A week of symfony #401 (01->07 September 2014)

This week Symfony released 2.3.19, 2.4.9 and 2.5.4 maintenance version to address several potential security vulnerabilities. In addition, the import/export feature of the web profiler was replaced by a CLI tool.

Symfony2 development highlights

2.3 changelog:

  • 3b4046e: [HttpFoundation] added some missing tests
  • 101a3b7, 9e1bc22: [FrameworkBundle] validate translator locales
  • 654b1f2: [FrameworkBundle] forced all fragment uris to be signed, even for ESI
  • f38536a, 1421449: [WebProfiler] replaced the import/export feature from the web interface to a CLI tool
  • 23eb033: [HttpKernel] fixed internal fragment handling
  • 854e07b: [Yaml] improved error when detecting unquoted asterisks
  • b044c45: [HttpKernel] escape parameter on generated response
  • a7d0cf2: [Yaml] properly mask escape sequences in quoted strings
  • 131abd8: [Security] fixed usage of unexistent method in DoctrineAclCache

2.4 changelog:

  • a676863: [Security] added more tests for StringUtils::equals

2.5 changelog:

  • 4ef1328: [HttpKernel] fixed some unit tests (signature now uses SHA256 instead of MD5)

Master changelog:

  • ddc0e86: [FrameworkBundle] fixed SSI definition
  • 1862427: [HttpKernel] escaped SSI virtual in generated response
  • 30fed6a: [Translation] removed the options from the arguments of Translator

Newest issues and pull requests

They talked about us


Comments are closed.

To ensure that comments stay relevant, they are closed for old posts.