Symfony 2.8.49 released

Symfony 2.8.49 has just been released. Here is a list of the most important changes:

  • security #cve-2018-19790 [SecurityHttp] detect bad redirect targets using backslashes (@xabbuh)
  • security #cve-2018-19789 [Form] Filter file uploads out of regular form types (@nicolas-grekas)

Want to upgrade to this new release? Fortunately, because Symfony protects backwards-compatibility very closely, this should be quite easy. Read our upgrade documentation to learn more.

Want to be notified whenever a new Symfony release is published? Or when a version is not maintained anymore? Or only when a security issue is fixed? Consider subscribing to the Symfony Roadmap Notifications.

Comments

the links to cve... don't work
@Francesco they don't work temporarily until the related CVE blog posts aren't published. But links work now. Thanks!

Comments are closed.

To ensure that comments stay relevant, they are closed for old posts.