{"update": {"autokarma": true, "autotime": false, "stable_karma": 3, "stable_days": 0, "unstable_karma": -3, "require_bugs": true, "require_testcases": true, "display_name": "", "notes": "## 3.4.14 (2018-08-01)\n\n * security #cve-2018-14774 [HttpKernel] fix trusted headers management in HttpCache and InlineFragmentRenderer (nicolas-grekas)\n * security #cve-2018-14773 [HttpFoundation] Remove support for legacy and risky HTTP headers (nicolas-grekas)\n * bug #28003 [HttpKernel] Fixes invalid REMOTE_ADDR in inline subrequest when configuring trusted proxy with subnet (netiul)\n * bug #28007 [FrameworkBundle] fixed guard event names for transitions (destillat)\n * bug #28045 [HttpFoundation] Fix Cookie::isCleared (ro0NL)\n * bug #28080 [HttpFoundation] fixed using _method parameter with invalid type (Phobetor)\n * bug #28052 [HttpKernel] Fix merging bindings for controllers' locators (nicolas-grekas)\n\n## 3.4.13 (2018-07-23)\n\n * bug #28005 [HttpKernel] Fixed templateExists on parse error of the template name (yceruto)\n * bug #27997 Serbo-Croatian has Serbian plural rule (kylekatarnls)\n * bug #26193 Fix false-positive deprecation notices for TranslationLoader and WriteCheckSessionHandler (iquito)\n * bug #27941 [WebProfilerBundle] Fixed icon alignment issue using Bootstrap 4.1.2 (jmsche)\n * bug #27937 [HttpFoundation] reset callback on StreamedResponse when setNotModified() is called (rubencm)\n * bug #27927 [HttpFoundation] Suppress side effects in 'get' and 'has' methods of NamespacedAttributeBag (webnet-fr)\n * bug #27923 [Form/Profiler] Massively reducing memory footprint of form profiling pages... (VincentChalnot)\n * bug #27918 [Console] correctly return parameter's default value on \"--\" (seschwar)\n * bug #27904 [Filesystem] fix lock file permissions (fritzmg)\n * bug #27903 [Lock] fix lock file permissions (fritzmg)\n * bug #27889 [Form] Replace .initialism with .text-uppercase. (vudaltsov)\n * bug #27902 Fix the detection of the Process new argument (stof)\n * bug #27885 [HttpFoundation] don't encode cookie name for BC (nicolas-grekas)\n * bug #27782 [DI] Fix dumping ignore-on-uninitialized references to synthetic services (nicolas-grekas)\n * bug #27435 [OptionResolver] resolve arrays (Doctrs)\n * bug #27728 [TwigBridge] Fix missing path and separators in loader paths list on debug:twig output (yceruto)\n * bug #27837 [PropertyInfo] Fix dock block lookup fallback loop (DerManoMann)\n * bug #27758 [WebProfilerBundle] Prevent toolbar links color override by css (alcalyn)\n * bug #27834 [DI] Don't show internal service id on binding errors (nicolas-grekas)\n * bug #27831  Check for Hyper terminal on all operating systems.  (azjezz)\n * bug #27794 Add color support for Hyper terminal . (azjezz)\n * bug #27809 [HttpFoundation] Fix tests: new message for status 425 (dunglas)\n * bug #27618 [PropertyInfo] added handling of nullable types in PhpDoc (oxan)\n * bug #27659 [HttpKernel] Make AbstractTestSessionListener compatible with CookieClearingLogoutHandler (thewilkybarkid)\n * bug #27752 [Cache] provider does not respect option maxIdLength with versioning enabled (Constantine Shtompel)\n * bug #27776 [ProxyManagerBridge] Fix support of private services (bis) (nicolas-grekas)\n * bug #27714 [HttpFoundation] fix session tracking counter (nicolas-grekas, dmaicher)\n * bug #27747 [HttpFoundation] fix registration of session proxies (nicolas-grekas)\n * bug #27722 Redesign the Debug error page in prod (javiereguiluz)\n * bug #27716 [DI] fix dumping deprecated service in yaml (nicolas-grekas)\n", "type": "security", "status": "stable", "request": null, "severity": "unspecified", "suggest": "unspecified", "locked": false, "pushed": true, "critpath": false, "critpath_groups": null, "close_bugs": true, "date_submitted": "2018-08-01 21:59:40", "date_modified": "2018-08-11 04:35:36", "date_approved": null, "date_testing": "2018-08-02 17:16:12", "date_stable": "2018-08-14 21:06:35", "alias": "FEDORA-2018-9c38d1dc1d", "test_gating_status": "ignored", "from_tag": null, "date_pushed": "2018-08-14 21:06:35", "meets_testing_requirements": true, "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2018-9c38d1dc1d", "title": "php-symfony3-3.4.14-1.fc28", "version_hash": "e1577054e6123134d3fa0f0cf08e5554303dd3da", "release": {"name": "F28", "long_name": "Fedora 28", "version": "28", "id_prefix": "FEDORA", "branch": "f28", "dist_tag": "f28", "stable_tag": "f28-updates", "testing_tag": "f28-updates-testing", "candidate_tag": "f28-updates-candidate", "pending_signing_tag": "f28-signing-pending", "pending_testing_tag": "f28-updates-testing-pending", "pending_stable_tag": "f28-updates-pending", "override_tag": "f28-override", "mail_template": "fedora_errata_template", "state": "archived", "composed_by_bodhi": true, "create_automatic_updates": null, "package_manager": "dnf", "testing_repository": "updates-testing", "released_on": null, "eol": null, "critpath_mandatory_days_in_testing": 14, "mandatory_days_in_testing": 7, "critpath_min_karma": 2, "min_karma": 1, "setting_status": null}, "user": {"name": "siwinski", "email": "shawn@iwin.ski", "id": 130, "avatar": "https://seccdn.libravatar.org/avatar/d42670db55f2a02bd45bb03a22919c9013b73f6ae62d6c1a9a2eab3afefa3334?s=24&d=retro", "openid": "siwinski.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}]}, "comments": [{"karma": 0, "karma_critpath": 0, "text": "This update has been submitted for testing by siwinski. ", "timestamp": "2018-08-01 21:59:40", "update_id": 120260, "user_id": 91, "id": 817888, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been pushed to testing.", "timestamp": "2018-08-02 17:18:05", "update_id": 120260, "user_id": 91, "id": 818201, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes", "timestamp": "2018-08-09 18:00:35", "update_id": 120260, "user_id": 91, "id": 820608, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been submitted for batched by siwinski. ", "timestamp": "2018-08-11 04:28:01", "update_id": 120260, "user_id": 91, "id": 821091, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been submitted for stable by siwinski. ", "timestamp": "2018-08-11 04:28:19", "update_id": 120260, "user_id": 91, "id": 821094, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "siwinski edited this update.", "timestamp": "2018-08-11 04:35:35", "update_id": 120260, "user_id": 91, "id": 821111, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been pushed to stable.", "timestamp": "2018-08-14 21:11:24", "update_id": 120260, "user_id": 91, "id": 822286, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}], "builds": [{"nvr": "php-symfony3-3.4.14-1.fc28", "signed": true, "release_id": 21, "type": "rpm", "epoch": 0}], "bugs": [{"bug_id": 1611906, "title": "CVE-2018-14773 php-symfony: Legacy HTTP headers allow users to modify URLs and bypass restrictions", "security": true, "parent": true, "feedback": []}, {"bug_id": 1611909, "title": "CVE-2018-14773 php-symfony3: php-symfony: Legacy HTTP headers allow users to modify URLs and bypass restrictions [fedora-all]", "security": true, "parent": false, "feedback": []}], "updateid": "FEDORA-2018-9c38d1dc1d", "karma": 0, "content_type": "rpm", "test_cases": []}, "can_edit": false, "ci_allowed": false}