FEDORA-2018-4deae442f2

security update in Fedora 27 for php-symfony

Status: stable a year ago

2.8.44 (2018-08-01)

  • security #cve-2018-14774 [HttpKernel] fix trusted headers management in HttpCache and InlineFragmentRenderer (nicolas-grekas)
  • security #cve-2018-14773 [HttpFoundation] Remove support for legacy and risky HTTP headers (nicolas-grekas)
  • bug #28003 [HttpKernel] Fixes invalid REMOTE_ADDR in inline subrequest when configuring trusted proxy with subnet (netiul)
  • bug #28045 [HttpFoundation] Fix Cookie::isCleared (ro0NL)
  • bug #28080 [HttpFoundation] fixed using _method parameter with invalid type (Phobetor)

2.8.43 (2018-07-23)

  • bug #28005 [HttpKernel] Fixed templateExists on parse error of the template name (yceruto)
  • bug #27997 Serbo-Croatian has Serbian plural rule (kylekatarnls)
  • bug #27941 [WebProfilerBundle] Fixed icon alignment issue using Bootstrap 4.1.2 (jmsche)
  • bug #27937 [HttpFoundation] reset callback on StreamedResponse when setNotModified() is called (rubencm)
  • bug #27927 [HttpFoundation] Suppress side effects in 'get' and 'has' methods of NamespacedAttributeBag (webnet-fr)
  • bug #27904 [Filesystem] fix lock file permissions (fritzmg)
  • bug #27758 [WebProfilerBundle] Prevent toolbar links color override by css (alcalyn)
  • bug #27831 Check for Hyper terminal on all operating systems. (azjezz)
  • bug #27794 Add color support for Hyper terminal . (azjezz)
  • bug #27809 [HttpFoundation] Fix tests: new message for status 425 (dunglas)
  • bug #27716 [DI] fix dumping deprecated service in yaml (nicolas-grekas)

Comments 7

This update has been submitted for testing by siwinski.

This update has been pushed to testing.

This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes

This update has been submitted for batched by siwinski.

This update has been submitted for stable by siwinski.

siwinski edited this update.

This update has been pushed to stable.

Add Comment & Feedback

Please login to add feedback.

Content Type
RPM
Status
stable
Test Gating
Submitted by
Update Type
security
Update Severity
unspecified
Karma
0
stable threshold: 3
unstable threshold: -3
Autopush (karma)
Enabled
Autopush (time)
Disabled
Dates
submitted a year ago
in testing a year ago
in stable a year ago
modified a year ago

Related Bugs 2

00 #1611906 CVE-2018-14773 php-symfony: Legacy HTTP headers allow users to modify URLs and bypass restrictions
00 #1611907 CVE-2018-14773 php-symfony: Legacy HTTP headers allow users to modify URLs and bypass restrictions [fedora-all]

Automated Test Results