Cover of the book Symfony 5: The Fast Track

Symfony 5: The Fast Track is the best book to learn modern Symfony development, from zero to production. +300 pages showcasing Symfony with Docker, APIs, queues & async tasks, Webpack, SPAs, etc.

Symfony 4.3.8 released

Warning: This post is about an unsupported Symfony version. Some of this information may be out of date. Read the most recent Symfony Docs.

Symfony 4.3.8 has just been released. Here is a list of the most important changes:

  • bug #34344 [Console] Constant STDOUT might be undefined (@nicolas-grekas)
  • security #cve-2019-18886 [SecurityCore] throw AccessDeniedException when switch user fails (@nicolas-grekas)
  • security #cve-2019-18888 [Mime] fix guessing mime-types of files with leading dash (@nicolas-grekas)
  • security #cve-2019-11325 [VarExporter] fix exporting some strings (@nicolas-grekas)
  • security #cve-2019-18889 [Cache] forbid serializing AbstractAdapter and TagAwareAdapter instances (@nicolas-grekas)
  • security #cve-2019-18888 [HttpFoundation] fix guessing mime-types of files with leading dash (@nicolas-grekas)
  • security #cve-2019-18887 [HttpKernel] Use constant time comparison in UriSigner (@stof)

Want to upgrade to this new release? Fortunately, because Symfony protects backwards-compatibility very closely, this should be quite easy. Read our upgrade documentation to learn more.

Want to be notified whenever a new Symfony release is published? Or when a version is not maintained anymore? Or only when a security issue is fixed? Consider subscribing to the Symfony Roadmap Notifications.

Help the Symfony project!

As with any Open-Source project, contributing code or documentation is the most common way to help, but we also have a wide range of sponsoring opportunities.


Comments are closed.

To ensure that comments stay relevant, they are closed for old posts.