A week of symfony #401 (01->07 September 2014)

This week Symfony released 2.3.19, 2.4.9 and 2.5.4 maintenance version to address several potential security vulnerabilities. In addition, the import/export feature of the web profiler was replaced by a CLI tool.

Symfony2 development highlights

2.3 changelog:

  • 3b4046e: [HttpFoundation] added some missing tests
  • 101a3b7, 9e1bc22: [FrameworkBundle] validate translator locales
  • 654b1f2: [FrameworkBundle] forced all fragment uris to be signed, even for ESI
  • f38536a, 1421449: [WebProfiler] replaced the import/export feature from the web interface to a CLI tool
  • 23eb033: [HttpKernel] fixed internal fragment handling
  • 854e07b: [Yaml] improved error when detecting unquoted asterisks
  • b044c45: [HttpKernel] escape parameter on generated response
  • a7d0cf2: [Yaml] properly mask escape sequences in quoted strings
  • 131abd8: [Security] fixed usage of unexistent method in DoctrineAclCache

2.4 changelog:

  • a676863: [Security] added more tests for StringUtils::equals

2.5 changelog:

  • 4ef1328: [HttpKernel] fixed some unit tests (signature now uses SHA256 instead of MD5)

Master changelog:

  • ddc0e86: [FrameworkBundle] fixed SSI definition
  • 1862427: [HttpKernel] escaped SSI virtual in generated response
  • 30fed6a: [Translation] removed the options from the arguments of Translator

Newest issues and pull requests

They talked about us

A week of symfony #401 (01->07 September 2014) symfony.com/blog/a-week-of-symfony-401-01-07-september-2014

Tweet this

Comments

Comments are closed.

To ensure that comments stay relevant, they are closed for old posts.