Skip to content
Browse files

Merge branch 'feature/looser-constraints' into develop

Forward port #7665
  • Loading branch information...
2 parents fa36d09 + 83f3d17 commit 17c0540b479828e00d96336b95f04e45047f9d4b @weierophinney weierophinney committed Jan 27, 2016
Showing with 72 additions and 52 deletions.
  1. +20 −0 CHANGELOG.md
  2. +52 −52 composer.json
View
20 CHANGELOG.md
@@ -1,5 +1,25 @@
# CHANGELOG
+## 2.5.3 (2016-01-27)
+
+- [#7665](https://github.com/zendframework/zf2/pull/7665) updates component version constraints from `~2.5.0` to `^2.5` to ensure the latest security updates are always installed.
+
+## 2.5.2 (2015-08-03)
+
+### SECURITY UPDATES
+
+- ZF2015-06: `ZendXml` runs a heuristic detection for XML Entity Expansion and XML
+ eXternal Entity vectors when under php-fpm, due to issues with threading in
+ libxml preventing using that library's built-in mechanisms for disabling them.
+ However, the heuristic was determined to be faulty when multibyte encodings
+ are used for the XML. This release contains a patch to ensure that the
+ heuristic will work with multibyte encodings.
+
+ If you use Zend Framework components that utilize `DOMDocument` or `SimpleXML`
+ (which includes `Zend\XmlRpc`, `Zend\Soap`, `Zend\Feed`, and several others), and
+ deploy using php-fpm in production (or plan to), we recommend upgrading
+ immediately.
+
## 2.5.1 (2015-06-04)
- [#7571](https://github.com/zendframework/zf2/pull/7571) makes `zend-ldap` an optional dependency instead of a hard dependency, as `zend-ldap` has a hard requirement on `ext-ldap`, blocking installation for many users. If you use `zend-ldap`, you will need to call `composer require zendframework/zend-ldap` after upgrading to 2.5.1.
View
104 composer.json
@@ -9,61 +9,61 @@
"homepage": "http://framework.zend.com/",
"license": "BSD-3-Clause",
"require": {
- "php": ">=5.5",
- "zendframework/zend-authentication": "~2.5.0",
- "zendframework/zend-barcode": "~2.5.0",
- "zendframework/zend-cache": "~2.5.0",
- "zendframework/zend-captcha": "~2.5.0",
- "zendframework/zend-code": "~2.5.0",
- "zendframework/zend-config": "~2.5.0",
- "zendframework/zend-console": "~2.5.0",
- "zendframework/zend-crypt": "~2.5.0",
- "zendframework/zend-db": "~2.5.0",
- "zendframework/zend-debug": "~2.5.0",
- "zendframework/zend-di": "~2.5.0",
- "zendframework/zend-dom": "~2.5.0",
- "zendframework/zend-escaper": "~2.5.0",
- "zendframework/zend-eventmanager": "~2.5.0",
- "zendframework/zend-feed": "~2.5.0",
- "zendframework/zend-file": "~2.5.0",
- "zendframework/zend-filter": "~2.5.0",
- "zendframework/zend-form": "~2.5.0",
- "zendframework/zend-http": "~2.5.0",
- "zendframework/zend-i18n": "~2.5.0",
- "zendframework/zend-i18n-resources": "~2.5.0",
- "zendframework/zend-inputfilter": "~2.5.0",
- "zendframework/zend-json": "~2.5.0",
- "zendframework/zend-loader": "~2.5.0",
- "zendframework/zend-log": "~2.5.0",
- "zendframework/zend-mail": "~2.5.0",
- "zendframework/zend-math": "~2.5.0",
- "zendframework/zend-memory": "~2.5.0",
- "zendframework/zend-mime": "~2.5.0",
- "zendframework/zend-modulemanager": "~2.5.0",
- "zendframework/zend-mvc": "~2.5.0",
- "zendframework/zend-navigation": "~2.5.0",
- "zendframework/zend-paginator": "~2.5.0",
- "zendframework/zend-permissions-acl": "~2.5.0",
- "zendframework/zend-permissions-rbac": "~2.5.0",
- "zendframework/zend-progressbar": "~2.5.0",
- "zendframework/zend-serializer": "~2.5.0",
- "zendframework/zend-server": "~2.5.0",
- "zendframework/zend-servicemanager": "~2.5.0",
- "zendframework/zend-session": "~2.5.0",
- "zendframework/zend-soap": "~2.5.0",
- "zendframework/zend-stdlib": "~2.5.0",
- "zendframework/zend-tag": "~2.5.0",
- "zendframework/zend-test": "~2.5.0",
- "zendframework/zend-text": "~2.5.0",
- "zendframework/zend-uri": "~2.5.0",
- "zendframework/zend-validator": "~2.5.0",
- "zendframework/zend-version": "~2.5.0",
- "zendframework/zend-view": "~2.5.0",
- "zendframework/zend-xmlrpc": "~2.5.0",
+ "php": "^5.5 || ^7.0",
+ "zendframework/zend-authentication": "^2.5",
+ "zendframework/zend-barcode": "^2.5",
+ "zendframework/zend-cache": "^2.5",
+ "zendframework/zend-captcha": "^2.5",
+ "zendframework/zend-code": "^2.5",
+ "zendframework/zend-config": "^2.5",
+ "zendframework/zend-console": "^2.5",
+ "zendframework/zend-crypt": "^2.5",
+ "zendframework/zend-db": "^2.5",
+ "zendframework/zend-debug": "^2.5",
+ "zendframework/zend-di": "^2.5",
+ "zendframework/zend-dom": "^2.5",
+ "zendframework/zend-escaper": "^2.5",
+ "zendframework/zend-eventmanager": "^2.5",
+ "zendframework/zend-feed": "^2.5",
+ "zendframework/zend-file": "^2.5",
+ "zendframework/zend-filter": "^2.5",
+ "zendframework/zend-form": "^2.5",
+ "zendframework/zend-http": "^2.5",
+ "zendframework/zend-i18n": "^2.5",
+ "zendframework/zend-i18n-resources": "^2.5",
+ "zendframework/zend-inputfilter": "^2.5",
+ "zendframework/zend-json": "^2.5",
+ "zendframework/zend-loader": "^2.5",
+ "zendframework/zend-log": "^2.5",
+ "zendframework/zend-mail": "^2.5",
+ "zendframework/zend-math": "^2.5",
+ "zendframework/zend-memory": "^2.5",
+ "zendframework/zend-mime": "^2.5",
+ "zendframework/zend-modulemanager": "^2.5",
+ "zendframework/zend-mvc": "^2.5",
+ "zendframework/zend-navigation": "^2.5",
+ "zendframework/zend-paginator": "^2.5",
+ "zendframework/zend-permissions-acl": "^2.5",
+ "zendframework/zend-permissions-rbac": "^2.5",
+ "zendframework/zend-progressbar": "^2.5",
+ "zendframework/zend-serializer": "^2.5",
+ "zendframework/zend-server": "^2.5",
+ "zendframework/zend-servicemanager": "^2.5",
+ "zendframework/zend-session": "^2.5",
+ "zendframework/zend-soap": "^2.5",
+ "zendframework/zend-stdlib": "^2.5",
+ "zendframework/zend-tag": "^2.5",
+ "zendframework/zend-test": "^2.5",
+ "zendframework/zend-text": "^2.5",
+ "zendframework/zend-uri": "^2.5",
+ "zendframework/zend-validator": "^2.5",
+ "zendframework/zend-version": "^2.5",
+ "zendframework/zend-view": "^2.5",
+ "zendframework/zend-xmlrpc": "^2.5",
"zendframework/zendxml": "^1.0.1"
},
"suggest": {
- "zendframework/zend-ldap": "zend-ldap component ~2.5.0, if you need LDAP features"
+ "zendframework/zend-ldap": "zend-ldap component ^2.5, if you need LDAP features"
},
"bin": [
"bin/classmap_generator.php",

0 comments on commit 17c0540

Please sign in to comment.
Something went wrong with that request. Please try again.