Skip to content

release-2.3.6

@weierophinney weierophinney tagged this 12 Mar 14:05
SECURITY UPDATES
----------------

- **ZF2015-03** `Zend\Validator\Csrf` was incorrectly testing null or
  improperly formatted token identifiers, allowing them to pass validation. This
  release provides patches to correct the behavior. If you use the validator, or
  the corresponding `Zend\Form\Element\Csrf`, we recommend upgrading
  immediately.
Assets 2
Loading