The Zend Framework community annonced the availability of two new edition of the framework : 2.3.8 and 2.4.1. These are the eighth and first feature releases, respectively, for these minor versions. The releases contain an important security fix; 2.4.1 also corrects several backwards compatibility (BC) breaks introduced in version 2.4.0.
One new security advisory has been made : ZF2015-04, which patches CRLF Injection Attacks in the Zend\Mail and Zend\Http components.
Notice that while the work on ZF3 already started, the 2.4 series will remain the current Long Term Support release, and will receive security and critical bug fixes until 31 March 2018.
More information and download on : http://framework.zend.com