Symfony News: Latest Symfony News

A Week of Symfony #643 (22-28 April 2019)

This week, the upcoming Symfony 4.3 version optimized the filesystem and Redis cache when using tags and continued working on timezones and forms improvements. Meanwhile, the first edition of the Symf...

New in Symfony 4.3: Number constraints

Contributed by Jan Schädlich in #28637. The Symfony Validator component was originally ...

New in Symfony 4.3: Better HTML5 parser for DomCrawler

Contributed by Titouan Galopin in #29306 and #30892. The DomCrawler compone...

New in Symfony 4.3: Improved HttpCache logging

Contributed by Matthias Pigulla in #30964. The Symfony Reverse Proxy provided by the Ht...

New in Symfony 4.3: URL Helper

Contributed by Valentin Udaltsov in #30862. Generating absolute (and relative) URLs for...

A Week of Symfony #642 (15-21 April 2019)

This week, Symfony 2.7.51, 2.8.50, 3.4.26, 4.1.12 and 4.2.7 versions were released to address some security issues. Meanwhile, the upcoming Symfony 4.3 version added a native password hasher which cho...

CVE-2019-10913: Reject invalid HTTP method overrides

Affected versions Symfony 2.7.0 to 2.7.50, 2.8.0 to 2.8.49, 3.4.0 to 3.4.25, 4.1.0 to 4.1.11 and 4.2.0 to 4.2.6 versions of the Symfony HttpFoundation component are affected by this security issue. ...

CVE-2019-10910: Check service IDs are valid

Affected versions Symfony 2.7.0 to 2.7.50, 2.8.0 to 2.8.49, 3.4.0 to 3.4.25, 4.1.0 to 4.1.11 and 4.2.0 to 4.2.6 versions of the Symfony Dependency Injection component are affected by this security is...

CVE-2019-10911: Add a separator in the remember me cookie hash

Affected versions Symfony 2.7.0 to 2.7.50, 2.8.0 to 2.8.49, 3.4.0 to 3.4.25, 4.1.0 to 4.1.11 and 4.2.0 to 4.2.6 versions of Symfony Security component are affected by this security issue. The issue ...

CVE-2019-10909: Escape validation messages in the PHP templating engine

Affected versions Symfony 2.7.0 to 2.7.50, 2.8.0 to 2.8.49, 3.4.0 to 3.4.25, 4.1.0 to 4.1.11 and 4.2.0 to 4.2.6 versions of Symfony Framework Bundle templating are affected by this security issue. T...

CVE-2019-10912: Prevent destructors with side-effects from being unserialized

Affected versions Symfony 2.8.0 to 2.8.49, 3.4.0 to 3.4.25, 4.1.0 to 4.1.11 and 4.2.0 to 4.2.6 versions of the Symfony Cache component are affected by this security issue. The issue has been fixed i...

Symfony 4.2.7 released

Symfony 4.2.7 has just been released. Here is a list of the most important changes: bug #31107 [Routing] fix trailing slash redirection with non-greedy trailing vars (@nicolas-grekas) bug #31108 ...

Symfony 4.1.12 released

Symfony 4.1.12 has just been released. Here is a list of the most important changes: security #cve-2019-10910 [DI] Check service IDs are valid (@nicolas-grekas) security #cve-2019-10909 [Framewor...

Symfony 3.4.26 released

Symfony 3.4.26 has just been released. Here is a list of the most important changes: bug #31084 [HttpFoundation] Make MimeTypeExtensionGuesser case insensitive (@vermeirentony) bug #31142 Revert ...

Symfony 2.8.50 released

Symfony 2.8.50 has just been released. Here is a list of the most important changes: security #cve-2019-10910 [DI] Check service IDs are valid (@nicolas-grekas) security #cve-2019-10909 [Framewor...

Symfony 2.7.51 released

Symfony 2.7.51 has just been released. Here is a list of the most important changes: security #cve-2019-10910 [DI] Check service IDs are valid (@nicolas-grekas) security #cve-2019-10909 [Framewor...

New in Symfony 4.3: Sodium password encoder

Contributed by Robin Chalas in #31019. In Symfony 3.4 we added an Argon2i password hash...

New in Symfony 4.3: Simpler access to Intl data

Contributed by Roland Franssen in #28846. The ICU project ("International Componen...

Symfony 4.2.6 released

Symfony 4.2.6 has just been released. Here is a list of the most important changes: bug #31088 [DI] fix removing non-shared definition while inlining them (@nicolas-grekas) bug #29944 [DI] Overri...

Symfony 3.4.25 released

Symfony 3.4.25 has just been released. Here is a list of the most important changes: bug #29944 [DI] Overriding services autowired by name under _defaults bind not working (@przemyslaw-bogusz, &#...

Symfony News

Latest News

A Week of Symfony #643 (22-28 April 2019)

New in Symfony 4.3: Number constraints

New in Symfony 4.3: Better HTML5 parser for DomCrawler

New in Symfony 4.3: Improved HttpCache logging

New in Symfony 4.3: URL Helper

A Week of Symfony #642 (15-21 April 2019)

CVE-2019-10913: Reject invalid HTTP method overrides

CVE-2019-10910: Check service IDs are valid

CVE-2019-10911: Add a separator in the remember me cookie hash

CVE-2019-10909: Escape validation messages in the PHP templating engine

CVE-2019-10912: Prevent destructors with side-effects from being unserialized

Symfony 4.2.7 released

Symfony 4.1.12 released

Symfony 3.4.26 released

Symfony 2.8.50 released

Symfony 2.7.51 released

New in Symfony 4.3: Sodium password encoder

New in Symfony 4.3: Simpler access to Intl data

Symfony 4.2.6 released

Symfony 3.4.25 released

About us

Resources

Find us on Twitter

Find us on Facebook

ADS