The Symfony Blog

JsTranslationBundle Security Release

Andreas Forsblom reported two potential security issues on JsTranslationBundle: a path traversal attack and a code remote injection.

Symfony Community Bundles Survey

Which community bundles are the most useful for your Symfony projects? Share them with us by filling in this survey.

A week of symfony #395 (21->27 July 2014)

This week Symfony increased its development activity significantly. The most important change was the introduction of SSI support. In addition, a memory leak was fixed in ValidatorBuilder and object initializers were fixed for the 2.5 version of the Validator.

Workshops polls for SymfonyLive New York and SymfonyCon Madrid

After some time of reflection to decide which workshops we should (or should not) organize at SymfonyLive New York and SymfonyCon Madrid, we decided to directly ask you the question.

A week of symfony #394 (14->20 July 2014)

This week Symfony published three security releases to address a potential code injection issue in the way Symfony implements translation caching in FrameworkBundle. In addition, it fixed object initializers for Validator component and it removed spaceless blocks from Twig templates.

New in Symfony 2.6: Added support for XLIFF notes

Symfony 2.6 adds support for embedding notes in XLIFF files. This will allow to include contextual information to improve translations.

Security releases (CVE-2014-4931): Symfony 2.3.18, 2.4.8, and 2.5.2 released

Symfony 2.3.18, 2.4.8, and 2.5.2 have just been released; they contain a security fix for the Translator class provided by FrameworkBundle (CVE-2014-4931).

A week of symfony #393 (7->13 July 2014)

This week Symfony project published the 2.3.17, 2.4.7 and 2.5.1 maintenance versions. In addition, the first edition of the SymfonyLive New York conference was announced. Lastly, a new initiative to improve REST in Symfony was announced.

Symfony 2.5.1 released

Read release notes