Contributed by Mathias Arlaud in
57630
and…
SymfonyOnline January 2025 is coming up soon, running on January 16-17, and it’s going to be a great two-day online conference! Get ready for top-notch insights, inspiring schedule & speakers, and countless chances to elevate your Symfony skills… https://symfony.com/blog/symfonyonline-january-2025-is-coming-up-soon-join-us-online?utm_source=Symfony%20Blog%20Feed&utm_medium=feed
In Symfony 7.2, we've improved many existing commands with new options and features.
Resolve Env Vars when Linting the Container
Contributed by
Gabriel…
Symfony 7.1.8 has just been released. Here is the list of the most important changes since 7.1.7:
security #cve-2024-50342 [HttpClient] Resolve hostnames in NoPrivateNetworkHttpClient (@nicolas-grekas)security #cve-2024-51996 [Security] Check owner… https://symfony.com/blog/symfony-7-1-8-released?utm_source=Symfony%20Blog%20Feed&utm_medium=feed
Affected versions
Symfony versions >=5.3, <5.4.47; >=6, <6.4.15; >=7, <7.1.8 of the Symfony Security-Http component are affected by this security issue.
The issue has been fixed in Symfony 5.4.47, 6.4.15, and 7.1.8.
Description
Whan consuming… https://symfony.com/blog/cve-2024-51996-authentication-bypass-via-persisted-rememberme-cookie?utm_source=Symfony%20Blog%20Feed&utm_medium=feed
The patch released last week for CVE-2024-50342 was incomplete. New versions have just been released to address it. https://symfony.com/blog/update-for-cve-2024-50342-internal-address-and-port-enumeration-allowed-by-noprivatenetworkhttpclient?utm_source=Symfony%20Blog%20Feed&utm_medium=feed
Symfony 7.2.0-RC1 has just been released. Here is the list of the most important changes since 7.2.0-BETA2:
feature #58852 [TypeInfo] Remove @experimental tag (@mtarld)feature #57630 [TypeInfo] Redesign Type methods and nullability (@mtarld) security… https://symfony.com/blog/symfony-7-2-0-rc1-released?utm_source=Symfony%20Blog%20Feed&utm_medium=feed
Symfony 5.4.47 has just been released. Here is the list of the most important changes since 5.4.46:
security #cve-2024-50342 [HttpClient] Resolve hostnames in NoPrivateNetworkHttpClient (@nicolas-grekas)security #cve-2024-51996 [Security] Check owner… https://symfony.com/blog/symfony-5-4-47-released?utm_source=Symfony%20Blog%20Feed&utm_medium=feed
Symfony 6.4.15 has just been released. Here is the list of the most important changes since 6.4.14:
security #cve-2024-50342 [HttpClient] Resolve hostnames in NoPrivateNetworkHttpClient (@nicolas-grekas)security #cve-2024-51996 [Security] Check owner… https://symfony.com/blog/symfony-6-4-15-released?utm_source=Symfony%20Blog%20Feed&utm_medium=feed
