From 0e4183c89571e2606f83fa6b0a09a98eed466ec0 Mon Sep 17 00:00:00 2001 From: Fabien Potencier Date: Wed, 13 Nov 2019 09:51:25 +0100 Subject: [PATCH 1/2] updated CHANGELOG for 4.2.12 --- CHANGELOG-4.2.md | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/CHANGELOG-4.2.md b/CHANGELOG-4.2.md index 7ff4976cca..c8b1ea6dc2 100644 --- a/CHANGELOG-4.2.md +++ b/CHANGELOG-4.2.md @@ -7,6 +7,14 @@ in 4.2 minor versions. To get the diff for a specific change, go to https://github.com/symfony/symfony/commit/XXX where XXX is the change hash To get the diff between two versions, go to https://github.com/symfony/symfony/compare/v4.2.0...v4.2.1 +* 4.2.12 (2019-11-13) + + * security #cve-2019-18886 [Security\Core] throw AccessDeniedException when switch user fails (nicolas-grekas) + * security #cve-2019-18889 [Cache] forbid serializing AbstractAdapter and TagAwareAdapter instances (nicolas-grekas) + * security #cve-2019-11325 [VarExporter] fix exporting some strings (nicolas-grekas) + * security #cve-2019-18888 [HttpFoundation] fix guessing mime-types of files with leading dash (nicolas-grekas) + * security #cve-2019-18887 [HttpKernel] Use constant time comparison in UriSigner (stof) + * 4.2.11 (2019-07-28) * bug #32760 [HttpKernel] clarify error handler restoring process (xabbuh) From 8e625093ab1411733c25b647f4686cca52972c52 Mon Sep 17 00:00:00 2001 From: Fabien Potencier Date: Wed, 13 Nov 2019 09:51:34 +0100 Subject: [PATCH 2/2] updated VERSION for 4.2.12 --- src/Symfony/Component/HttpKernel/Kernel.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/Symfony/Component/HttpKernel/Kernel.php b/src/Symfony/Component/HttpKernel/Kernel.php index ca2c5d0f6d..999e86836a 100644 --- a/src/Symfony/Component/HttpKernel/Kernel.php +++ b/src/Symfony/Component/HttpKernel/Kernel.php @@ -73,12 +73,12 @@ abstract class Kernel implements KernelInterface, RebootableInterface, Terminabl private $requestStackSize = 0; private $resetServices = false; - const VERSION = '4.2.12-DEV'; + const VERSION = '4.2.12'; const VERSION_ID = 40212; const MAJOR_VERSION = 4; const MINOR_VERSION = 2; const RELEASE_VERSION = 12; - const EXTRA_VERSION = 'DEV'; + const EXTRA_VERSION = ''; const END_OF_MAINTENANCE = '07/2019'; const END_OF_LIFE = '01/2020';