FEDORA-2018-c8ddc44bbb

security update in Fedora 27 for php-symfony3

Status: stable a year ago

3.3.17 (2018-05-25)

  • security #cve-2018-11407 [Ldap] cast to string when checking empty passwords
  • security #cve-2018-11408 [SecurityBundle] Fail if security.http_utils cannot be configured
  • security #cve-2018-11406 clear CSRF tokens when the user is logged out
  • security #cve-2018-11385 migrating session for UsernamePasswordJsonAuthenticationListener
  • security #cve-2018-11386 [HttpFoundation] Break infinite loop in PdoSessionHandler when MySQL is in loose mode

Comments 6

This update has been submitted for testing by siwinski.

This update has been pushed to testing.

This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes

This update has been submitted for batched by siwinski.

This update has been submitted for stable by siwinski.

This update has been pushed to stable.

Add Comment & Feedback

Please login to add feedback.

Content Type
RPM
Status
stable
Test Gating
Submitted by
Update Type
security
Update Severity
unspecified
Karma
0
stable threshold: 3
unstable threshold: -3
Autopush (karma)
Enabled
Autopush (time)
Disabled
Dates
submitted a year ago
in testing a year ago
in stable a year ago

Related Bugs 2

00 #1591300 CVE-2017-16652 CVE-2018-11385 CVE-2018-11386 CVE-2018-11406 CVE-2018-11407 CVE-2018-11408 php-symfony: Multiple flaws
00 #1591750 CVE-2017-16652 CVE-2018-11385 CVE-2018-11386 CVE-2018-11406 CVE-2018-11407 CVE-2018-11408 php-symfony3: php-symfony: Multiple flaws [fedora-all]

Automated Test Results