FEDORA-EPEL-2015-6672 created by siwinski 7 years ago for Fedora EPEL 6

2.3.30 (2015-05-30)

  • bug #14262 [REVERTED] [TwigBundle] Refresh twig paths when resources change. (aitboudad)

2.3.29 (2015-05-26)

  • security #14759 CVE-2015-4050 [HttpKernel] Do not call the FragmentListener if _controller is already defined (jakzal)
  • bug #14715 [Form] Check instance of FormBuilderInterface instead of FormBuilder (dosten)
  • bug #14678 [Security] AbstractRememberMeServices::encodeCookie() validates cookie parts (MacDada)
  • bug #14635 [HttpKernel] Handle an array vary header in the http cache store (jakzal)
  • bug #14513 [console][formater] allow format toString object. (aitboudad)
  • bug #14335 [HttpFoundation] Fix baseUrl when script filename is contained in pathInfo (danez)
  • bug #14593 [Security][Firewall] Avoid redirection to XHR URIs (asiragusa)
  • bug #14618 [DomCrawler] Throw an exception if a form field path is incomplete (jakzal)
  • bug #14698 Fix HTML escaping of to-source links (nicolas-grekas)
  • bug #14690 [HttpFoundation] IpUtils::checkIp4() should allow /0 networks (zerkms)
  • bug #14262 [TwigBundle] Refresh twig paths when resources change. (aitboudad)
  • bug #13633 [ServerBag] Handled bearer authorization header in REDIRECT_ form (Lance0312)
  • bug #13637 [CSS] WebProfiler break words (nicovak)
  • bug #14633 [EventDispatcher] make listeners removable from an executed listener (xabbuh)

2.3.28 (2015-05-10)

  • bug #14266 [HttpKernel] Check if "symfony/proxy-manager-bridge" package is installed (hason)
  • bug #14501 [ProxyBridge] Fix proxy classnames generation (xphere)
  • bug #14498 [FrameworkBundle] Added missing log in server:run command (lyrixx)
  • bug #14484 [SecurityBundle][WebProfiler] check authenticated user by tokenClass instead of username. (aitboudad)
  • bug #14497 [HttpFoundation] Allow curly braces in trusted host patterns (sgrodzicki)
  • bug #14436 Show a better error when the port is in use (dosten)
  • bug #14463 [Validator] Fixed Choice when an empty array is used in the "choices" option (webmozart)
  • bug #14402 [FrameworkBundle][Translation] Check for 'xlf' instead of 'xliff' (xelaris)
  • bug #14272 [FrameworkBundle] Workaround php -S ignoring auto_prepend_file (nicolas-grekas)
  • bug #14345 [FrameworkBundle] Fix Routing\DelegatingLoader resiliency to fatal errors (nicolas-grekas)
  • bug #14325 [Routing][DependencyInjection] Support .yaml extension in YAML loaders (thunderer)
  • bug #14344 [Translation][fixed test] refresh cache when resources are no longer fresh. (aitboudad)
  • bug #14268 [Translator] Cache does not take fallback locales into consideration (sf2.3) (mpdude)
  • bug #14192 [HttpKernel] Embed the original exception as previous to bounced exceptions (nicolas-grekas)
  • bug #14102 [Enhancement] netbeans - force interactive shell when limited detection (cordoval)
  • bug #14191 [StringUtil] Fixed singularification of 'movies' (GerbenWijnja)

2.3.27 (2015-04-01)

  • security #14167 CVE-2015-2308 (nicolas-grekas)
  • security #14166 CVE-2015-2309 (neclimdul)
  • bug #14010 Replace GET parameters when changed in form (WouterJ)
  • bug #13991 [Dependency Injection] Improve PhpDumper Performance for huge Containers (BattleRattle)
  • bug #13997 [2.3+][Form][DoctrineBridge] Improved loading of entities and documents (guilhermeblanco)
  • bug #13953 [Translation][MoFileLoader] fixed load empty translation. (aitboudad)
  • bug #13912 [DependencyInjection] Highest precedence for user parameters (lyrixx)

2.3.26 (2015-03-17)

  • bug #13927 Fixing wrong variable name from #13519 (weaverryan)
  • bug #13519 [DependencyInjection] fixed service resolution for factories (fabpot)
  • bug #13901 [Bundle] Fix charset config (nicolas-grekas, bamarni)
  • bug #13911 [HttpFoundation] MongoDbSessionHandler::read() now checks for valid session age (bzikarsky)
  • bug #13890 Fix XSS in Debug exception handler (fabpot)
  • bug #13744 minor #13377 [Console] Change greater by greater or equal for isFresh in FileResource (bijibox)
  • bug #13708 [HttpFoundation] fixed param order for Nginx's x-accel-mapping (phansys)
  • bug #13767 [HttpKernel] Throw double-bounce exceptions (nicolas-grekas)
  • bug #13769 [Form] NativeRequestHandler file handling fix (mpajunen)
  • bug #13779 [FrameworkBundle] silence E_USER_DEPRECATED in insulated clients (nicolas-grekas)
  • bug #13715 Enforce UTF-8 charset for core controllers (WouterJ)
  • bug #13683 [PROCESS] make sure /dev/tty is readable (staabm)
  • bug #13733 [Process] Fixed PhpProcess::getCommandLine() result (francisbesset)
  • bug #13618 [PropertyAccess] Fixed invalid feedback -> foodback singularization (WouterJ)
  • bug #13630 [Console] fixed ArrayInput, if array contains 0 key. (arima-ryunosuke)
  • bug #13647 [FrameworkBundle] Fix title and placeholder rendering in php form templates (jakzal)
  • bug #13607 [Console] Fixed output bug, if escaped string in a formatted string. (tronsha)
  • bug #13466 [Security] Remove ContextListener's onKernelResponse listener as it is used (davedevelopment)
  • bug #12864 [Console][Table] Fix cell padding with multi-byte (ttsuruoka)
  • bug #13375 [YAML] Fix one-liners to work with multiple new lines (Alex Pott)
  • bug #13545 fixxed order of usage (OskarStark)
  • bug #13567 [Routing] make host matching case-insensitive (Tobion)

2.3.25 (2015-01-30)

  • bug #13528 [Validator] reject ill-formed strings (nicolas-grekas)
  • bug #13525 [Validator] UniqueEntityValidator - invalidValue fixed. (Dawid Sajdak)
  • bug #13527 [Validator] drop grapheme_strlen in LengthValidator (nicolas-grekas)
  • bug #13376 [FrameworkBundle][config] allow multiple fallback locales. (aitboudad)
  • bug #12972 Make the container considered non-fresh if the environment parameters are changed (thewilkybarkid)
  • bug #13309 [Console] fixed 10531 (nacmartin)
  • bug #13352 [Yaml] fixed parse shortcut Key after unindented collection. (aitboudad)
  • bug #13039 [HttpFoundation] [Request] fix baseUrl parsing to fix wrong path_info (rk3rn3r)
  • bug #13250 [Twig][Bridge][TranslationDefaultDomain] add support of named arguments. (aitboudad)
  • bug #13332 [Console] ArgvInput and empty tokens (Taluu)
  • bug #13293 [EventDispatcher] Add missing checks to RegisterListenersPass (znerol)
  • bug #13262 [Yaml] Improve YAML boolean escaping (petert82, larowlan)
  • bug #13420 [Debug] fix loading order for legacy classes (nicolas-grekas)
  • bug #13371 fix missing comma in YamlDumper (garak)
  • bug #13365 [HttpFoundation] Make use of isEmpty() method (xelaris)
  • bug #13347 [Console] Helper\TableHelper->addRow optimization (boekkooi)
  • bug #13346 [PropertyAccessor] Allow null value for a array (2.3) (boekkooi)
  • bug #13170 [Form] Set a child type to text if added to the form without a type. (jakzal)
  • bug #13334 [Yaml] Fixed #10597: Improved Yaml directive parsing (VictoriaQ)

2.3.24 (2015-01-07)

  • bug #13286 [Security] Don't destroy the session on buggy php releases. (derrabus)
  • bug #12417 [HttpFoundation] Fix an issue caused by php's Bug #66606. (wusuopu)
  • bug #13200 Don't add Accept-Range header on unsafe HTTP requests (jaytaph)
  • bug #12491 [Security] Don't send remember cookie for sub request (blanchonvincent)
  • bug #12574 [HttpKernel] Fix UriSigner::check when _hash is not at the end of the uri (nyroDev)
  • bug #13185 Fixes Issue #13184 - incremental output getters now return empty strings (Bailey Parker)
  • bug #13145 [DomCrawler] Fix behaviour with <base> tag (dkop, WouterJ)
  • bug #13141 [TwigBundle] Moved the setting of the default escaping strategy from the Twig engine to the Twig environment (fabpot)
  • bug #13114 [HttpFoundation] fixed error when an IP in the X-Forwarded-For HTTP head... (fabpot)
  • bug #12572 [HttpFoundation] fix checkip6 (Neime)
  • bug #13075 [Config] fix error handler restoration in test (nicolas-grekas)
  • bug #13081 [FrameworkBundle] forward error reporting level to insulated Client (nicolas-grekas)
  • bug #13053 [FrameworkBundle] Fixed Translation loader and update translation command. (saro0h)
  • bug #13048 [Security] Delete old session on auth strategy migrate (xelaris)
  • bug #12999 [FrameworkBundle] fix cache:clear command (nicolas-grekas)
  • bug #13004 add a limit and a test to FlattenExceptionTest. (Daniel Wehner)
  • bug #12961 fix session restart on PHP 5.3 (Tobion)
  • bug #12761 [Filesystem] symlink use RealPath instead LinkTarget (aitboudad)
  • bug #12855 [DependencyInjection] Perf php dumper (nicolas-grekas)
  • bug #12894 [FrameworkBundle][Template name] avoid error message for the shortcut n... (aitboudad)
  • bug #12858 [ClassLoader] Fix undefined index in ClassCollectionLoader (szicsu)

2.3.23 (2014-12-03)

  • bug #12811 Configure firewall's kernel exception listener with configured entry point or a default entry point (rjkip)
  • bug #12784 [DependencyInjection] make paths relative to DIR in the generated container (nicolas-grekas)
  • bug #12716 [ClassLoader] define constant only if it wasn't defined before (xabbuh)
  • bug #12553 [Debug] fix error message on double exception (nicolas-grekas)
  • bug #12550 [FrameworkBundle] backport #12489 (xabbuh)
  • bug #12570 Fix initialized() with aliased services (Daniel Wehner)
  • bug #12137 [FrameworkBundle] cache:clear command fills *.php.meta files with wrong data (Strate)

2.3.22 (2014-11-20)

  • bug #12525 [Bundle][FrameworkBundle] be smarter when guessing the document root (xabbuh)
  • bug #12296 [SecurityBundle] Authentication entry point is only registered with firewall exception listener, not with authentication listeners (rjkip)
  • bug #12393 [DependencyInjection] inlined factory not referenced (boekkooi)
  • bug #12436 [Filesystem] Fixed case for empty folder (yosmanyga)
  • bug #12370 [Yaml] improve error message for multiple documents (xabbuh)
  • bug #12170 [Form] fix form handling with OPTIONS request method (Tobion)
  • bug #12235 [Validator] Fixed Regex::getHtmlPattern() to work with complex and negated patterns (webmozart)
  • bug #12326 [Session] remove invalid hack in session regenerate (Tobion)
  • bug #12341 [Kernel] ensure session is saved before sending response (Tobion)
  • bug #12329 [Routing] serialize the compiled route to speed things up (Tobion)
  • bug #12316 Break infinite loop while resolving aliases (chx)
  • bug #12313 [Security][listener] change priority of switchuser (aitboudad)

2.3.21 (2014-10-24)

  • bug #11696 [Form] Fix #11694 - Enforce options value type check in some form types (kix)
  • bug #12209 [FrameworkBundle] Fixed ide links (hason)
  • bug #12208 Add missing argument (WouterJ)
  • bug #12197 [TwigBundle] do not pass a template reference to twig (Tobion)
  • bug #12196 [TwigBundle] show correct fallback exception template in debug mode (Tobion)
  • bug #12187 [CssSelector] don't raise warnings when exception is thrown (xabbuh)
  • bug #11998 [Intl] Integrated ICU data into Intl component #2 (webmozart)
  • bug #11920 [Intl] Integrated ICU data into Intl component #1 (webmozart)

2.3.20 (2014-09-28)

  • bug #9453 [Form][DateTime] Propagate invalid_message & invalid_message_parameters to date & time (egeloen)
  • bug #11058 [Security] bug #10242 Missing checkPreAuth from RememberMeAuthenticationProvider (glutamatt)
  • bug #12004 [Form] Fixed ValidatorTypeGuesser to guess properties without constraints not to be required (webmozart)
  • bug #11904 Make twig ExceptionController conformed with ExceptionListener (megazoll)
  • bug #11924 [Form] Moved POST_MAX_SIZE validation from FormValidator to request handler (rpg600, webmozart)
  • bug #11079 Response::isNotModified returns true when If-Modified-Since is later than Last-Modified (skolodyazhnyy)
  • bug #11989 [Finder][Urgent] Remove asterisk and question mark from folder name in test to prevent windows file system issues. (Adam)
  • bug #11908 [Translation] [Config] Clear libxml errors after parsing xliff file (pulzarraider)
  • bug #11937 [HttpKernel] Make sure HttpCache is a trusted proxy (thewilkybarkid)
  • bug #11970 [Finder] Escape location for regex searches (ymc-dabe)
  • bug #11837 Use getPathname() instead of string casting to get BinaryFileReponse file path (nervo)
  • bug #11513 [Translation] made XliffFileDumper support CDATA sections. (hhamon)
  • bug #11907 [Intl] Improved bundle reader implementations (webmozart)
  • bug #11874 [Console] guarded against non-traversable aliases (thierrymarianne)
  • bug #11799 [YAML] fix handling of empty sequence items (xabbuh)
  • bug #11906 [Intl] Fixed a few bugs in TextBundleWriter (webmozart)
  • bug #11459 [Form][Validator] All index items after children are to be considered grand-children when resolving ViolationPath (Andrew Moore)
  • bug #11715 [Form] FormBuilder::getIterator() now deals with resolved children (issei-m)
  • bug #11892 [SwiftmailerBridge] Bump allowed versions of swiftmailer (ymc-dabe)
  • bug #11918 [DependencyInjection] remove service parameter type from XSD (xabbuh)
  • bug #11905 [Intl] Removed non-working $fallback argument from ArrayAccessibleResourceBundle (webmozart)
  • bug #11497 Use separated function to resolve command and related arguments (JJK801)
  • bug #11374 [DI] Added safeguards against invalid config in the YamlFileLoader (stof)
  • bug #11897 [FrameworkBundle] Remove invalid markup (flack)
  • bug #11860 [Security] Fix usage of unexistent method in DoctrineAclCache. (mauchede)
  • bug #11850 [YAML] properly mask escape sequences in quoted strings (xabbuh)
  • bug #11856 [FrameworkBundle] backport more error information from 2.6 to 2.3 (xabbuh)
  • bug #11843 [Yaml] improve error message when detecting unquoted asterisks (xabbuh)

2.3.19 (2014-09-03)

  • security #11832 CVE-2014-6072 (fabpot)
  • security #11831 CVE-2014-5245 (stof)
  • security #11830 CVE-2014-4931 (aitboudad, Jérémy Derussé)
  • security #11829 CVE-2014-6061 (damz, fabpot)
  • security #11828 CVE-2014-5244 (nicolas-grekas, larowlan)
  • bug #10197 [FrameworkBundle] PhpExtractor bugfix and improvements (mtibben)
  • bug #11772 [Filesystem] Add FTP stream wrapper context option to enable overwrite (Damian Sromek)
  • bug #11788 [Yaml] fixed mapping keys containing a quoted # (hvt, fabpot)
  • bug #11160 [DoctrineBridge] Abstract Doctrine Subscribers with tags (merk)
  • bug #11768 [ClassLoader] Add a __call() method to XcacheClassLoader (tstoeckler)
  • bug #11726 [Filesystem Component] mkdir race condition fix #11626 (kcassam)
  • bug #11677 [YAML] resolve variables in inlined YAML (xabbuh)
  • bug #11639 [DependencyInjection] Fixed factory service not within the ServiceReferenceGraph. (boekkooi)
  • bug #11778 [Validator] Fixed wrong translations for Collection constraints (samicemalone)
  • bug #11756 [DependencyInjection] fix @return anno created by PhpDumper (jakubkulhan)
  • bug #11711 [DoctrineBridge] Fix empty parameter logging in the dbal logger (jakzal)
  • bug #11692 [DomCrawler] check for the correct field type (xabbuh)
  • bug #11672 [Routing] fix handling of nullable XML attributes (xabbuh)
  • bug #11624 [DomCrawler] fix the axes handling in a bc way (xabbuh)
  • bug #11676 [Form] Fixed #11675 ValueToDuplicatesTransformer accept "0" value (Nek-)
  • bug #11695 [Validators] Fixed failing tests requiring ICU 52.1 which are skipped otherwise (webmozart)
  • bug #11529 [WebProfilerBundle] Fixed double height of canvas (hason)
  • bug #11641 [WebProfilerBundle ] Fix toolbar vertical alignment (blaugueux)
  • bug #11559 [Validator] Convert objects to string in comparison validators (webmozart)
  • feature #11510 [HttpFoundation] MongoDbSessionHandler supports auto expiry via configurable expiry_field (catchamonkey)
  • bug #11408 [HttpFoundation] Update QUERY_STRING when overrideGlobals (yguedidi)
  • bug #11633 [FrameworkBundle] add missing attribute to XSD (xabbuh)
  • bug #11601 [Validator] Allow basic auth in url when using UrlValidator. (blaugueux)
  • bug #11609 [Console] fixed style creation when providing an unknown tag option (fabpot)
  • bug #10914 [HttpKernel] added an analyze of environment parameters for built-in server (mauchede)
  • bug #11598 [Finder] Shell escape and windows support (Gordon Franke, gimler)
  • bug #11499 [BrowserKit] Fixed relative redirects for ambiguous paths (pkruithof)
  • bug #11516 [BrowserKit] Fix browser kit redirect with ports (dakota)
  • bug #11545 [Bundle][FrameworkBundle] built-in server: exit when docroot does not exist (xabbuh)
  • bug #11560 Plural fix (1emming)
  • bug #11558 [DependencyInjection] Fixed missing 'factory-class' attribute in XmlDumper output (kerdany)
  • bug #11548 [Component][DomCrawler] fix axes handling in Crawler::filterXPath() (xabbuh)
  • bug #11422 [DependencyInjection] Self-referenced 'service_container' service breaks garbage collection (sun)
  • bug #11428 [Serializer] properly handle null data when denormalizing (xabbuh)
  • bug #10687 [Validator] Fixed string conversion in constraint violations (eagleoneraptor, webmozart)
  • bug #11475 [EventDispatcher] don't count empty listeners (xabbuh)
  • bug #11436 fix signal handling in wait() on calls to stop() (xabbuh, romainneutron)
  • bug #11469 [BrowserKit] Fixed server HTTP_HOST port uri conversion (bcremer, fabpot)
  • bug #11425 Fix issue described in #11421 (Ben, ben-rosio)
  • bug #11423 Pass a Scope instance instead of a scope name when cloning a container in the GrahpvizDumper (jakzal)
  • bug #11120 [Process] Reduce I/O load on Windows platform (romainneutron)
  • bug #11342 [Form] Check if IntlDateFormatter constructor returned a valid object before using it (romainneutron)
  • bug #11411 [Validator] Backported #11410 to 2.3: Object initializers are called only once per object (webmozart)
  • bug #11403 [Translator][FrameworkBundle] Added @ to the list of allowed chars in Translator (takeit)
  • bug #11381 [Process] Use correct test for empty string in UnixPipes (whs, romainneutron)

2.3.18 (2014-07-15)

  • [Security] Forced validate of locales passed to the translator
  • feature #11367 [HttpFoundation] Fix to prevent magic bytes injection in JSONP responses... (CVE-2014-4671) (Andrew Moore)
  • bug #11386 Remove Spaceless Blocks from Twig Form Templates (chrisguitarguy)
  • bug #9719 [TwigBundle] fix configuration tree for paths (mdavis1982, cordoval)
  • bug #11244 [HttpFoundation] Remove body-related headers when sending the response, if body is empty (SimonSimCity)

2.3.17 (2014-07-07)

  • bug #11238 [Translation] Added unescaping of ids in PoFileLoader (JustBlackBird)
  • bug #11194 [DomCrawler] Remove the query string and the anchor of the uri of a link (benja-M-1)
  • bug #11272 [Console] Make sure formatter is the same. (akimsko)
  • bug #11259 [Config] Fixed failed config schema loads due to libxml_disable_entity_loader usage (ccorliss)
  • bug #11234 [ClassLoader] fixed PHP warning on PHP 5.3 (fabpot)
  • bug #11179 [Process] Fix ExecutableFinder with open basedir (cs278)
  • bug #11242 [CssSelector] Refactored the CssSelector to remove the circular object graph (stof)
  • bug #11219 [DomCrawler] properly handle buttons with single and double quotes insid... (xabbuh)
  • bug #11220 [Components][Serializer] optional constructor arguments can be omitted during the denormalization process (xabbuh)
  • bug #11186 Added missing break statement (apfelbox)
  • bug #11169 [Console] Fixed notice in DialogHelper (florianv)
  • bug #11144 [HttpFoundation] Fixed Request::getPort returns incorrect value under IPv6 (kicken)
  • bug #10966 PHP Fatal error when getContainer method of ContainerAwareCommand has be... (kevinvergauwen)
  • bug #10981 [HttpFoundation] Fixed isSecure() check to be compliant with the docs (Jannik Zschiesche)
  • bug #11092 [HttpFoundation] Fix basic authentication in url with PHP-FPM (Kdecherf)
  • bug #10808 [DomCrawler] Empty select with attribute name="foo[]" bug fix (darles)
  • bug #11063 [HttpFoundation] fix switch statement (Tobion)
  • bug #11009 [HttpFoundation] smaller fixes for PdoSessionHandler (Tobion)
  • bug #11041 Remove undefined variable $e (skydiablo)

2.3.16 (2014-05-31)

  • bug #11014 [Validator] Remove property and method targets from the optional and required constraints (jakzal)
  • bug #10983 [DomCrawler] Fixed charset detection in html5 meta charset tag (77web)
  • bug #10979 Make rootPath part of regex greedy (artursvonda)
  • bug #10995 [TwigBridge][Trans]set %count% only on transChoice from the current context. (aitboudad)
  • bug #10987 [DomCrawler] Fixed a forgotten case of complex XPath queries (stof)

2.3.15 (2014-05-22)

  • reverted #10908

2.3.14 (2014-05-22)

  • bug #10849 [WIP][Finder] Fix wrong implementation on sortable callback comparator (ProPheT777)
  • bug #10929 [Process] Add validation on Process input (romainneutron)
  • bug #10958 [DomCrawler] Fixed filterXPath() chaining loosing the parent DOM nodes (stof, robbertkl)
  • bug #10953 [HttpKernel] fixed file uploads in functional tests without file selected (realmfoo)
  • bug #10937 [HttpKernel] Fix "absolute path" when we look to the cache directory (BenoitLeveque)
  • bug #10908 [HttpFoundation] implement session locking for PDO (Tobion)
  • bug #10894 [HttpKernel] removed absolute paths from the generated container (fabpot)
  • bug #10926 [DomCrawler] Fixed the initial state for options without value attribute (stof)
  • bug #10925 [DomCrawler] Fixed the handling of boolean attributes in ChoiceFormField (stof)
  • bug #10777 [Form] Automatically add step attribute to HTML5 time widgets to display seconds if needed (tucksaun)
  • bug #10909 [PropertyAccess] Fixed plurals for -ves words (csarrazi)
  • bug #10899 Explicitly define the encoding. (jakzal)
  • bug #10897 [Console] Fix a console test (jakzal)
  • bug #10896 [HttpKernel] Fixed cache behavior when TTL has expired and a default "global" TTL is defined (alquerci, fabpot)
  • bug #10841 [DomCrawler] Fixed image input case sensitive (geoffrey-brier)
  • bug #10714 [Console]Improve formatter for double-width character (denkiryokuhatsuden)
  • bug #10872 [Form] Fixed TrimListenerTest as of PHP 5.5 (webmozart)
  • bug #10762 [BrowserKit] Allow URLs that don't contain a path when creating a cookie from a string (thewilkybarkid)
  • bug #10863 [Security] Add check for supported attributes in AclVoter (artursvonda)
  • bug #10833 [TwigBridge][Transchoice] set %count% from the current context. (aitboudad)
  • bug #10820 [WebProfilerBundle] Fixed profiler seach/homepage with empty token (tucksaun)
  • bug #10815 Fixed issue #5427 (umpirsky)
  • bug #10817 [Debug] fix #10313: FlattenException not found (nicolas-grekas)
  • bug #10803 [Debug] fix ErrorHandlerTest when context is not an array (nicolas-grekas)
  • bug #10801 [Debug] ErrorHandler: remove $GLOBALS from context in PHP5.3 fix #10292 (nicolas-grekas)
  • bug #10797 [HttpFoundation] Allow File instance to be passed to BinaryFileResponse (anlutro)
  • bug #10643 [TwigBridge] Removed strict check when found variables inside a translation (goetas)

2.3.13 (2014-04-27)

  • bug #10789 [Console] Fixed the rendering of exceptions on HHVM with a terminal width (stof)
  • bug #10773 [WebProfilerBundle ] Fixed an edge case on WDT loading (tucksaun)
  • bug #10763 [Process] Disable TTY mode on Windows platform (romainneutron)
  • bug #10772 [Finder] Fix ignoring of unreadable dirs in the RecursiveDirectoryIterator (jakzal)
  • bug #10757 [Process] Setting STDIN while running should not be possible (romainneutron)
  • bug #10749 Fixed incompatibility of x509 auth with nginx (alcaeus)
  • bug #10735 [Translation] [PluralizationRules] Little correction for case 'ar' (klyk50)
  • bug #10720 [HttpFoundation] Fix DbalSessionHandler (Tobion)
  • bug #10721 [HttpFoundation] status 201 is allowed to have a body (Tobion)
  • bug #10728 [Process] Fix #10681, process are failing on Windows Server 2003 (romainneutron)
  • bug #10733 [DomCrawler] Textarea value should default to empty string instead of null. (Berdir)
  • bug #10723 [Security] fix DBAL connection typehint (Tobion)
  • bug #10700 Fixes various inconsistencies in the code (fabpot)
  • bug #10697 [Translation] Make IcuDatFileLoader/IcuResFileLoader::load invalid resource compatible with HHVM. (idn2104)
  • bug #10652 [HttpFoundation] fix PDO session handler under high concurrency (Tobion)
  • bug #10669 [Profiler] Prevent throwing fatal errors when searching timestamps or invalid dates (stloyd)
  • bug #10670 [Templating] PhpEngine should propagate charset to its helpers (stloyd)
  • bug #10665 [DependencyInjection] Fix ticket #10663 - Added setCharset method call to PHP templating engine (koku)
  • bug #10654 Changed the typehint of the EsiFragmentRenderer to the interface (stof)
  • bug #10649 [BrowserKit] Fix #10641 : BrowserKit is broken when using ip as host (romainneutron)

2.3.12 (2014-04-03)

  • bug #10586 Fixes URL validator to accept single part urls (merk)
  • bug #10591 [Form] Buttons are now disabled if their containing form is disabled (webmozart)
  • bug #10579 HHVM fixes (fabpot)
  • bug #10564 fixed the profiler when an uncalled listener throws an exception when instantiated (fabpot)
  • bug #10568 [Form] Fixed hashing of choice lists containing non-UTF-8 characters (webmozart)
  • bug #10536 Avoid levenshtein comparison when using ContainerBuilder. (catch56)
  • bug #10549 Fixed server values in BrowserKit (fabpot)
  • bug #10540 [HttpKernel] made parsing controllers more robust (fabpot)
  • bug #10545 [DependencyInjection] Fixed YamlFileLoader imports path (jrnickell)
  • bug #10523 [Debug] Check headers sent before sending PHP response (GromNaN)
  • bug #10275 [Validator] Fixed ACE domain checks on UrlValidator (#10031) (aeoris)
  • bug #10123 handle array root element (greg0ire)
  • bug #10532 Fixed regression when using Symfony on filesystems without chmod support (fabpot)
  • bug #10502 [HttpKernel] Fix #10437: Catch exceptions when reloading a no-cache request (romainneutron)
  • bug #10493 Fix libxml_use_internal_errors and libxml_disable_entity_loader usage (romainneutron)
  • bug #9784 [HttpFoundation] Removed ini check to make Uploadedfile work on Google App Engine (micheleorselli)
  • bug #10416 [Form] Allow options to be grouped by objects (felds)
  • bug #10410 [Form] Fix "Array was modified outside object" in ResizeFormListener. (Chekote)
  • bug #10494 [Validator] Minor fix in IBAN validator (sprain)
  • bug #10491 Fixed bug that incorrectly causes the "required" attribute to be omitted from select even though it contains the "multiple" attribute (fabpot)
  • bug #10479 [Process] Fix escaping on Windows (romainneutron)
  • bug #10480 [Process] Fixed fatal errors in getOutput and getErrorOutput when process was not started (romainneutron)
  • bug #10420 [Process] Make Process::start non-blocking on Windows platform (romainneutron)
  • bug #10455 [Process] Fix random failures in test suite on TravisCI (romainneutron)
  • bug #10448 [Process] Fix quoted arguments escaping (romainneutron)
  • bug #10444 [DomCrawler] Fixed incorrect value name conversion in getPhpValues() and getPhpFiles() (romainneutron)
  • bug #10423 [Config] XmlUtils::convertDomElementToArray does not handle '0' (bendavies)
  • bug #10153 [Process] Fixed data in pipe being truncated if not read before process termination (astephens25)
  • bug #10429 [Process] Fix #9160 : escaping an argument with a trailing backslash on windows fails (romainneutron)
  • bug #10412 [Process] Fix process status in TTY mode (romainneutron)
  • bug #10382 10158 get vary multiple (bbinkovitz)
  • bug #10251 [Form] Fixes empty file-inputs getting treated as extra field. (jenkoian)
  • bug #10351 [HttpKernel] fix stripComments() normalizing new-lines (sstok)
  • bug #10348 Update FileLoader to fix issue #10339 (msumme)

2.3.11 (2014-02-27)

  • bug #10146 [WebProfilerBundle] fixed parsing Mongo DSN and added Test for it (malarzm)
  • bug #10299 [Finder] () is also a valid delimiter (WouterJ)
  • bug #10255 [FrameworkBundle] Fixed wrong redirect url if path contains some query parameters (pulzarraider)
  • bug #10285 Bypass sigchild detection if phpinfo is not available (Seldaek)
  • bug #10269 [Form] Revert "Fix "Array was modified outside object" in ResizeFormListener." (norzechowicz)

2.3.10 (2014-02-12)

  • bug #10231 [Console] removed problematic regex (fabpot)
  • bug #10245 [DomCrawler] Added support for <area> tags to be treated as links (shamess)
  • bug #10232 [Form] Fix "Array was modified outside object" in ResizeFormListener. (Chekote)
  • bug #10215 [Routing] reduced recursion in dumper (arnaud-lb)
  • bug #10207 [DomCrawler] Fixed filterXPath() chaining (robbertkl)
  • bug #10205 [DomCrawler] Fixed incorrect handling of image inputs (robbertkl)
  • bug #10191 [HttpKernel] fixed wrong reference in TraceableEventDispatcher (fabpot)
  • bug #10195 [Debug] Fixed recursion level incrementing in FlattenException::flattenArgs(). (sun)
  • bug #10151 [Form] Update DateTime objects only if the actual value has changed (peterrehm)
  • bug #10140 allow the TextAreaFormField to be used with valid/invalid HTML (dawehner)
  • bug #10131 added lines to exceptions for the trans and transchoice tags (fabpot)
  • bug #10119 [Validator] Minor fix in XmlFileLoader (florianv)
  • bug #10078 [BrowserKit] add non-standard port to HTTP_HOST server param (kbond)
  • bug #10091 [Translation] Update PluralizationRules.php (guilhermeblanco)
  • bug #10053 [Form] fixed allow render 0 numeric input value (dczech)
  • bug #10033 [HttpKernel] Bugfix - Logger Deprecation Notice (Rican7)
  • bug #10023 [FrameworkBundle] Thrown an HttpException instead returning a Response in RedirectController::redirectAction() (jakzal)
  • bug #9985 Prevent WDT from creating a session (mvrhov)
  • bug #10000 [Console] Fixed the compatibility with HHVM (stof)
  • bug #9979 [Doctrine Bridge][Validator] Fix for null values in assosiated properties when using UniqueEntityValidator (vpetrovych)
  • bug #9983 [TwigBridge] Update min. version of Twig (stloyd)
  • bug #9970 [CssSelector] fixed numeric attribute issue (jfsimon)
  • bug #9747 [DoctrineBridge] Fix: Add type detection. Needed by pdo_dblib (iamluc)
  • bug #9962 [Process] Fix #9861 : Revert TTY mode (romainneutron)
  • bug #9960 [Form] Update minimal requirement in composer.json (stloyd)
  • bug #9952 [Translator] Fix Empty translations with Qt files (vlefort)
  • bug #9948 [WebProfilerBundle] Fixed profiler toolbar icons for XHTML. (rafalwrzeszcz)
  • bug #9933 Propel1 exception message (jaugustin)
  • bug #9949 [BrowserKit] Throw exception on invalid cookie expiration timestamp (anlutro)

This update has been submitted for testing by siwinski.

7 years ago

This update is currently being pushed to the Fedora EPEL 6 testing updates repository.

7 years ago

This update has been pushed to testing

7 years ago
User Icon avij commented & provided feedback 7 years ago

php-symfony-security requires php-composer(ircmaxell/password-compat) whose version number is between 0:1.0 and 0:2.0. This capability does not seem to be present in EL or EPEL7. Please do not push this update to stable before this dependency issue has been resolved.

@avij -- php-password-compat-1.0.4-1 was pushed to both epel6 [1] and epel7 [2] on 2015-06-20 which provides php-composer(ircmaxell/password-compat). Please run "yum clean all" and try reinstalling this update again. [1] [2]

User Icon avij commented & provided feedback 7 years ago

Right, it appears my local mirror hadn't updated yet. The dependency issue is gone now.

This update has reached 14 days in testing and can be pushed to stable now if the maintainer wishes

7 years ago

This update has been submitted for stable by siwinski.

7 years ago

This update is currently being pushed to the Fedora EPEL 6 stable updates repository.

7 years ago

This update has been pushed to stable

7 years ago

Please login to add feedback.

Content Type
Test Gating
Unstable by Karma
Stable by Karma
Stable by Time
7 years ago
in testing
7 years ago
in stable
7 years ago
BZ#1227264 CVE-2015-4050 php-symfony: ESI unauthorized access
BZ#1227266 CVE-2015-4050 php-symfony: ESI unauthorized access [epel-6]

Automated Test Results