- What is Symfony?
- Get started
- Documentation
- Community
- Services
-
News
Latest News
What happened last week in Symfony?
This week, Symfony 2.1 updated its minimum required PHP version to 5.3.3, which contains a lot of bug fixes. Meanwhile, Dependency Injection and Session were the most active components in the repository.
Upcoming EventsThe Symfony Community organizes events all over the world on a regular basis. Here are the next ones.
France, Paris — Symfony Live Paris 2012
from June 06, 2012 to June 09, 2012
Spain, Castellón — deSymfony 2012
from June 15, 2012 to June 16, 2012
Brazil, Belo Horizonte — sfcon 2012
on June 23, 2012, from 08:00 to 18:00
United Kingdom, London — Symfony2 Lightning Talks - London
on June 28, 2012, from 19:00 to 22:00 - About
Questions & Feedback
Found a typo or an error?
Open a ticket.
Need support or have a technical question?
Post to the user mailing-list.
Master Symfony2 fundamentals
Symfony hosting done right
Reporting a Security Issue
Reporting a Security Issue¶
Found a security issue in Symfony2? Don't use the mailing-list or the bug tracker. All security issues must be sent to security [at] symfony-project.com instead. Emails sent to this address are forwarded to the Symfony core-team private mailing-list.
For each report, we first try to confirm the vulnerability. When it is confirmed, the core-team works on a solution following these steps:
- Send an acknowledgement to the reporter;
- Work on a patch;
- Write a post describing the vulnerability, the possible exploits, and how to patch/upgrade affected applications;
- Apply the patch to all maintained versions of Symfony;
- Publish the post on the official Symfony blog.
Note
While we are working on a patch, please do not reveal the issue publicly.
NEWS FROM THE BLOG
IN THE NEWS
is a trademark of Fabien Potencier. All rights reserved.