We are very pleased to announce the release of Yii Framework version 2.0.4. Please refer to the instructions at http://www.yiiframework.com/download/ to install or upgrade to this version.

Version 2.0.4 is a patch release of Yii 2.0 which contains over 100 minor new features and bug fixes. It contains a fix for the security issue CVE-2015-3397 that may allow XSS attacks to IE6/IE7 users. For this reason, you are urged to upgrade to this version if your applications are required to support IE6/IE7. We have added a new helper method yii\helpers\Json::htmlEncode() which should be used instead of Json::encode() if you use the result in Javascript code that is embedded in a HTML page to avoid the problem described above.

The release further adds a new core validator named EachValidator which allows you to validate every element in an array input. A new method named attributeHints() is added to yii\base\Model, which let you to configure input hints (in addition to input labels). And finally you can use indexBy() together with column() when performing database query with yii\db\Query. It will return an array of scalar values indexed by the specified column or computed indices. There are many other useful additions and changes to this release. Please refer to the core framework change log and the extension change logs.

We hereby thank to all contributors who have spent their precious time helping improve Yii and made this release possible.

You may follow the development progress of Yii 2 by starring or watching Yii 2.0 GitHub Project. You may also follow Yii Twitter feeds or join Yii Facebook group to connect with other Yii developers.