CVE-2015-2308 is about possible code injections via the ESI framework.
April 1, 2015
#Security Advisories
CVE-2015-2309 fixes some unsafe methods in the Request class.
April 1, 2015
#Security Advisories
The Symfony Console component is the second most popular Symfony component,
with more than eight million downloads on Packagist.org so far. One of the main
factors of its success is the amount of features that it provides to create
advanced console commands. In Symfony 2.7 we went a step further and added support
for defining advanced table layouts.
March 30, 2015
#Living on the edge
This week, Symfony officially introduced its new installer. In addition, the String security utils were refactored and some nice performance improvements were applied to DomCrawler component and to the PHP container dumper. Lastly, the upcoming Symfony 3 version removed all the *.class container parameters, since they are no longer considered a good practice.
March 29, 2015
#A week of symfony
In 2011, we developed a revolutionary installation method for the Symfony 2.0 version which ultimately resulted in the creation of the Composer project. Throughout subsequent versions of Symfony, we leveraged Composer and pushed it to its limits. Having done so, it's time to introduce a new way to install Symfony: the Symfony Installer.
March 26, 2015
#Symfony
Jakub Zalas is the new lead for the DomCrawler Component.
March 23, 2015
#Community
This week Symfony released two new maintenance versions: 2.3.26 and 2.6.5. Meanwhile, Symfony 2.7 added a new command to encode passwords, added support for amqp in VarDumper component and improved ACL. Lastly, two new developers were appointed as Symfony Core members: Abdellatif AitBoudad and Christian Flothmann.
March 22, 2015
#A week of symfony