updated CHANGELOG for 2.7.51

This commit is contained in:
Fabien Potencier 2019-04-17 17:34:40 +02:00
parent 789a34ad76
commit 343865d847
1 changed files with 7 additions and 0 deletions

View File

@ -7,6 +7,13 @@ in 2.7 minor versions.
To get the diff for a specific change, go to https://github.com/symfony/symfony/commit/XXX where XXX is the change hash
To get the diff between two versions, go to https://github.com/symfony/symfony/compare/v2.7.0...v2.7.1
* 2.7.51 (2019-04-17)
* security #cve-2019-10910 [DI] Check service IDs are valid (nicolas-grekas)
* security #cve-2019-10909 [FrameworkBundle][Form] Fix XSS issues in the form theme of the PHP templating engine - CVE-2019-10909 (stof)
* security #cve-2019-10911 [Security] Add a separator in the remember me cookie hash (pborreli)
* security #cve-2019-10913 [HttpFoundation] reject invalid method override (nicolas-grekas)
* 2.7.50 (2018-12-06)
* security #cve-2018-19790 [Security\Http] detect bad redirect targets using backslashes (xabbuh)