Symfony News: Latest Symfony News

New in Symfony 4.4: Service Container Linter

Contributed by Julien Maulny, Guilhem N, ...

New in Symfony 4.4: IP Address Anonymizer

Contributed by Jordi Boggiano in #32194. Privacy is an increasingly important compliance...

New in Symfony 4.4: HttpClient Improvements

Contributed by Nicolas Grekas in #31641, #31831, #31976, #32104, ...

Symfony 5.0.0-RC1 released

Symfony 5.0.0-RC1 has just been released. Here is a list of the most important changes: bug #34419 [Cache] Disable igbinary on PHP >= 7.4 (@nicolas-grekas) bug #34347 [Messenger] Perform no de...

Symfony 4.4.0-RC1 released

Symfony 4.4.0-RC1 has just been released. Here is a list of the most important changes: bug #34419 [Cache] Disable igbinary on PHP >= 7.4 (@nicolas-grekas) bug #34347 [Messenger] Perform no de...

Symfony 5.0 curated new features

Symfony 5.0.0 is going to be released in a few days. It contains all new features from 4.4. But for the first time ever, Symfony 5.0.0 will come with new components that are marked as experimental: S...

Symfony 4.4 curated new features

Symfony 4.4.0 is going to be released in a few days. As for any other Symfony minor release, our backward compatibility promise applies and this means that you should be able to upgrade easily without...

A Week of Symfony #672 (11-17 November 2019)

This week, Symfony 2.8.52, 3.4.35, 4.2.12 and 4.3.8 versions were published to fix some security vulnerabilities. In addition, Symfony 4.4-beta and 5.0-beta were published so you can test these upcomi...

Let's talk at SymfonyCon!

In general conferences are a great place to learn, but even more to network, share and discuss ideas and meet new people. Unfortunately, not everybody feels equally comfortable approaching others, esp...

Updates About the "Symfony 5: The Fast Track" Book

A few weeks ago, we announced the publication of Symfony 5: The Fast Track, a new book about developing modern applications with Symfony 5. We're thrilled to announce that book contents have been comp...

CVE-2019-18888: Prevent argument injection in a MimeTypeGuesser

Affected versions Symfony 2.8.0 to 2.8.51, 3.4.0 to 3.4.34, 4.2.0 to 4.2.11 and 4.3.0 to 4.3.7 versions of the Symfony HttpFoundation component are affected by this security issue. Symfony 4.3.0 to ...

CVE-2019-11325: Fix escaping of strings in VarExporter

Affected versions Symfony 4.2.0 to 4.2.11 and 4.3.0 to 4.3.7 versions of the Symfony VarExporter component are affected by this security issue. The issue has been fixed in Symfony 4.2.12 and 4.3.8. ...

CVE-2019-18886: Prevent user enumeration using switch user functionality

Affected versions Symfony 4.2.0 to 4.2.11 and 4.3.0 to 4.3.7 versions of the Symfony Security/Http component are affected by this security issue. The issue has been fixed in Symfony 4.2.12 and 4.3....

CVE-2019-18887: Use constant time comparison in UriSigner

Affected versions Symfony 2.8.0 to 2.8.51, 3.4.0 to 3.4.34, 4.2.0 to 4.2.11 and 4.3.0 to 4.3.7 versions of the Symfony HttpKernel component are affected by this security issue. The issue has been f...

Symfony 5.0.0-BETA2 released

Symfony 5.0.0-BETA2 has just been released. Here is a list of the most important changes: bug #34344 [Console] Constant STDOUT might be undefined (@nicolas-grekas) bug #34348 [Serializer] Fix Pro...

CVE-2019-18889: Forbid serializing AbstractAdapter and TagAwareAdapter instances

Affected versions Symfony 3.4.0 to 3.4.34, 4.2.0 to 4.2.11 and 4.3.0 to 4.3.7 versions of the Symfony Cache component are affected by this security issue. The issue has been fixed in Symfony 3.4.35,...

Symfony 4.4.0-BETA2 released

Symfony 4.4.0-BETA2 has just been released. Here is a list of the most important changes: bug #34344 [Console] Constant STDOUT might be undefined (@nicolas-grekas) security #cve-2019-18886 [Secur...

Symfony 4.3.8 released

Symfony 4.3.8 has just been released. Here is a list of the most important changes: bug #34344 [Console] Constant STDOUT might be undefined (@nicolas-grekas) security #cve-2019-18886 [SecurityCor...

Symfony 4.2.12 released

Symfony 4.2.12 has just been released. Here is a list of the most important changes: security #cve-2019-18886 [SecurityCore] throw AccessDeniedException when switch user fails (@nicolas-grekas) s...

Symfony 3.4.35 released

Symfony 3.4.35 has just been released. Here is a list of the most important changes: bug #34344 [Console] Constant STDOUT might be undefined (@nicolas-grekas) security #cve-2019-18889 [Cache] for...

Symfony News

Latest News

New in Symfony 4.4: Service Container Linter

New in Symfony 4.4: IP Address Anonymizer

New in Symfony 4.4: HttpClient Improvements

Symfony 5.0.0-RC1 released

Symfony 4.4.0-RC1 released

Symfony 5.0 curated new features

Symfony 4.4 curated new features

A Week of Symfony #672 (11-17 November 2019)

Let's talk at SymfonyCon!

Updates About the "Symfony 5: The Fast Track" Book

CVE-2019-18888: Prevent argument injection in a MimeTypeGuesser

CVE-2019-11325: Fix escaping of strings in VarExporter

CVE-2019-18886: Prevent user enumeration using switch user functionality

CVE-2019-18887: Use constant time comparison in UriSigner

Symfony 5.0.0-BETA2 released

CVE-2019-18889: Forbid serializing AbstractAdapter and TagAwareAdapter instances

Symfony 4.4.0-BETA2 released

Symfony 4.3.8 released

Symfony 4.2.12 released

Symfony 3.4.35 released

About us

Resources

Find us on Twitter

Find us on Facebook

ADS