Some days ago, Kousuke Ebihara
sent an email to the Symfony dev mailing-list about how we could improve the
security release announcements. It also took the time to list all past
security issues in Symfony.
Today, I'm pleased to announced that we have improved our management of security issues in several ways:
There is a new Security Advisories section on the blog
that lists all blog posts about security releases;
We have improved our process by refining the way we
handle and resolve security issues;
There is a new http://symfony.com/security
shortcut URL that redirects to the documentation section that talks about
security in Symfony;
The security page in the documentation now also lists all past security
advisories (including the ones for symfony 1.x);
All emails sent from the mailing-list now have a link to the security page.