Zend Framework 1.12.20 Released!

The Zend Framework community is pleased to announce the immediate availability
of Zend Framework 1.12.20! Packages and installation instructions are available at:


This release includes a single security patch, reported as
ZF2016-03, for SQL injection vulnerabilities in
the Zend_Db_Select::order() and Zend_Db_Select::group() methods. If you use
these, we recommend updating immedaitely.

To see the complete set of issues resolved for 1.12.20, please visit the changelog:

End of Life

As announced previously, Zend Framework 1 will
reach its end of life on 28 September 2016, and only receive security fixes
between now and that date. Past that point, we will offer custom bug
and security fixes for Zend Framework 1 on-demand only to
Enterprise users of Zend Server.

Thank You!

Many thanks to Enrico Zimuel for his efforts in
developing the security patch for this release!

Source: Zend feed