Symfony 3.3.13 released

Symfony 3.3.13 has just been released. Here is a list of the most
important changes:

  • security #24995 Validate redirect targets using the session cookie domain (@nicolas-grekas)
  • security #24994 Prevent bundle readers from breaking out of paths (@xabbuh)
  • security #24993 Ensure that submitted data are uploaded files (@xabbuh)
  • security #24992 Namespace generated CSRF tokens depending of the current scheme (@dunglas)

Want to upgrade to this new release? Fortunately, because Symfony protects
backwards-compatibility very closely, this should be quite easy.
Read our upgrade
documentation to learn more.

Want to be notified whenever a new Symfony release is published? Or when a
version is not maintained anymore? Or only when a security issue is fixed?
Consider subscribing to the Symfony Roadmap Notifications.


Be trained by Symfony experts
2017-11-22 Cologne
2017-12-4 Lyon
2017-12-4 Lyon

[risorsa: Symfony Blog http://ift.tt/2jwwd5v ]