You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa php

Sigurnosni nedostatak programskog paketa php

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LFE

Fedora Update Notification
2020-09-25 16:31:57.892213

Name : php-symfony4
Product : Fedora 33
Version : 4.4.13
Release : 1.fc33
Summary : Symfony PHP framework (version 4)
Description :
Symfony PHP framework (version 4).

NOTE: Does not require PHPUnit bridge.

Update Information:

**Version 4.4.13** (2020-09-02) * security **CVE-2020-15094** Remove headers
with internal meaning from HttpClient responses (mpdude) * bug #38024 [Console]
Fix undefined index for inconsistent command name definition (chalasr) * bug
#38023 [DI] fix inlining of non-shared services (nicolas-grekas) * bug #38020
[PhpUnitBridge] swallow deprecations (xabbuh) * bug #38010 [Cache] Psr16Cache
does not handle Proxy cache items (alex-dev) * bug #37937 [Serializer] fixed
fix encoding of cache keys with anonymous classes (michaelzangerle) —-
**Version 4.4.12** (2020-08-31) * bug #37966 [HttpClient][MockHttpClient][DX]
Throw when the response factory callable does not return a valid response
(fancyweb) * bug #37971 [PropertyInfo] Backport support for typed properties
(PHP 7.4) (dunglas) * bug #37970 [PhpUnitBridge] Polyfill new phpunit 9.1
assertions (phpfour) * bug #37960 [PhpUnit] Add polyfill for
assertMatchesRegularExpression() (dunglas) * bug #37949 [Yaml] fix more numeric
cases changing in PHP 8 (xabbuh) * bug #37921 [Yaml] account for is_numeric()
behavior changes in PHP 8 (xabbuh) * bug #37912 [ExpressionLanguage] fix
passing arguments to call_user_func_array() on PHP 8 (xabbuh) * bug #37907
[Messenger] stop using the deprecated schema synchronizer API (xabbuh) * bug
#37900 [Mailer] Fixed mandrill api header structure (wulff) * bug #37888
[Mailer] Reorder headers used to determine Sender (cvmiert) * bug #37872
[Sendgrid-Mailer] Fixed envelope recipients on sendgridApiTransport
(arendjantetteroo) * bug #37860 [Serializer][ClassDiscriminatorMapping] Fix
getMappedObjectType() when a discriminator child extends another one (fancyweb)
* bug #37853 [Validator] ensure that the validator is a mock object for
backwards-compatibility (xabbuh) * bug #36340 [Serializer] Fix configuration of
the cache key (dunglas) * bug #36810 [Messenger] Do not stack retry stamp
(jderusse) * bug #37849 [FrameworkBundle] Add missing mailer transports in xsd
(l-vo) * bug #37586 [ErrorHandler][DebugClassLoader] Add mixed and static
return types support (fancyweb) * bug #37845 [Serializer] Fix variadic support
when using type hints (fabpot) * bug #37841 [VarDumper] Backport handler lock
when using VAR_DUMPER_FORMAT (ogizanagi) * bug #37725 [Form] Fix Guess phpdoc
return type (franmomu) * bug #37771 Use PHPUnit 9.3 on php 8 (derrabus) * bug
#36140 [Validator] Add BC layer for notInRangeMessage when min and max are set
(l-vo) * bug #35843 [Validator] Add target guards for Composite nested
constraints (ogizanagi) * bug #37803 Fix for issue #37681 (Rav) * bug #37744
[Yaml] Fix for #36624; Allow PHP constant as first key in block (jnye) * bug
#37767 [Form] fix mapping errors from unmapped forms (xabbuh) * bug #37731
[Console] Table: support cells with newlines after a cell with colspan >= 2
(GMTA) * bug #37791 Fix redis connect with empty password (alexander-schranz)
* bug #37790 Fix deprecated libxml_disable_entity_loader (fabpot) * bug #37763
Fix deprecated libxml_disable_entity_loader (jderusse) * bug #37774 [Console]
Make sure we pass a numeric array of arguments to call_user_func_array()
(derrabus) * bug #37729 [FrameworkBundle] fail properly when the required
service is not defined (xabbuh) * bug #37701 [Serializer] Fix that it will
never reach DOMNode (TNAJanssen) * bug #37671 [Cache] fix saving no-expiry
items with ArrayAdapter (philipp-kolesnikov) * bug #37102 [WebProfilerBundle]
Fix error with custom function and web profiler routing tab (JakeFr) * bug
#37560 [Finder] Fix GitIgnore parser when dealing with (sub)directories and take
order of lines into account (Jeroeny) * bug #37700 [VarDumper] Improve previous
fix on light array coloration (l-vo) * bug #37705 [Mailer] Added the missing
reset tag to mailer.logger_message_listener (vudaltsov) * bug #37697
[Messenger] reduce column length for MySQL 5.6 compatibility (xabbuh)

* Wed Sep 2 2020 Remi Collet <> – 4.4.13-1
– update to 4.4.13
* Mon Aug 31 2020 Remi Collet <> – 4.4.12-1
– update to 4.4.12
– allow doctrine/dbal 3.0

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade –advisory FEDORA-2020-1c549262f1’ at the command
line. For more information, refer to the dnf documentation available at

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list —
To unsubscribe send an email to
Fedora Code of Conduct:
List Guidelines:
List Archives:

AutorBruno Varga
Cert idNCERT-REF-2020-09-0001-ADV
More in Preporuke
Sigurnosni nedostatak programskog paketa ark

Otkriven je sigurnosni nedostatak u programskom paketu ark za operacijski sustav Fedora. Otkriveni nedostatak potencijalnim napadačima omogućuje proizvoljnu manipulaciju datoteka....