Doctrine Common 2.1.3, DBAL 2.1.5 and ORM 2.1.3 Releases

Posted on November 21, 2011 by Benjamin Eberlei

The bugfix release is three weeks overdue, here is it now:

The security fix concerns usage of the ASC/DESC orientation parameters in $repository->findBy($criteria, $orderBy), which is subject to SQL injection when user-input is allowed into this method.

You can grab the downloads from the project page , via PEAR or Git

Please update your installations.