Zwei Probleme in php-symfony
ID: | FEDORA-2018-4deae442f2 |
Distribution: | Fedora |
Plattformen: | Fedora 27 |
Datum: | Di, 14. August 2018, 23:44 |
Referenzen: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14774
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14773 |
Applikationen: | symfony |
Originalnachricht |
|
-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2018-4deae442f2 2018-08-14 20:15:54.627492 -------------------------------------------------------------------------------- Name : php-symfony Product : Fedora 27 Version : 2.8.44 Release : 1.fc27 URL : http://symfony.com Summary : PHP framework for web projects Description : PHP framework for web projects -------------------------------------------------------------------------------- Update Information: ## 2.8.44 (2018-08-01) * security #cve-2018-14774 [HttpKernel] fix trusted headers management in HttpCache and InlineFragmentRenderer (nicolas-grekas) * security #cve-2018-14773 [HttpFoundation] Remove support for legacy and risky HTTP headers (nicolas-grekas) * bug #28003 [HttpKernel] Fixes invalid REMOTE_ADDR in inline subrequest when configuring trusted proxy with subnet (netiul) * bug #28045 [HttpFoundation] Fix Cookie::isCleared (ro0NL) * bug #28080 [HttpFoundation] fixed using _method parameter with invalid type (Phobetor) ## 2.8.43 (2018-07-23) * bug #28005 [HttpKernel] Fixed templateExists on parse error of the template name (yceruto) * bug #27997 Serbo-Croatian has Serbian plural rule (kylekatarnls) * bug #27941 [WebProfilerBundle] Fixed icon alignment issue using Bootstrap 4.1.2 (jmsche) * bug #27937 [HttpFoundation] reset callback on StreamedResponse when setNotModified() is called (rubencm) * bug #27927 [HttpFoundation] Suppress side effects in 'get' and 'has' methods of NamespacedAttributeBag (webnet-fr) * bug #27904 [Filesystem] fix lock file permissions (fritzmg) * bug #27758 [WebProfilerBundle] Prevent toolbar links color override by css (alcalyn) * bug #27831 Check for Hyper terminal on all operating systems. (azjezz) * bug #27794 Add color support for Hyper terminal . (azjezz) * bug #27809 [HttpFoundation] Fix tests: new message for status 425 (dunglas) * bug #27716 [DI] fix dumping deprecated service in yaml (nicolas-grekas) -------------------------------------------------------------------------------- ChangeLog: * Wed Aug 1 2018 Shawn Iwinski |