From f1b0fe08207e03214a6b5e9c457c681012407eb8 Mon Sep 17 00:00:00 2001
From: Matthew Weier O'Phinney <matthew@zend.com>
Date: Tue, 15 Sep 2015 10:49:17 -0500
Subject: [PATCH] [1.12.16] release readiness

- Updated VERSION constant.
- Updated README with date, release, and security notes.
---
 README.md                | 20 ++++++++++++++++++--
 library/Zend/Version.php |  2 +-
 2 files changed, 19 insertions(+), 3 deletions(-)

diff --git a/README.md b/README.md
index eb706903a7..c6e365f65b 100644
--- a/README.md
+++ b/README.md
@@ -7,12 +7,28 @@ Master: [![Build Status](https://api.travis-ci.org/zendframework/zf1.png?branch=
 RELEASE INFORMATION
 ===================
 
-Zend Framework 1.12.16dev Release.
-Released on MMM DD, YYYY.
+Zend Framework 1.12.16 Release.
+Released on Sep 15, 2015.
 
 IMPORTANT FIXES FOR 1.12.16
 ---------------------------
 
+This release contains security fixes:
+
+- **ZF2015-07**: A number of components, including `Zend_Cloud`,
+  `Zend_Search_Lucene`, and `Zend_Service_WindowsAzure` were creating directories with
+  a liberal umask that could lead to local arbitrary code execution and/or
+  local privilege escalation. This release contains a patch that ensures the
+  directories are created using permissions of 0775 and files using 0664
+  (essentially umask 0002).
+
+- **ZF2015-08**: ZF2014-06 uncovered an issue in the sqlsrv adapter provided by
+  the framework whereby null bytes were not filtered correctly when generating
+  SQL. A reporter discovered the same vulnerability is present in our PDO implementation
+  when used with pdo_dblib, and could potentially be applied to other PDO adapters.
+  This release contains a patch to properly escape null bytes used in SQL queries
+  across all PDO adapters shipped with the framework.
+
 See http://framework.zend.com/changelog for full details.
 
 NEW FEATURES
diff --git a/library/Zend/Version.php b/library/Zend/Version.php
index 60940774d7..a5f244f711 100644
--- a/library/Zend/Version.php
+++ b/library/Zend/Version.php
@@ -32,7 +32,7 @@ final class Zend_Version
     /**
      * Zend Framework version identification - see compareVersion()
      */
-    const VERSION = '1.12.16dev';
+    const VERSION = '1.12.16';
 
     /**
      * The latest stable version Zend Framework available