SymfonyWorld Online 2021 Winter Edition December 9 – 10, 2021 100% Online +20 talks and workshops

Symfony 5.3.12 released

Symfony 5.3 is backed by JoliCode. JoliCode is a team of passionate developers and open-source lovers, with a strong expertise in PHP & Symfony technologies. They can help you build your projects using state-of-the-art practices.

Symfony 5.3.12 has just been released. Here is a list of the most important changes:

  • security #cve-2021-41268 [SecurityBundle] Default signature_properties to the previous behavior (@wouterj)
  • security #cve-2021-41267 [HttpKernel] Fix missing extra trusted header in sub-request (@jderusse)
  • security #cve-2021-41270 [Serializer] Use single quote to escape formulas (@jderusse)
  • bug #44232 [Cache] fix connecting to local Redis sockets (@nicolas-grekas)
  • bug #44204 [HttpClient] fix closing curl multi handle when destructing client (@nicolas-grekas)
  • bug #44208 [Process] exclude argv/argc from possible default env vars (@nicolas-grekas)

Want to upgrade to this new release? Because Symfony protects backwards-compatibility very closely, this should be quite easy. Use SymfonyInsight upgrade reports to detect the code you will need to change in your project and read our upgrade documentation to learn more.

Want to be notified whenever a new Symfony release is published? Or when a version is not maintained anymore? Or only when a security issue is fixed? Consider subscribing to the Symfony Roadmap Notifications.

Help the Symfony project!

As with any Open-Source project, contributing code or documentation is the most common way to help, but we also have a wide range of sponsoring opportunities.

Comments

@fabpot: The CVEs links lead into nowhere?
Login with SymfonyConnect to post a comment