow overriding cache id and tag validation in Zend_Cache (gh#zendframework/zf1#487)
* Zend_Dojo_View_Helper_Dojo_Container setCdnVersion error... (gh#zendframework/zf1#488)
* Added more specific return documentation for Zend_Navigation Pages (gh#zendframework/zf1#490)
* Thu Dec 18 2014 ajAATTajaissle.de- New upstream release 1.12.9
* http://framework.zend.com/changelog/1.12.9/
* http://framework.zend.com/changelog/1.12.8/
* http://framework.zend.com/changelog/1.12.7/- Dropped zf.sh.patch (obsolete)