Symfony 2.8.49 has just been released. Here is a list of the most important changes:
- security #cve-2018-19790 [SecurityHttp] detect bad redirect targets using backslashes (@xabbuh)
- security #cve-2018-19789 [Form] Filter file uploads out of regular form types (@nicolas-grekas)
Want to upgrade to this new release? Fortunately, because Symfony protects backwards-compatibility very closely, this should be quite easy. Read our upgrade documentation to learn more.
Want to be notified whenever a new Symfony release is published? Or when a version is not maintained anymore? Or only when a security issue is fixed? Consider subscribing to the Symfony Roadmap Notifications.
the links to cve... don't work
@Francesco they don't work temporarily until the related CVE blog posts aren't published. But links work now. Thanks!