symfony (2.3.21+dfsg-4+deb8u3) jessie-security; urgency=high [ Daniel Beyer ] * Backport a security fix from 2.3.41 - Large username storage in session [CVE-2016-4423] * Backport a security fix from 2.3.37 - SecureRandom's fallback not secure when OpenSSL fails [CVE-2016-1902] [ David Prévot ] * Add copyright entry for embeded paragonie/random_compat -- Daniel Beyer Tue, 10 May 2016 06:21:09 +0200 symfony (2.3.21+dfsg-4+deb8u2) jessie-security; urgency=high * Backport security fixes from 2.3.35 - Session Fixation in the "Remember Me" Login Feature [CVE-2015-8124] - Vulnerability in Security Remember-Me Service [CVE-2015-8125] -- Daniel Beyer Tue, 24 Nov 2015 01:07:45 +0100 symfony (2.3.21+dfsg-4+deb8u1) jessie-security; urgency=high [ Daniel Beyer ] * Backport a security fix from 2.3.29 - ESI unauthorized access [CVE-2015-4050] -- David Prévot Wed, 27 May 2015 08:57:06 -0400 symfony (2.3.21+dfsg-4) unstable; urgency=medium * Backport security fixes from 2.3.27: - Esi Code Injection [CVE-2015-2308] - Unsafe methods in the Request class [CVE-2015-2309] -- David Prévot Wed, 01 Apr 2015 16:53:00 -0400 symfony (2.3.21+dfsg-3) unstable; urgency=medium [ Daniel Beyer ] * Increase timeout in a problematic test in the Process component. This should finally get tests on ci.debian.net working and might prevent BTS #775625 from occurring again, which probably was not solved within 2.3.21+dfsg-2. -- David Prévot Fri, 30 Jan 2015 09:19:53 -0400 symfony (2.3.21+dfsg-2) unstable; urgency=low [ Daniel Beyer ] * Fix a misbehaving test in the Process component (Closes: #775625) [ David Prévot ] * gbp: Track the Jessie branch -- David Prévot Wed, 21 Jan 2015 12:42:11 -0400 symfony (2.3.21+dfsg-1) unstable; urgency=low * New upstream version * Update build-dependencies (add php5-intl, drop php-symfony-icu and icu-devtools) * Exclude tests of type intl-data -- Daniel Beyer Sun, 26 Oct 2014 17:08:18 +0100 symfony (2.3.20+dfsg-1) unstable; urgency=low [ Daniel Beyer ] * New upstream version. * Drop patches (adopted upstream) - 0001-SwiftmailerBridge-Bump-allowed-versions-of-swiftmail.patch - 0004-Finder-Escape-location-for-regex-searches.patch * Fix DEP-8 tests failing if no tty is present [ David Prévot ] * Use repacksuffix feature of uscan -- Daniel Beyer Sat, 11 Oct 2014 01:44:50 +0200 symfony (2.3.19+dfsg-1) unstable; urgency=low * Initial release. (Closes: #513646) -- Daniel Beyer Sun, 07 Sep 2014 18:34:19 +0200