Archives


Master Symfony2 fundamentals

Be trained by SensioLabs experts (2 to 6 day sessions -- French or English).
trainings.sensiolabs.com

Discover the SensioLabs Support

Access to the SensioLabs Competency Center for an exclusive and tailor-made support on Symfony
sensiolabs.com

gravatar
symfony 1.3.10 and 1.4.10: security releases
by Kris Wallsmith – March 21, 2011 – 8 comments

The core team would like to announce the immediate availability of symfony 1.3.10 and 1.4.10. These are security releases in response to Doctrine's security release over the weekend. We recommend everyone update immediately.

From the Doctrine blog:

Because of a SQL injection possibility we urge users of Doctrine 1.2 and 2 to the newly released versions of both libraries immediately. Both versions only include the security fix and no other changes to their previous versions 1.2.3 and 2.0.2.

This release also marks the end of support for the 1.3 branch. We will continue to support symfony 1.4 until November 2012, per the policy outlined here.

How to Upgrade

If you've checked out a copy of the tag from Subversion you can switch to the latest version:

// symfony 1.3
$ svn switch http://svn.symfony-project.com/tags/RELEASE_1_3_10

// symfony 1.4
$ svn switch http://svn.symfony-project.com/tags/RELEASE_1_4_10

If you are using the PEAR package you can update using the pear command:

// symfony 1.3
$ pear upgrade symfony/symfony-1.3.10

// symfony 1.4
$ pear upgrade symfony/symfony-1.4.10

Comments RSS

  • gravatar
    #1 eMerzh said on the 2011/03/21 at 22:55
    Is there an official git repo to clone? i used to use a repo but it stop to sync 2 month ago :s
  • gravatar
    #2 Anton said on the 2011/03/22 at 08:18
    @eMerzh: This is the git repo, which is updating periodically - http://github.com/vjousse/symfony-1.4
  • gravatar
    #3 Zuzanna said on the 2011/03/22 at 11:06
    Do propel user need to install this update too?
  • gravatar
    #4 eMerzh said on the 2011/03/22 at 12:26
    @Anton: Yes but it's not up-to-date :/
  • gravatar
    #5 Tito Miguel Costa said on the 2011/03/22 at 12:36
    Seems that this release breaks multiple database access. I have a project with two database configurations that backups data from one to another, and since the upgrade, doesn't work anymore. All the tables are related to the first database configuration in databases.yml, despite the value of the param connection in the schema.
  • gravatar
    #6 Andi said on the 2011/03/23 at 10:01
    http://trac.symfony-project.org/ticket/9092#comment:22

    The multiple doctrine database management does not work any more
  • gravatar
    #7 Tito Miguel Costa said on the 2011/03/24 at 14:58
    @Andi thanks for pointing out the ticket, not doubt this is a major problem.
  • gravatar
    #8 best moisturiser said on the 2011/03/26 at 00:39
    It's good to know!