stable

php-symfony3-3.4.14-1.fc28

FEDORA-2018-9c38d1dc1d created by siwinski 4 years ago for Fedora 28

3.4.14 (2018-08-01)

  • security #cve-2018-14774 [HttpKernel] fix trusted headers management in HttpCache and InlineFragmentRenderer (nicolas-grekas)
  • security #cve-2018-14773 [HttpFoundation] Remove support for legacy and risky HTTP headers (nicolas-grekas)
  • bug #28003 [HttpKernel] Fixes invalid REMOTE_ADDR in inline subrequest when configuring trusted proxy with subnet (netiul)
  • bug #28007 [FrameworkBundle] fixed guard event names for transitions (destillat)
  • bug #28045 [HttpFoundation] Fix Cookie::isCleared (ro0NL)
  • bug #28080 [HttpFoundation] fixed using _method parameter with invalid type (Phobetor)
  • bug #28052 [HttpKernel] Fix merging bindings for controllers' locators (nicolas-grekas)

3.4.13 (2018-07-23)

  • bug #28005 [HttpKernel] Fixed templateExists on parse error of the template name (yceruto)
  • bug #27997 Serbo-Croatian has Serbian plural rule (kylekatarnls)
  • bug #26193 Fix false-positive deprecation notices for TranslationLoader and WriteCheckSessionHandler (iquito)
  • bug #27941 [WebProfilerBundle] Fixed icon alignment issue using Bootstrap 4.1.2 (jmsche)
  • bug #27937 [HttpFoundation] reset callback on StreamedResponse when setNotModified() is called (rubencm)
  • bug #27927 [HttpFoundation] Suppress side effects in 'get' and 'has' methods of NamespacedAttributeBag (webnet-fr)
  • bug #27923 [Form/Profiler] Massively reducing memory footprint of form profiling pages... (VincentChalnot)
  • bug #27918 [Console] correctly return parameter's default value on "--" (seschwar)
  • bug #27904 [Filesystem] fix lock file permissions (fritzmg)
  • bug #27903 [Lock] fix lock file permissions (fritzmg)
  • bug #27889 [Form] Replace .initialism with .text-uppercase. (vudaltsov)
  • bug #27902 Fix the detection of the Process new argument (stof)
  • bug #27885 [HttpFoundation] don't encode cookie name for BC (nicolas-grekas)
  • bug #27782 [DI] Fix dumping ignore-on-uninitialized references to synthetic services (nicolas-grekas)
  • bug #27435 [OptionResolver] resolve arrays (Doctrs)
  • bug #27728 [TwigBridge] Fix missing path and separators in loader paths list on debug:twig output (yceruto)
  • bug #27837 [PropertyInfo] Fix dock block lookup fallback loop (DerManoMann)
  • bug #27758 [WebProfilerBundle] Prevent toolbar links color override by css (alcalyn)
  • bug #27834 [DI] Don't show internal service id on binding errors (nicolas-grekas)
  • bug #27831 Check for Hyper terminal on all operating systems. (azjezz)
  • bug #27794 Add color support for Hyper terminal . (azjezz)
  • bug #27809 [HttpFoundation] Fix tests: new message for status 425 (dunglas)
  • bug #27618 [PropertyInfo] added handling of nullable types in PhpDoc (oxan)
  • bug #27659 [HttpKernel] Make AbstractTestSessionListener compatible with CookieClearingLogoutHandler (thewilkybarkid)
  • bug #27752 [Cache] provider does not respect option maxIdLength with versioning enabled (Constantine Shtompel)
  • bug #27776 [ProxyManagerBridge] Fix support of private services (bis) (nicolas-grekas)
  • bug #27714 [HttpFoundation] fix session tracking counter (nicolas-grekas, dmaicher)
  • bug #27747 [HttpFoundation] fix registration of session proxies (nicolas-grekas)
  • bug #27722 Redesign the Debug error page in prod (javiereguiluz)
  • bug #27716 [DI] fix dumping deprecated service in yaml (nicolas-grekas)

How to install

sudo dnf upgrade --refresh --advisory=FEDORA-2018-9c38d1dc1d

This update has been submitted for testing by siwinski.

4 years ago

This update has been pushed to testing.

4 years ago

This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes

4 years ago

This update has been submitted for batched by siwinski.

4 years ago

This update has been submitted for stable by siwinski.

4 years ago

siwinski edited this update.

4 years ago

This update has been pushed to stable.

4 years ago

Please login to add feedback.

Metadata
Type
security
Karma
0
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
disabled
Dates
submitted
4 years ago
in testing
4 years ago
in stable
4 years ago
modified
4 years ago
BZ#1611906 CVE-2018-14773 php-symfony: Legacy HTTP headers allow users to modify URLs and bypass restrictions
0
0
BZ#1611909 CVE-2018-14773 php-symfony3: php-symfony: Legacy HTTP headers allow users to modify URLs and bypass restrictions [fedora-all]
0
0

Automated Test Results

ignored