登录
注册
开源
企业版
高校版
搜索
帮助中心
使用条款
关于我们
开源
企业版
高校版
私有云
模力方舟
AI 队友
登录
注册
轻量养虾,开箱即用!低 Token + 稳定算力,Gitee & 模力方舟联合出品的 PocketClaw 正式开售!点击了解详情
代码拉取完成,页面将自动刷新
捐赠
捐赠前请先登录
取消
前往登录
扫描微信二维码支付
取消
支付完成
支付提示
将跳转至支付宝完成支付
确定
取消
Watch
不关注
关注所有动态
仅关注版本发行动态
关注但不提醒动态
5
Star
0
Fork
0
Gitee 极速下载
/
zendframework
代码
Wiki
统计
流水线
服务
PHPDoc
质量分析
Jenkins for Gitee
腾讯云托管
腾讯云 Serverless
悬镜安全
阿里云 SAE
Codeblitz
SBOM
开发画像分析
我知道了,不再自动展开
标签
标签名
描述
提交信息
操作
release-2.4.13
Zend Framework 2.4.13 - Restores php 5.3 compat in Zend\Mail\Header\HeaderValue.
06bf809
2017-07-14 01:23
下载
release-2.4.12
Zend Framework 2.4.12 - Fix signature issue with AbstractContainer::offsetGet
7b9a036
2017-06-20 03:11
下载
release-2.4.11
Zend Framework 2.4.11 - Fixes ZF2016-04 vulnerability
781cb24
2016-12-20 06:38
下载
release-3.0.0
Zend Framework 3.0.0 - [Read the migration documentation](https://docs.zendframework.com/tutorials/migration/to-v3/overview/). - [Read the recommended quick start](https://docs.zendframework.com/tutorials/getting-started/overview/) - Marks the package as a Composer metapackage; this means the package itself will not be installed, only the requirements it defines. - Updates the minimum supported PHP version to 5.6. - Updates all components to latest versions, including v3 releases where present. Also adds the following components: - zend-mvc-console - zend-mvc-plugins - zend-mvc-form - zend-mvc-i18n - zend-json-server - zend-xml2json - zend-diactoros - zend-stratigility - zend-psr7bridge - zend-hydrator - zend-servicemanager-di - Removes all `bin/*` scripts.
7fb89c7
2016-06-28 20:44
下载
release-2.4.10
Zend Framework 2.4.10 - Fix HeaderValue throwing an exception on legal characters
7e5bdc3
2016-05-10 04:54
下载
release-2.5.3
Zend Framework 2.5.3 - [#7665](https://github.com/zendframework/zf2/pull/7665) updates component version constraints from `~2.5.0` to `^2.5` to ensure the latest security updates are always installed.
aeb432d
2016-01-28 02:00
下载
release-2.4.9
Zend Framework 2.4.9 SECURITY UPDATES ---------------- - **ZF2015-09**: `Zend\Captcha\Word` generates a "word" for a CAPTCHA challenge by selecting a sequence of random letters from a character set. Prior to this vulnerability announcement, the selection was performed using PHP's internal `array_rand()` function. This function does not generate sufficient entropy due to its usage of `rand()` instead of more cryptographically secure methods such as `openssl_pseudo_random_bytes()`. This could potentially lead to information disclosure should an attacker be able to brute force the random number generation. This release contains a patch that replaces the `array_rand()` calls to use `Zend\Math\Rand::getInteger()`, which provides better RNG. - **ZF2015-10**: `Zend\Crypt\PublicKey\Rsa\PublicKey` has a call to `openssl_public_encrypt()` which used PHP's default `$padding` argument, which specifies `OPENSSL_PKCS1_PADDING`, indicating usage of PKCS1v1.5 padding. This padding has a known vulnerability, the [Bleichenbacher's chosen-ciphertext attack](http://crypto.stackexchange.com/questions/12688/can-you-explain-bleichenbachers-cca-attack-on-pkcs1-v1-5), which can be used to recover an RSA private key. This release contains a patch that changes the padding argument to use `OPENSSL_PKCS1_OAEP_PADDING`. Users upgrading to this version may have issues decrypting previously stored values, due to the change in padding. If this occurs, you can pass the constant `OPENSSL_PKCS1_PADDING` to a new `$padding` argument in `Zend\Crypt\PublicKey\Rsa::encrypt()` and `decrypt()` (though typically this should only apply to the latter): ```php $decrypted = $rsa->decrypt($data, $key, $mode, OPENSSL_PKCS1_PADDING); ``` where `$rsa` is an instance of `Zend\Crypt\PublicKey\Rsa`. (The `$key` and `$mode` argument defaults are `null` and `Zend\Crypt\PublicKey\Rsa::MODE_AUTO`, if you were not using them previously.) We recommend re-encrypting any such values using the new defaults.
4d096d1
2015-11-24 01:30
下载
release-2.4.8
Zend Framework 2.4.8 - [zend-validator/25: validate against DateTimeImmutable instead of DateTimeInterface](https://github.com/zendframework/zend-validator/pull/25) - [zend-validator/35: treat 0.0 as non-empty, restoring pre-2.4 behavior](https://github.com/zendframework/zend-validator/pull/35) - [zend-inputfilter/26: deprecate "magic" logic for auto-attaching NonEmpty validators in favor of explicit attachment](https://github.com/zendframework/zend-inputfilter/pull/26) - [zend-inputfilter/22: ensure fallback values work as per pre-2.4 behavior](https://github.com/zendframework/zend-inputfilter/pull/22) - [zend-inputfilter/31: update the InputFilterInterface::add() docblock to match implementations](https://github.com/zendframework/zend-inputfilter/pull/31) - [zend-inputfilter/25: Fix how missing optoinal fields are validated to match pre 2.4.0 behavior](https://github.com/zendframework/zend-inputfilter/pull/26) - [zend-form/12: deprecate AllowEmpty and ContinueIfEmpty annotations, per zend-inputfilter#26](https://github.com/zendframework/zend-form/pull/12) - [zend-form/9: fix typos in aria attribute names of AbstractHelper](https://github.com/zendframework/zend-form/pull/9) - [zend-mail/26: fixes the ContentType header to properly handle encoded parameter values](https://github.com/zendframework/zend-mail/pull/26) - [zend-mail/11: fixes the Sender header to allow mailbox addresses without TLDs](https://github.com/zendframework/zend-mail/pull/11) - [zend-mail/24: fixes parsing of messages that contain an initial blank line before headers](https://github.com/zendframework/zend-mail/pull/24) - [zend-http/23: fixes the SetCookie header to allow multiline values (as they are always encoded)](https://github.com/zendframework/zend-http/pull/23) - [zend-mvc/27: fixes DefaultRenderingStrategy errors due to controllers returning non-view model results](https://github.com/zendframework/zend-mvc/pull/27) SECURITY UPDATES ---------------- - **ZF2015-07**: The filesystem storage adapter of `Zend\Cache` was creating directories with a liberal umask that could lead to local arbitrary code execution and/or local privilege escalation. This release contains a patch that ensures the directories are created using permissions of 0775 and files using 0664 (essentially umask 0002).
04909f4
2015-09-16 01:14
下载
release-2.4.7
Zend Framework 2.4.7 - [15: validateInputs must allow ArrayAccess for $data](https://github.com/zendframework/zend-inputfilter/pull/15)
b13b45e
2015-08-12 00:19
下载
release-2.5.2
Zend Framework 2.5.2 SECURITY UPDATES ---------------- - **ZF2015-06**: `ZendXml` runs a heuristic detection for XML Entity Expansion and XML eXternal Entity vectors when under php-fpm, due to issues with threading in libxml preventing using that library's built-in mechanisms for disabling them. However, the heuristic was determined to be faulty when multibyte encodings are used for the XML. This release contains a patch to ensure that the heuristic will work with multibyte encodings. If you use Zend Framework components that utilize DOMDocument or SimpleXML (which includes `Zend\XmlRpc`, `Zend\Soap`, `Zend\Feed`, and several others), and deploy using php-fpm in production (or plan to), we recommend upgrading immediately.
0993994
2015-08-03 23:13
下载
release-2.4.6
Zend Framework 2.4.6 - [10: Take fallback value into account during input filter validation](https://github.com/zendframework/zend-inputfilter/pull/10) SECURITY UPDATES ---------------- - **ZF2015-06**: `ZendXml` runs a heuristic detection for XML Entity Expansion and XML eXternal Entity vectors when under php-fpm, due to issues with threading in libxml preventing using that library's built-in mechanisms for disabling them. However, the heuristic was determined to be faulty when multibyte encodings are used for the XML. This release contains a patch to ensure that the heuristic will work with multibyte encodings. If you use Zend Framework components that utilize DOMDocument or SimpleXML (which includes `Zend\XmlRpc`, `Zend\Soap`, `Zend\Feed`, and several others), and deploy using php-fpm in production (or plan to), we recommend upgrading immediately.
e0fc119
2015-08-03 23:03
下载
release-2.4.5
Zend Framework 2.4.5 - [7: Ensure Required, AllowEmpty validation combo works](https://github.com/zendframework/zend-inputfilter/pull/7)
d7c27c5
2015-07-28 23:44
下载
release-2.4.4
Zend Framework 2.4.4 - [#9](https://github.com/zendframework/zend-stdlib/pull/9) fixes an issue with count incrementation during insert in PriorityList, ensuring that incrementation only occurs when the item inserted was not previously present in the list.
84cad41
2015-07-21 23:45
下载
release-2.4.3
Zend Framework 2.4.3 - Use the Host port when port forwarding is detected
eb6275e
2015-06-15 21:41
下载
release-2.5.1
Zend Framework 2.5.1 - [#7571](https://github.com/zendframework/zf2/pull/7571) makes `zend-ldap` an optional dependency instead of a hard dependency, as `zend-ldap` has a hard requirement on `ext-ldap`, blocking installation for many users. If you use `zend-ldap`, you will need to call `composer require zendframework/zend-ldap` after upgrading to 2.5.1.
e192ce1
2015-06-04 23:35
下载
release-2.5.0
Zend Framework 2.5.0 - [7072: Split Framework](https://github.com/zendframework/zf2/issues/7072) - [7095: Drop PHP 5.3 support](https://github.com/zendframework/zf2/issues/7095) - [7119: #7095 - bumping minimum PHP version requirement to 5.4.0](https://github.com/zendframework/zf2/pull/7119) - [7542: [WIP\ Make ZF2 a meta-package](https://github.com/zendframework/zf2/pull/7542)
9a47128
2015-06-04 01:36
下载
release-2.4.2
Zend Framework 2.4.2 - [7503: Mail header - boundary issue (related to ZF2015-04)](https://github.com/zendframework/zf2/issues/7503) - [7506: [mail\ Fix set UTF-8 values to headers. Fix #7501](https://github.com/zendframework/zf2/pull/7506) - [7507: [http\ Allow serialize any character on cookies](https://github.com/zendframework/zf2/pull/7507) - [7510: [mail/mime\ Fix content-type has invalid characters in field value. Fix #7503](https://github.com/zendframework/zf2/pull/7510) - [7512: \Zend\Ldap\Attribute::valueFromLdap catching wrong exception](https://github.com/zendframework/zf2/issues/7512) - [7513: [ldap\ Fix exceptions while parsing are not captured.](https://github.com/zendframework/zf2/pull/7513) - [7514: [#7503\ Pass the `\r\n` sequence to Part::getHeadersAsArray()](https://github.com/zendframework/zf2/pull/7514)
6ca85dc
2015-05-12 00:17
下载
release-2.3.9
Zend Framework 2.3.9 - [#7506](https://github.com/zendframework/zf2/pull/7506) resolves issues when UTF-8 values are used in Mail headers, particularly addresses. - [#7507](https://github.com/zendframework/zf2/pull/7507) ensures that array values can be used with cookies. - [#7514](https://github.com/zendframework/zf2/pull/7514) ensures that multipart MIME messages can be added to `Zend\Mail\Message` instances in such a way that they do not conflict with ZF2015-04.
32858f8
2015-05-12 00:03
下载
release-2.4.1
Zend Framework 2.4.1 - [7361: Missing parameter annotation in PHPDoc in Zend\Http\PhpEnvironment\Request](https://github.com/zendframework/zf2/pull/7361) - [7376: Fixes DocBlock for BasePath helper in PhpRenderer](https://github.com/zendframework/zf2/pull/7376) - [7378: Change year on comment](https://github.com/zendframework/zf2/pull/7378) - [7380: Remove unused code](https://github.com/zendframework/zf2/pull/7380) - [7383: Fixes typos](https://github.com/zendframework/zf2/pull/7383) - [7391: update composer's branch-alias](https://github.com/zendframework/zf2/pull/7391) - [7392: improvments for Zend\InputFilter](https://github.com/zendframework/zf2/pull/7392) - [7393: implements @todo write more tests for Zend\Ldap\Converter::toLdap()](https://github.com/zendframework/zf2/pull/7393) - [7394: fixed return type on disconnect method in pgsql connection](https://github.com/zendframework/zf2/pull/7394) - [7396: added connection type to allow force new connection](https://github.com/zendframework/zf2/pull/7396) - [7397: [travis\ Remove some old hacks](https://github.com/zendframework/zf2/pull/7397) - [7398: [travis\ Enable memcache and redis services](https://github.com/zendframework/zf2/pull/7398) - [7406: Update AutoDiscover.php](https://github.com/zendframework/zf2/pull/7406) - [7407: Sql-query breaks on 2.4.0 compare to 2.3.7](https://github.com/zendframework/zf2/issues/7407) - [7408: Zend\Code\Generator\ClassGenerator can not generate final classes](https://github.com/zendframework/zf2/pull/7408) - [7412: Use === and !== in null checks instead of == and !=](https://github.com/zendframework/zf2/pull/7412) - [7413: increase loop performance by assign count() to variable](https://github.com/zendframework/zf2/pull/7413) - [7415: XMLRPC Incompatibility with HHVM](https://github.com/zendframework/zf2/pull/7415) - [7417: replace self::EOL with PHP_EOL as AbstractHtmlElement::EOL is deprecated](https://github.com/zendframework/zf2/pull/7417) - [7419: Updated the CA language pack](https://github.com/zendframework/zf2/pull/7419) - [7420: implements tests's @todo of ZendTest\Http\Header\AuthorizationTest](https://github.com/zendframework/zf2/pull/7420) - [7422: Get correct expression string when Zend\Db\Sql\Expression is used](https://github.com/zendframework/zf2/pull/7422) - [7423: Test for percentage sign in Zend\Db\Sql\Expression](https://github.com/zendframework/zf2/pull/7423) - [7425: update variable name : $myParams to $pageParams](https://github.com/zendframework/zf2/pull/7425) - [7426: Fixed form collections with nested fieldsets that implements InputfilterProviderInterface](https://github.com/zendframework/zf2/pull/7426) - [7431: zf7428 fixed issue with inconsistent getTrait() behaviour #7428](https://github.com/zendframework/zf2/pull/7431) - [7432: update Zend_Validate.php resource file for 2.4](https://github.com/zendframework/zf2/pull/7432) - [7433: Update Zend_Validate.php for "id" for 2.4](https://github.com/zendframework/zf2/pull/7433) - [7436: remove version_compare check for PHP >=5.3.7](https://github.com/zendframework/zf2/pull/7436) - [7446: bugfix removing multiple fieldsets does't work](https://github.com/zendframework/zf2/pull/7446) - [7451: partialLoop notice #7450](https://github.com/zendframework/zf2/pull/7451) - [7453: update url to 'current' at INSTALL.md](https://github.com/zendframework/zf2/pull/7453) - [7460: Update PHP CS Fixer to v1.7](https://github.com/zendframework/zf2/pull/7460) - [7461: CS: The PHP constants true, false, and null MUST be in lower case.](https://github.com/zendframework/zf2/pull/7461) - [7462: CS: single_line_after_imports](https://github.com/zendframework/zf2/pull/7462) - [7468: Replace whitespace in the parameter prefix option passed to AbstractSql::processExpression](https://github.com/zendframework/zf2/pull/7468) - [7474: Implement expected Input::isValid workflow](https://github.com/zendframework/zf2/pull/7474) - [7476: [test\ Replace assert(True|False) with more appropriate assertions where possible](https://github.com/zendframework/zf2/pull/7476) - [7477: [travis\ Colorize PHPUnit output (requires PHPUnit ~4.6)](https://github.com/zendframework/zf2/pull/7477) - [7478: [memory\ isLocked sometimes return integer instead bool](https://github.com/zendframework/zf2/pull/7478) - [7480: [travis-ci\ HHVM nightly is not supported](https://github.com/zendframework/zf2/pull/7480) - [7481: CS remove unused uses](https://github.com/zendframework/zf2/pull/7481) - [7482: Fix undefined PGSQL_CONNECT_ASYNC only present in PHP 5.6](https://github.com/zendframework/zf2/pull/7482) - [7483: [#7396\ Functionality only works in PHP >= 5.6](https://github.com/zendframework/zf2/pull/7483) - [7485: [config\[test\ Fix assertContains should be assertArrayHasKey](https://github.com/zendframework/zf2/pull/7485) - [7489: Updated phpDoc and removed duplicates](https://github.com/zendframework/zf2/pull/7489) - [7490: mongo: mentions of redis removed](https://github.com/zendframework/zf2/pull/7490) - [7492: [stdlib\[test\ Fix Deprecated notice for Non-static method called static](https://github.com/zendframework/zf2/pull/7492) - [7493: [travis-ci\ Print list of PEAR packages installed and their versions](https://github.com/zendframework/zf2/pull/7493) - [7494: [db\[pgsql\[test\ Fix testDisconnect](https://github.com/zendframework/zf2/pull/7494) - [7495: [console\ Assert only int error levels are set](https://github.com/zendframework/zf2/pull/7495) SECURITY UPDATES ---------------- - **ZF2015-04**: `Zend\Mail` and `Zend\Http` were both susceptible to CRLF Injection Attack vectors (for HTTP, this is often referred to as HTTP Response Splitting). Both components were updated to perform header value validations to ensure no values contain characters not detailed in their corresponding specifications, and will raise exceptions on detection. Each also provides new facilities for both validating and filtering header values prior to injecting them into header classes. If you use either `Zend\Mail` or `Zend\Http` (which includes users of `Zend\Mvc`), we recommend upgrading immediately.
3b3b6f3
2015-05-08 01:08
下载
release-2.3.8
Zend Framework 2.3.8 SECURITY UPDATES ---------------- - **ZF2015-04**: `Zend\Mail` and `Zend\Http` were both susceptible to CRLF Injection Attack vectors (for HTTP, this is often referred to as HTTP Response Splitting). Both components were updated to perform header value validations to ensure no values contain characters not detailed in their corresponding specifications, and will raise exceptions on detection. Each also provides new facilities for both validating and filtering header values prior to injecting them into header classes. If you use either `Zend\Mail` or `Zend\Http` (which includes users of `Zend\Mvc`), we recommend upgrading immediately.
ba4ad46
2015-05-08 00:23
下载
下载
请输入验证码,防止盗链导致资源被占用
取消
下载
PHP
1
https://gitee.com/mirrors/zendframework.git
git@gitee.com:mirrors/zendframework.git
mirrors
zendframework
zendframework
点此查找更多帮助
搜索帮助
Git 命令在线学习
如何在 Gitee 导入 GitHub 仓库
Git 仓库基础操作
企业版和社区版功能对比
SSH 公钥设置
如何处理代码冲突
仓库体积过大,如何减小?
如何找回被删除的仓库数据
Gitee 产品配额说明
GitHub仓库快速导入Gitee及同步更新
什么是 Release(发行版)
将 PHP 项目自动发布到 packagist.org
评论
仓库举报
回到顶部
登录提示
该操作需登录 Gitee 帐号,请先登录后再操作。
立即登录
没有帐号,去注册
