[release] Added note regarding ZF2012-01

guilhermewop · Jul 6, 2012 · 18c8e22 · 18c8e22
1 parent 35a15c3
commit 18c8e22
Showing 1 changed file with 3 additions and 0 deletions.
diff --git a/README.md b/README.md
@@ -144,6 +144,9 @@ that have been made, and is a good resource.
       "headers()", etc. All such accessors were renamed to prepend
       "get", and, in the case of "events()", renamed to indicate the
       actual object retrieved ("getEventManager()"). 
+ - SECURITY FIX: XmlRpc (Matthew Weier O'Phinney)
+    - A security issue arising from XML eXternal Entity (XXE) injection
+      was patched; see http://framework.zend.com/security/advisory/ZF2012-01
 
 Over *400* pull requests for a variety of features and bugfixes were handled
 since beta4!