Symfony News: Symfony 3.3.17 released

Symfony 3.3.17 released

Symfony 3.3.17 has just been released. Here is a list of the most important changes:

security #cve-2018-11407 [Ldap] cast to string when checking empty passwords
security #cve-2018-11408 [SecurityBundle] Fail if security.htt _utils cannot be configured
security #cve-2018-11406 clear CSRF tokens when the user is logged out
security #cve-2018-11385 migrating session for UsernamePasswordJsonAuthenticationListener
security #cve-2018-11386 [HttpFoundation] Break infinite loop in PdoSessionHandler when MySQL is in loose mode

Want to upgrade to this new release? Fortunately, because Symfony protects backwards-compatibility very closely, this should be quite easy. Read our upgrade documentation to learn more.

Want to be notified whenever a new Symfony release is published? Or when a version is not maintained anymore? Or only when a security issue is fixed? Consider subscribing to the Symfony Roadmap Notifications.

Be trained by Symfony experts - 2018-05-28 Paris - 2018-05-28 Paris - 2018-05-30 Paris

Source: https://symfony.com/blog

About us

What a Symfony developer should know about the framework: News, Jobs, Tweets, Events, Videos,...

Welcome to Symfony News !
More About us
Contact us on contact[at]symfony-news.com

Resources

Symfony Blog

Find us on Twitter

Tweets by @symfony_news

Symfony News

Symfony 3.3.17 released

About us

Resources

Find us on Twitter

Find us on Facebook