A week of symfony #296 (27 August -> 2 September 2012)

This week, Symfony 2.1.0 RC2 and Symfony 2.0.17 were released to fix several potential security issues related to XML handling. In addition, the final version of Symfony 2.1.0 was announced for the next week and the full Symfony Live London conference schedule was published.

Development mailing list

Symfony2 development highlights

Master branch:

  • 7b63428: [Process] add workaround for PHP's internal sigchild failing to return proper exit codes
  • 5cb8264: [Form] deprecated Form::hasErrors that isn't part of the Interface
  • 4c5bfab: [FrameworkBundle] non-permanent redirects now return 404 status code (as stated in the spec)
  • dcbeeb1: [Form] replaced UnexpectedValueException by InvalidArgumentException in Guess
  • 0186731: [Form] removed hasParent from FormInterface and deprecated its use (there are already 2 alternatives with getParent() and isRoot())
  • 39606c8: published Symfony 2.1.0 RC2
  • eb2eba1: [Form] don't allow users to force exceptions by submitting unexpected data
  • cf4189b: moved remember me ResponseListener from security bundle into security component
  • 7503ec9: [Validator] fixed when match is false the html5 validation regexp should be either inverted or not added
  • 4225869, 5f64503, 3363832: [Routing] allowed disabling the requirements check on URL generation
  • cb7e3f5: [Routing] added route compile check to identify a default value of a required variable that does not match the requirement
  • 04fd5f1: [Form] fixed PropertyPath to not modify Collection instances (not even their clones)

2.0.x branch:

  • 352e8f5: [FrameworkBundle] redirects are now absolute (it's mandatory according to W3C)
  • 865461d: standardized the way we handle XML errors
  • a2a6cdc, c896d71, 4e0c992: prevented injection of malicious doc types
  • 47fe725: disabled network access when loading XML documents
  • 5bf4f92: fixed XML decoding attack vector through external entities
  • e333865, 9e54d6c: published Symfony 2.0.17

Repository summary: 5,460 watchers (#1 in PHP, #34 overall) and 1,537 forks (#1 in PHP, #13 overall).

They talked about us

A week of symfony #296 (27 August -> 2 September 2012) symfony.com/blog/a-week-of-symfony-296-27-august-2-september-2012

Tweet this


Comments are closed.

To ensure that comments stay relevant, they are closed for old posts.