Have found a security issue in Symfony? Send the details to security [at] symfony.com and don't disclose it publicly until we can provide a fix for it.

Manage your notification preferences to receive an email as soon as a Symfony security release is published.

Security release: Symfony 2.0.20 and 2.1.5 released

Symfony 2.0.20 and Symfony 2.1.5 have just been released and they both contain two security fixes.

December 20, 2012 #Security Advisories

Security release: Symfony 2.0.19 and 2.1.4

Symfony 2.0.18 and 2.1.4 have been released with a security issue fix.

November 29, 2012 #Security Advisories

Security release: symfony 1.4.20 released

symfony 1.4.20 has just been released. It contains a security fix.

November 25, 2012 #Security Advisories

Security Release: Symfony 2.0.17 released

Symfony 2.0.17 has just been released.

August 28, 2012 #Security Advisories

Security Release: symfony 1.4.18 released

symfony 1.4.18 has just been released. It contains a security fix.

May 30, 2012 #Security Advisories

Security Release: Symfony 2.0.11 released

Symfony 2.0.11 has just been released. Read the post as this release fixes a security vulnerability in the Serializer Component.

February 24, 2012 #Security Advisories

Security Release: Symfony 2.0.6

Symfony 2.0.6 addresses a security vulnerability in the EntityUserProvider as provided in the Doctrine bridge.

November 16, 2011 #Security Advisories

symfony 1.3.10 and 1.4.10: security releases

These releases include yesterday's Doctrine security release.

March 21, 2011 #Security Advisories

Security Release: symfony 1.3.6 and 1.4.6

This patch addresses a security vulnerability in the view cache that was introduced with symfony 1.3 and 1.4.

June 29, 2010 #Security Advisories

symfony 1.3.5 and 1.4.5

Read more about the latest versions of symfony 1.3 and 1.4 here.

May 31, 2010 #Security Advisories

« Security Advisories » blog posts