Symfony 2.8.52 released

Symfony 2.8.52 has just been released. Here is a list of the most important changes:

  • security #cve-2019-18888 [HttpFoundation] fix guessing mime-types of files with leading dash (@nicolas-grekas)
  • security #cve-2019-18887 [HttpKernel] Use constant time comparison in UriSigner (@stof)

Want to upgrade to this new release? Fortunately, because Symfony protects backwards-compatibility very closely, this should be quite easy. Read our upgrade documentation to learn more.

Want to be notified whenever a new Symfony release is published? Or when a version is not maintained anymore? Or only when a security issue is fixed? Consider subscribing to the Symfony Roadmap Notifications.

Comments

Login with SymfonyConnect to post a comment