Symfony Blog
All about Symfony releases, new Symfony features, and other important announcements
CVE-2014-6072 is about fixing a CSRF vulnerability in the Web Profiler.
September 3, 2014
#Security Advisories
CVE-2014-6061 is about a potential security issue when parsing the Authorization header.
September 3, 2014
#Security Advisories
CVE-2014-5245 is about being able to access ESI URLs even behind a trusted
proxy.
September 3, 2014
#Security Advisories
CVE-2014-5244 is about a potential denial of service with a malicious HTTP Host header.
September 3, 2014
#Security Advisories
This week, "A Week of Symfony" achieves an incredible milestone: its 400th issue! That means that we've been publishing a weekly digest for almost eight years, without missing a single week.
August 31, 2014
#A week of symfony
Symfony 2.6 will include a new security:check command, which looks for known security vulnerabilities in your project's dependencies.
August 26, 2014
#Living on the edge
This week, Symfony organized its second DX Hackday. This time developers focused not only on the Symfony core but also on the 30 mot useful bundles. Meanwhile, a new simpler option validation was proposed for the OptionsResolver component.
August 24, 2014
#A week of symfony