Version **2.3.7** (2015-03-12)
* #7255 Revert BC break against AbstractRestfulController
Version **2.3.6** (2015-03-12)
* ZF2015-03 ZendValidatorCsrf was incorrectly testing null or improperly formatted token identifiers, allowing them to pass validation. This release provides patches to correct the behavior. If you use the validator, or the corresponding ZendFormElementCsrf, we recommend upgrading immediately.