Zend Framework 2 v2.2.6 Release Notes
Release Date: 2014-03-06 // about 10 years ago-
- 4490: Nonvalid literal value for the boolean type, PDO
- 4993: Zend\Db\TableGateway\Feature\FeatureSet::addFeature() at line 69
- ๐ 5125: Method scanner fixed
- 5174: SequenceFeature
- ๐ 5186: Minor bugfix: Added missing composer dependency (ServiceManager) to Math package
- 5221: - Create temporary table instead of create table temporary
- 5314: Enable persistent connections for IbmDb2.
- 5322: Fixing a bug that causes fatal error when a RowGateway's primary key wer...
- 0๏ธโฃ 5375: Fixes default type == string
- ๐ฒ 5383: fix for #4614 breaks error handler using Zend\Log
- ๐ 5385: Resolves #4708 - adding transparent background support to barcode
- ๐ 5387: fixes #5062 - No longer throw Filename cannot be empty error
- โ๏ธ 5401: fixed typos
- โก๏ธ 5402: Update range of mobile
- 5409: [rbac\ Typo
- โก๏ธ 5411: Update Czech validator messages
- โ 5412: Zend\Test needs Zend\Console as dependency
- 5418: Added isset check for REMOTE_ADDR
- 5421: fix typo & wording
- 5422: Fix emails that contain lines that start with periods
- 5423: Zend\Http\Header\SetCookie not compatible with older versions of pcre (and therefore CentOS)
- 5424: Issue 3104: Form\Element "x-..." attributes
- 5425: Issue 3249: FormFile does not allow "value" as an attribute
- ๐ 5432: Problem with Forward Plugin
- 5438: fix typo
- 5444: fix indentation
- ๐ 5445: Fixing issue with ModuleAutoloader on Windows
- 5447: Di circular dependancies
- ๐ 5451: Remove duplicate: zend-stdlib is already required
- โก๏ธ 5452: update master's resources/ja Zend_Validate.php message for 2.2
- 5453: add resources/languages/ja/Zend_Captcha.php with Japanese translated
- 5457: Zend\Db\Adapter\Driver\PdoResult::current patch
- ๐ 5464: remove unused use
- ๐ 5468: Add security disclosure info to README/CONTRIBUTING docs
- 5471: Fix typehint for getServiceLocator().
- ๐ 5472: remove unused use statements
- ๐ 5476: Zend\Http\Header\SetCookie changed to support empty cookies
- 5479: Add element input filters before form input filters
- ๐ 5495: Hotfix/multiple nested collection test
- 5497: fix for fprg
- 5499: #5465 use strlen instead of empty
- โก๏ธ 5502: Update collection recursive extract and populating nested fieldsets
- ๐ 5507: Fixed usage of imported namespace.
- 5508: Specify correct return type for
Pdo\Connection::getLastGeneratedValue
- ๐ 5523: [Http\ Fixes
- 0๏ธโฃ 5534: Added ability to set form option useInputFilterDefaults in factory via s...
- ๐ 5546: Zend/Mvc/Router encoding issue (Fixes #5516)
- 5551: Fix Zend\Form\Element\Number $inclusive is always true (Fix for #5549)
- 5552: Add driver options to the Oci8 Db adapter
- ๐ 5555: [Hotfix\ Validator\File classes behaviour with empty value
- ๐ 5567: Fixes #4670
- 5570: fix #5428 only read the stream contents once
- 5575: Fix graphme_substr for PHP >= 5.4.18 or >=5.5.1
- 5576: Enable Travis Fast finishing
- 5577: Fix for #4707 pgsql getLastGeneratedValue() Problem
- 5588: More lenient db detection in Logger abstract factory
- 5597: Fix zend server cache
- 5609: Allow RuntimeDefinition to still process explicit classes
- โ 5613: Test rewrite for avoid test skip. Related #5592
- ๐ 5614: Fixed issue with Math\Rand::getInteger() on ranges close to PHP_INT_MAX
- 5623: Adding attributes to fieldsets. Legends are optional for fieldsets.
- โ 5633: Giving a Warning namespaces to FlashMessager
- 5636: Fix for the implementation of Collection Element
- ๐ 5641: [Hotfix\ FilePostRedirectGet plugin and form collections
- โ 5644: Addressing issue #5624. Implemented fix and added test case.
- โก๏ธ 5645: Update InArray.php
- ๐ 5647: Adding Hungarian translations
- ๐ 5659: Fix a fatal error when assert WWW-Authenticate header is sent - Hotfix/5658
- โ 5669: Fix bug in InjectTemplateListenerTest
- 5672: [cs\ cleanup master
- 5677: SetCookie With expiry of over 2038 fail on 32bit systems
- โก๏ธ 5680: Update BlockCipher.php
- ๐ 5691: Input Factory supports "break_on_failure" option
- โก๏ธ 5707: update userguide manual link
- 5714: Change hardcoded event name by its constant.
- โ 5718: added a submodule loading to testCanLoadMultipleModules
- ๐ 5729: Fixed module loader to work with *.tar modules in IIS7.5 on Win 2008 R2
- ๐ 5739: [BUGFIX\ DI fails with CompilerDefinition; solves #5738
- ๐ 5746: Remove hydrator from collections
- 5749: shortcircuit rendering if no messages
- 5750: Change error message when no role found
- 5752: Get an abstract defined service from an alias
- ๐ 5754: Fixed gz decompress check for false
- 5755: More explicit name for requested name
- ๐ 5761: fixed typo
- ๐ 5762: remove unneeded createService functions that actually do same with base class ( AbstractPluginManagerFactory )
- 5768: FIX #5767 Zend\Db\Sql\Select: getRawState('order') is inconsistent
- 5771: Fix escaped special chars in urlencoded parameters string incorrectly normalized
- 5772: Zend\Config\Processor\Token converts boolean to string
- ๐ 5773: Hotfix for #5772: token processor should not cast booleans to strings
- โก๏ธ 5775: Update Predicate.php
- ๐ 5781: Support PHPUnit 3.8+ compatibility
- ๐ 5782: remove unneeded key "name" under "input_filter" per-element in FormAbstractServiceFactoryTest
- 5786: Correct references toPHPUnit_Runner_Version::VERSION
- 5788: Zend\Filter\Compress\Bz2 and Gz should be fully PHP >= 5.4 compatible
- 5796: \Zend\Form\Element\Email, with multiple=true leads to “Array to string conversion”
- ๐ 5808: Fixes #5796
- ๐ 5813: Fixed the classmap autoloader to work under Windows in Phar files.
- 5814: Fix validate non required fields in CollectionInputFilter
- 5815: Usage of a function in loops should be avoided
- 5820: [Zend\InputFilter\InputFilter\ SetValidationGroup() VALIDATE_ALL not working recursively
- ๐ 5824: Remove HTTP client restriction on cookies
- ๐ 5830: Run Travis build also on PHP 5.6
- ๐ 5831: Fixes #4926
- 5833: Avoid function usage in loops
- ๐ 5836: Fixes #3773
- โ 5838: Fix Zend\Test for custom response usage
- ๐ 5839: [Zend\Filter\Compress\ added PHP 5.4 support for strings in Bz2 and Gz decompress
- 5846: Enabling the Request object to generate the correct scheme for SSL URI
- โ 5848: Test and quick fix #5847
- 5861: Post/Redirect/Get should keep query parameters
- ๐ 5868: Fixes #4993
- ๐ 5870: SSL CA File support.
- ๐ 5871: Add processor support to the Logger options.
- โก๏ธ 5874: Update NotEmpty validator to use bitmasking
- โก๏ธ 5879: Update NotEmptyTest tests to use data providers where possible
- ๐ 5883: Fixes #5648
- ๐ 5887: Fixed bug that didn't allow the connection to the SQLite database to be closed
- ๐ 5890: Hotfix/5640 for bug in nested Zend\Form\Element\Collection::extract() recursion
- 5891: Nicaraguan phone numbering plan
- 5892: Case-insensitive country for the PhoneNumber validator class
- ๐จ 5893: Fix bug in json prettyprint
- 5899: fix cs from #5613
- 5900: Fix for #5894 - .il Domain checking
- โ 5903: Re-added ConstraintKeyObject which is consumed from the AbstractSource w/ test (Fixes #3512)
- ๐ฏ 5912: clone problem in datetimeselect form element clone method
- ๐ 5913: Hotfix for #5912: wrong datetime select form element cloning logic
- โ 5916: Zend\Http: Unit tests for multi-line headers
โก๏ธ SECURITY UPDATES
- ZF2014-01: Potential XXE/XEE attacks using PHP functions:
simplexml_load_*
,DOMDocument::loadXML
, andxml_parse
. A new component,ZendXml
, was introduced to mitigate XML eXternal Entity and XML Entity Expansion vectors that are present in older versions of libxml2 and/or PHP.Zend\Json\Json::fromXml()
andZend\XmlRpc
'sResponse
andFault
classes were potentially vulnerable to these attacks. If you use either of these components, we recommend upgrading immediately.