A new Symfony minor version release is a good opportunity to deprecate some features in preparation for their removal in the next major version. In Symfony 7.2, we've deprecated the following features that will be removed in Symfony 8.0.

Deprecated Session… https://symfony.com/blog/new-in-symfony-7-2-deprecations?utm_source=Symfony%20Blog%20Feed&utm_medium=feed

Contributed by Nicolas Grekas in

58095…

https://symfony.com/blog/new-in-symfony-7-2-stateless-csrf?utm_source=Symfony%20Blog%20Feed&utm_medium=feed

In Symfony 7.2, we improved the Serializer component with some new features.

Support DateTime Subclasses

    Contributed by
                Attila Szeremi…

https://symfony.com/blog/new-in-symfony-7-2-serializer-improvements?utm_source=Symfony%20Blog%20Feed&utm_medium=feed

This week, Symfony 5.4.47, 6.4.15, and 7.1.8 maintenance versions were released. Additionally, the second release candidate of Symfony 7.2 was published, ahead of its final release scheduled for the end of November 2024. Lastly, we published two new security… https://symfony.com/blog/a-week-of-symfony-933-11-17-november-2024?utm_source=Symfony%20Blog%20Feed&utm_medium=feed

Contributed by Mathias Arlaud in

57630

                 and…

https://symfony.com/blog/new-in-symfony-7-2-redesigned-typeinfo-component?utm_source=Symfony%20Blog%20Feed&utm_medium=feed

SymfonyOnline January 2025 is coming up soon, running on January 16-17, and it’s going to be a great two-day online conference! Get ready for top-notch insights, inspiring schedule & speakers, and countless chances to elevate your Symfony skills… https://symfony.com/blog/symfonyonline-january-2025-is-coming-up-soon-join-us-online?utm_source=Symfony%20Blog%20Feed&utm_medium=feed

In Symfony 7.2, we've improved many existing commands with new options and features.

Resolve Env Vars when Linting the Container

    Contributed by
                Gabriel…

https://symfony.com/blog/new-in-symfony-7-2-new-command-options?utm_source=Symfony%20Blog%20Feed&utm_medium=feed

Symfony 7.1.8 has just been released. Here is the list of the most important changes since 7.1.7:

security #cve-2024-50342 [HttpClient] Resolve hostnames in NoPrivateNetworkHttpClient (@nicolas-grekas)

security #cve-2024-51996 [Security] Check owner… https://symfony.com/blog/symfony-7-1-8-released?utm_source=Symfony%20Blog%20Feed&utm_medium=feed

Affected versions

Symfony versions >=5.3, <5.4.47; >=6, <6.4.15; >=7, <7.1.8 of the Symfony Security-Http component are affected by this security issue.

The issue has been fixed in Symfony 5.4.47, 6.4.15, and 7.1.8.

Description

Whan consuming… https://symfony.com/blog/cve-2024-51996-authentication-bypass-via-persisted-rememberme-cookie?utm_source=Symfony%20Blog%20Feed&utm_medium=feed

The patch released last week for CVE-2024-50342 was incomplete. New versions have just been released to address it. https://symfony.com/blog/update-for-cve-2024-50342-internal-address-and-port-enumeration-allowed-by-noprivatenetworkhttpclient?utm_source=Symfony%20Blog%20Feed&utm_medium=feed