updated CHANGELOG for 2.8.31

2017-11-16 18:43:51 +01:00 · 2017-11-16 18:43:51 +01:00 · b2febb4688
parent 1c026e0a5b
commit b2febb4688
1 changed files with 7 additions and 0 deletions
--- a/CHANGELOG-2.8.md
+++ b/CHANGELOG-2.8.md
@ -7,6 +7,13 @@ in 2.8 minor versions.
 To get the diff for a specific change, go to https://github.com/symfony/symfony/commit/XXX where XXX is the change hash
 To get the diff between two versions, go to https://github.com/symfony/symfony/compare/v2.8.0...v2.8.1

+* 2.8.31 (2017-11-16)
+
+ * security #24995 Validate redirect targets using the session cookie domain (nicolas-grekas)
+ * security #24994 Prevent bundle readers from breaking out of paths (xabbuh)
+ * security #24993 Ensure that submitted data are uploaded files (xabbuh)
+ * security #24992 Namespace generated CSRF tokens depending of the current scheme (dunglas)
+
 * 2.8.30 (2017-11-13)

 * bug #24952 [HttpFoundation] Fix session-related BC break (nicolas-grekas, sroze)