Affected versions
Symfony versions <5.4.46; >=6, <6.4.14; >=7, <7.1.7 of the Symfony HttpClient component are affected by this security issue.
The issue has been fixed in Symfony 5.4.46, 6.4.14, and 7.1.7.
Description
When using the NoPrivateNetworkHttpClient,… https://symfony.com/blog/cve-2024-50342-internal-address-and-port-enumeration-allowed-by-noprivatenetworkhttpclient?utm_source=Symfony%20Blog%20Feed&utm_medium=feed
Affected versions
Symfony versions <5.4.46; >=6, <6.4.14; >=7, <7.1.7 of the Symfony Runtime component are affected by this security issue.
The issue has been fixed in Symfony 5.4.46, 6.4.14, and 7.1.7.
Description
When the register_argv_argc… https://symfony.com/blog/cve-2024-50340-ability-to-change-environment-from-query?utm_source=Symfony%20Blog%20Feed&utm_medium=feed
Symfony 6.4.14 has just been released. Here is the list of the most important changes since 6.4.13:
bug #58772 [DoctrineBridge] Backport detection fix of Xml/Yaml driver in DoctrineExtension (@MatTheCat)security #cve-2024-51736 [Process] Use PATH before… https://symfony.com/blog/symfony-6-4-14-released?utm_source=Symfony%20Blog%20Feed&utm_medium=feed
Symfony 7.1.7 has just been released. Here is the list of the most important changes since 7.1.6:
bug #58772 [DoctrineBridge] Backport detection fix of Xml/Yaml driver in DoctrineExtension (@MatTheCat)security #cve-2024-51736 [Process] Use PATH before… https://symfony.com/blog/symfony-7-1-7-released?utm_source=Symfony%20Blog%20Feed&utm_medium=feed
Symfony 7.2.0-BETA2 has just been released. Here is the list of the most important changes since 7.2.0-BETA1:
bug #58776 [DependencyInjection][HttpClient][Routing] Reject URIs that contain invalid characters (@nicolas-grekas)bug #58772 [DoctrineBridge]… https://symfony.com/blog/symfony-7-2-0-beta2-released?utm_source=Symfony%20Blog%20Feed&utm_medium=feed
The Mime component provides tools to create and manipulate MIME messages. In Symfony 7.2, we introduced new features to improve it.
Custom MIME Encoders
Contributed by…
SymfonyCon Vienna 2024, our next annual international Symfony conference, will take place on:
December 3 & 4: Two days of hands-on workshops to learn, practice, and enhance your skills in small groups. December 5 & 6: Three English-speaking… https://symfony.com/blog/symfonycon-vienna-2024-the-role-of-empathy-in-technical-writing?utm_source=Symfony%20Blog%20Feed&utm_medium=feed
Contributed by HypeMC in
53508
and…
This week, Symfony 5.4.45, 6.4.13, and 7.1.6 maintenance versions were released. We also published the first beta version of Symfony 7.2, so you can start testing it in your own applications before its release at the end of November 2024. Lastly, we shared… https://symfony.com/blog/a-week-of-symfony-931-28-october-3-november-2024?utm_source=Symfony%20Blog%20Feed&utm_medium=feed
SymfonyCon Vienna 2024, our next annual international Symfony conference, will take place on:
December 3 & 4: Two days of hands-on workshops to learn, practice, and enhance your skills in small groups. December 5 & 6: Three English-speaking… https://symfony.com/blog/symfonycon-vienna-2024-building-a-fraud-prevention-component-using-symfony?utm_source=Symfony%20Blog%20Feed&utm_medium=feed
