symfony (4.4.19+dfsg-2+deb11u4) bullseye; urgency=medium * [Mime] regenerate test certificates (Closes: #1034854) * Backport security fix from Symfony 4.4.51 - [TwigBridge] Ensure CodeExtension's filters properly escape their input [CVE-2023-46734] (Closes: #1055774) -- David Prévot Sat, 11 Nov 2023 19:09:20 +0100 symfony (4.4.19+dfsg-2+deb11u3) bullseye; urgency=medium * Drop dependency bump. Thanks to Paul Gevers -- David Prévot Mon, 27 Feb 2023 23:05:34 +0100 symfony (4.4.19+dfsg-2+deb11u2) bullseye; urgency=medium * Backport security fixes from Symfony 4.4.50 - [HttpKernel] Remove private headers before storing responses with HttpCache [CVE-2022-24894] - [Security/Http] Remove CSRF tokens from storage on successful login [CVE-2022-24895] -- David Prévot Wed, 01 Feb 2023 19:38:41 +0100 symfony (4.4.19+dfsg-2+deb11u1) bullseye; urgency=medium * Prevent CSV injection via formulas [CVE-2021-41270] -- David Prévot Wed, 24 Nov 2021 06:07:00 -0400 symfony (4.4.19+dfsg-2) unstable; urgency=medium * Prevent user enumeration via response content [CVE-2021-21424] * typo fix: var-exporter and phpunit-bridge description -- David Prévot Thu, 13 May 2021 05:33:42 -0400 symfony (4.4.19+dfsg-1) unstable; urgency=medium [ Fabien Potencier ] * Bump license year * Update VERSION for 4.4.19 [ Nicolas Grekas ] * [ProxyManagerBridge] switch to "friendsofphp/proxy-manager-lts" [ David Prévot ] * Update gbp import-orig workflow * Verify upstream signed tag on import * Adapt dependencies and descriptions to new upstream version * Update copyright (years) -- David Prévot Wed, 27 Jan 2021 18:24:02 -0400 symfony (4.4.18+dfsg-3) unstable; urgency=medium * Declare explicit dependency on recent php-proxy-manager -- David Prévot Sun, 17 Jan 2021 14:01:23 -0400 symfony (4.4.18+dfsg-2) unstable; urgency=medium * Use Laminas instead of Zend * Drop backward compatibility for PHPUnit * Install /u/s/p/autoloaders file * Adapt tests to recent php-proxy-manager -- David Prévot Mon, 11 Jan 2021 12:14:32 -0400 symfony (4.4.18+dfsg-1) unstable; urgency=medium [ Fabien Potencier ] * Update VERSION for 4.4.18 [ Wouter de Jong ] * Added compatibility with PHPunit 9.5 [ David Prévot ] * Update homemade autoload.php -- David Prévot Sat, 19 Dec 2020 09:42:13 -0400 symfony (4.4.17+dfsg-2) unstable; urgency=medium * Use recent Doctrine\Persistence path -- David Prévot Tue, 08 Dec 2020 05:40:53 -0400 symfony (4.4.17+dfsg-1) unstable; urgency=medium [ Fabien Potencier ] * Update VERSION for 4.4.17 [ Nicolas Grekas ] * [ProxyManager] use "composer/package-versions-deprecated" [ David Prévot ] * Update watch file format version to 4. * Set upstream metadata fields: Security-Contact. * Update Standards-Version to 4.5.1 * Don’t pull useless dependency -- David Prévot Sun, 06 Dec 2020 11:10:03 -0400 symfony (4.4.14+dfsg-1) unstable; urgency=medium [ Fabien Potencier ] * Update VERSION for 4.4.14 [ David Prévot ] * Update homemade autoload.php -- David Prévot Sun, 27 Sep 2020 16:10:07 -0400 symfony (4.4.13+dfsg-1) unstable; urgency=medium [ Fabien Potencier ] * Update VERSION for 4.4.13 [ Matthias Pigulla ] * Remove headers with internal meaning from HttpClient responses [CVE-2020-15094] -- David Prévot Wed, 02 Sep 2020 07:10:45 -0400 symfony (4.4.12+dfsg-1) unstable; urgency=medium [ Fabien Potencier ] * Update VERSION for 4.4.12 [ David Prévot ] * Rename main branch to debian/bullseye (DEP-14) * Use legacy PHPUnit (8.3) assertions. We should use the PHPUnit Bridge Polyfill instead. -- David Prévot Mon, 31 Aug 2020 08:48:31 -0400 symfony (4.4.11+dfsg-2) unstable; urgency=medium * Drop workaround for PHP 7.4.5 now that 7.4.9 is in (Closes: #969075) -- David Prévot Thu, 27 Aug 2020 11:42:39 -0400 symfony (4.4.11+dfsg-1) unstable; urgency=medium [ Fabien Potencier ] * Update VERSION for 4.4.11 [ David Prévot ] * Restore +dfsg version -- David Prévot Thu, 30 Jul 2020 07:00:30 +0200 symfony (4.4.10-1) unstable; urgency=medium [ Fabien Potencier ] * updated VERSION for 4.4.10 [ David Prévot ] * [VarExporter] tfix: s/markAsSkipped/markTestSkipped/ * Set Rules-Requires-Root: no. * vulcain is not available for the testsuite -- David Prévot Tue, 14 Jul 2020 11:13:28 -0400 symfony (4.4.9-1) unstable; urgency=medium [ Fabien Potencier ] * updated VERSION for 4.4.9 [ David Prévot ] * Handle new php-symfony-polyfill-php80 dependency * Update patches for 4.4.9 testsuite -- David Prévot Sun, 31 May 2020 14:45:20 -1000 symfony (4.4.8-2) unstable; urgency=medium * Allow stderr for CI -- David Prévot Sun, 31 May 2020 03:28:40 -1000 symfony (4.4.8-1) unstable; urgency=medium [ Fabien Potencier ] * updated VERSION for 4.4.8, fixes security issues (Closes: #961415) [ Robin Chalas ] * [Security] Fix access_control behavior with unanimous decision strategy [CVE-2020-5275] [ Yonel Ceruto ] * [HttpFoundation] Do not set the default Content-Type based on the Accept header [CVE-2020-5255] [ Jérémy Derussé ] * Escape variable in Exception Template [CVE-2020-5274] [ David Prévot ] * Use debhelper-compat 13 * Simplify override_dh_auto_test * Workaround failing tests with php7.4 (Closes: #952431) -- David Prévot Wed, 27 May 2020 14:34:35 -1000 symfony (4.4.4-1) unstable; urgency=medium [ Fabien Potencier ] * updated VERSION for 4.4.4 [ Yonel Ceruto ] * Added debug argument to decide if debug page should be shown or not [CVE-2020-5275] [ David Prévot ] * Update dependency for CI (Closes: #949045) * Update copyright (years) * Update Standards-Version to 4.5.0 -- David Prévot Sun, 02 Feb 2020 07:46:16 -1000 symfony (4.4.2-1) unstable; urgency=medium * Upload LTS release to unstable [ Fabien Potencier ] * updated VERSION for 4.4.2 [ David Prévot ] * Fix include in php-symfony-twig-bridge autoload.php * Drop Mailer Bridges from autoload.php.tests.tpl (already in autoload.php) * Handle packaging in a bullseye branch * Set upstream metadata fields: Bug-Database, Repository, Repository-Browse, Bug-Submit * Update homemade overrides and autoload.php * Drop more currently failing tests -- David Prévot Sun, 22 Dec 2019 08:09:38 +1100 symfony (4.4.0~beta2-1) experimental; urgency=medium * Upload beta to experimental [ Fabien Potencier ] * updated VERSION for 4.4.0-BETA2 [ Yonel Ceruto ] * Added ErrorHandler component [ Nyholm ] * Adding .gitattributes to remove Tests directory from "dist" [ David Prévot ] * Track version 4 * Add new php-symfony-error-handler component * Update build-dependencies + Drop php-fig-link-util + Add php-guzzlehttp-promises, php-http-httplug, php-psr-link, php-twig-cssinliner-extra, php-twig-inky-extra, and php-twig-markdown-extra * Update homemade overrides and autoload.php * Update Hompage URLs to 4.4 * Handle dummy image for tests * Update images checksum and copyright * Update copyright * Document gbp import-ref usage * Drop currently broken assertions -- David Prévot Wed, 13 Nov 2019 17:27:41 -1000 symfony (4.3.8+dfsg-1) unstable; urgency=medium [ Christophe Coevoet ] * Use constant time comparison in UriSigner [CVE-2019-18887] [ Nicolas Grekas ] * [Cache] forbid serializing AbstractAdapter and TagAwareAdapter instances [CVE-2019-18889] * [VarExporter] fix exporting some strings [CVE-2019-11325] * [HttpFoundation] fix guessing mime-types of files with leading dash [CVE-2019-18888] * [Mime] fix guessing mime-types of files with leading dash [CVE-2019-18888] * [Security\Core] throw AccessDeniedException when switch user fails [CVE-2019-18886] [ Fabien Potencier ] * updated VERSION for 4.3.8 [ David Prévot ] * Track stable version for now * Update homemade overrides * Exclude whole directory -- David Prévot Wed, 13 Nov 2019 06:24:18 -1000 symfony (4.3.6+dfsg-1) unstable; urgency=medium [ Fabien Potencier ] * updated VERSION for 4.3.6 [ David Prévot ] * Update homemade overrides -- David Prévot Sat, 02 Nov 2019 00:34:40 -1000 symfony (4.3.5+dfsg-1) unstable; urgency=medium [ Fabien Potencier ] * updated VERSION for 4.3.5 [ David Prévot ] * Set upstream metadata fields: Repository. * Drop versioned dependency satisfied in (old)stable * Update Standards-Version to 4.4.1 * Don’t fail unit tests on warning * Drop test failing with PHPUnit 8.4 -- David Prévot Mon, 07 Oct 2019 16:33:02 -1000 symfony (4.3.4+dfsg-1) unstable; urgency=medium [ Fabien Potencier ] * updated VERSION for 4.3.4 [ Steve Langasek ] * Unset http proxy for autopkgtest (Closes: #934647) [ David Prévot ] * Update homemade overrides * Exclude another file for phpab * Remove obsolete fields Name, Contact from debian/upstream/metadata. * Extend d/clean for PHPUnit 8 * PHPUnit 7 compliance (from PHPUnit 8) -- David Prévot Tue, 27 Aug 2019 17:02:02 -1000 symfony (4.3.3+dfsg-3) unstable; urgency=medium * Set upstream metadata fields: Contact, Name. * Adapt files path for CI -- David Prévot Tue, 30 Jul 2019 01:19:47 -0400 symfony (4.3.3+dfsg-2) unstable; urgency=medium * Add missing dependency for CI -- David Prévot Mon, 29 Jul 2019 13:16:35 -0300 symfony (4.3.3+dfsg-1) unstable; urgency=medium [ Fabien Potencier ] * updated VERSION for 4.3.3 [ David Prévot ] * Update homemade autoload -- David Prévot Sun, 28 Jul 2019 23:35:21 -0300 symfony (4.3.2+dfsg-1) unstable; urgency=medium * Upload to unstable now that buster has been released [ Fabien Potencier ] * updated VERSION for 4.3.2 [ David Prévot ] * Update homemade autoload * Update Standards-Version to 4.4.0 -- David Prévot Fri, 19 Jul 2019 17:19:50 -0300 symfony (4.3.1+dfsg-1) experimental; urgency=medium [ Nicolas Grekas ] * Reference individual contracts packages [ Fabien Potencier ] * updated VERSION for 4.3.1 [ David Prévot ] * Update homemade autoload and overrides * Drop failing tests with recent PHP (Closes: #930003) -- David Prévot Tue, 25 Jun 2019 11:19:31 -1000 symfony (4.3.0~beta1+dfsg-1) experimental; urgency=medium [ Fabien Potencier ] * updated VERSION for 4.3.0-BETA1 [ David Prévot ] * Update homemade autoload and overrides * Update Hompage URLs for 4.3 * Update phpab template * Add new components: - php-symfony-http-client - php-symfony-mailer - php-symfony-mime * Add new php-symfony-*-mailer bridges * Update images checksums * Use php-curl, php-masterminds-html5, php-nyholm-psr7, and php-psr-http-client for tests -- David Prévot Sat, 11 May 2019 15:57:52 -1000 symfony (4.2.8+dfsg-1) experimental; urgency=medium * Upload new major upstream version to experimental [ Fabien Potencier ] * updated VERSION for 4.2.8 [ Kunal Mehta ] * Remove and replace php-symfony-polyfill-* dependencies (Closes: #821138) [ David Prévot ] * Revert "Stick to version 3" * Drop php-symfony-class-loader removed upstream * Add new php-symfony-messenger * Add new php-symfony-var-exporter * Install new var-dump-server binary * Drop php-memcache dependency, not handled upstream anymore * Add new php-symfony-contracts build-dependency * Add php-amqp build-dependency for tests * Be tolerant to duplicate definitions in tests * Update copyright for moved, updated and new images, and years * Update homemade autoload and overrides * Update Hompage URLs for 4.2 * Use debhelper-compat 12 * Update Standards-Version to 4.3.0 * Use debian/clean for directories -- David Prévot Sat, 04 May 2019 14:54:49 -1000 symfony (3.4.19+dfsg-1) unstable; urgency=medium [ Fabien Potencier ] * updated VERSION for 3.4.19 - fix the testsuite with PHP 7.3 (Closes: #914273) -- David Prévot Wed, 28 Nov 2018 15:26:40 -1000 symfony (3.4.17+dfsg-1) unstable; urgency=medium [ Fabien Potencier ] * updated VERSION for 3.4.17 [ Albert Casdemont ] * [PHPUnitBridge] Fix microtime() format [ David Prévot ] * Use https in Format -- David Prévot Sat, 06 Oct 2018 09:48:54 -1000 symfony (3.4.16+dfsg-1) unstable; urgency=medium [ Fabien Potencier ] * updated VERSION for 3.4.16 [ David Prévot ] * Use debhelper-compat 11 * Drop get-orig-source target * Update fixes with recent PHPUnit -- David Prévot Tue, 02 Oct 2018 22:54:50 -1000 symfony (3.4.15+dfsg-2) unstable; urgency=medium * Add more tests to tty group -- David Prévot Sat, 01 Sep 2018 08:09:52 -1000 symfony (3.4.15+dfsg-1) unstable; urgency=medium [ Fabien Potencier ] * updated VERSION for 3.4.15 [ David Prévot ] * Don’t fail on deprecated notice (Closes: #905425) * Update dependency override * Update Standards-Version to 4.2.1 -- David Prévot Fri, 31 Aug 2018 15:24:14 -1000 symfony (3.4.14+dfsg-1) unstable; urgency=medium * New upstream version fixing two security issues: - [CVE-2018-14773] Remove support for legacy and risky HTTP headers - [CVE-2018-14774] Possible host header injection when using HttpCache [ Fabien Potencier ] * updated VERSION for 3.4.14 [ David Prévot ] * Update dependency override * Update Standards-Version to 4.2.0 -- David Prévot Fri, 03 Aug 2018 12:52:59 +0800 symfony (3.4.13+dfsg-1) unstable; urgency=medium [ Fabien Potencier ] * updated VERSION for 3.4.13 [ David Prévot ] * Drop test currently failing on CI * Update dependency override -- David Prévot Wed, 25 Jul 2018 11:50:50 +0800 symfony (3.4.12+dfsg-1) unstable; urgency=medium * New upstream version fixing several security issues: - [CVE-2018-11385] Session Fixation Issue for Guard Authentication - [CVE-2018-11386] Denial of service when using PDOSessionHandler - [CVE-2018-11406] CSRF Token Fixation - [CVE-2018-11407] Unauthorized access on a misconfigured LDAP server when using an empty password - [CVE-2018-11408] Open redirect vulnerability on security handlers [ Fabien Potencier ] * updated VERSION for 3.4.12 [ Gert de Pagter ] * Use symfony/polyfill-ctype [ David Prévot ] * Blacklist projectservicecontainer for ci * Update dependency override * Update homemade autoload.php files for php-symfony-polyfill-ctype * Update dependency overrides * Update Standards-Version to 4.1.5 * Add php-symfony-polyfill-ctype build-dependency * Fix and workaround tests with recent PHPUnit * Drop inexistant php-mongo for Build-Conflicts (Closes: #827782) [ Daniel Bannert ] * [PHPunit] suite variable should be used (Closes: #896108) -- David Prévot Sun, 22 Jul 2018 11:29:08 +0800 symfony (3.4.6+dfsg-1) unstable; urgency=medium [ Fabien Potencier ] * updated VERSION for 3.4.6 [ David Prévot ] * Update dependency overrides * Blacklist projectservicecontainer for tests * Make sure to load SymfonyTestsListener * Move project repository to salsa.d.o * Update Standards-Version to 4.1.3 * Fix testsuite with native PHP 7.2 -- David Prévot Mon, 05 Mar 2018 16:46:15 -1000 symfony (3.4.3+dfsg-1) unstable; urgency=medium [ Fabien Potencier ] * updated VERSION for 3.4.3 [ David Prévot ] * Update versioned dependencies * Update copyright (years) -- David Prévot Sat, 06 Jan 2018 15:32:31 +0530 symfony (3.4.2+dfsg-1) unstable; urgency=medium [ Fabien Potencier ] * updated VERSION for 3.4.2 [ David Prévot ] * Update homemade autoload.php files for new suggested packages -- David Prévot Fri, 15 Dec 2017 14:28:24 -1000 symfony (3.4.1+dfsg-1) unstable; urgency=medium [ Fabien Potencier ] * updated VERSION for 3.4.1 [ David Prévot ] * Add missing dependency for ci * Update Standards-Version to 4.1.2 -- David Prévot Tue, 05 Dec 2017 16:12:52 -1000 symfony (3.4.0+dfsg-1) unstable; urgency=medium * Upload stable version to unstable [ Fabien Potencier ] * updated VERSION for 3.4.0 -- David Prévot Thu, 30 Nov 2017 14:45:36 -1000 symfony (3.4.0~rc2+dfsg-1) experimental; urgency=medium [ Fabien Potencier ] * updated VERSION for 3.4.0-RC2 [ David Prévot ] * Update versioned dependencies * Build-depend on recent phpunit * Build-Depend on php-phpdbg for the testsuite -- David Prévot Sat, 25 Nov 2017 19:52:11 -1000 symfony (3.4.0~rc1+dfsg-1) experimental; urgency=medium [ Fabien Potencier ] * updated VERSION for 3.4.0-RC1 [ David Prévot ] * Update dependency overrides * Update test patches -- David Prévot Thu, 23 Nov 2017 11:29:17 -1000 symfony (3.4.0~beta1+dfsg-1) experimental; urgency=medium [ Fabien Potencier ] * updated VERSION for 3.4.0-BETA1 [ Jérémy Derussé ] * [Lock] Re-add the Lock component in 3.4 [ David Prévot ] * Stick to version 3 * Update dependencies * Update homemade autoload.php files * Update Homepage URLs * New php-symfony-lock package * Update images licenses * Drop more tests currently failing -- David Prévot Sun, 22 Oct 2017 13:55:42 -1000 symfony (3.3.10+dfsg-1) experimental; urgency=medium [ Fabien Potencier ] * updated VERSION for 3.3.10 [ David Prévot ] * Update Standards-Version to 4.1.1 * Drop Form test currently failing -- David Prévot Tue, 10 Oct 2017 22:03:41 -1000 symfony (3.3.9+dfsg-1) experimental; urgency=medium [ Fabien Potencier ] * updated VERSION for 3.3.9 [ David Prévot ] * Update dependency overrides * Update homemade autoload.php files * Update source for new binary packages: - php-symfony-dotenv - php-symfony-web-link - php-symfony-workflow - php-symfony-web-server-bundle * Don’t ship new phpunit wrapper * Update components homepage * Install (and load) Symfony/Bundle/FullStack.php in php-symfony * Handle another way to embed SVG for copyright check * Update debian/licensing/image-checksums.dcf * Update copyright * Add new build-dependencies * Ship Test classes * Update Standards-Version to 4.1.0 * Update php-symfony-cache description * Adapt phpunit call * Add patches to workaround the lack of Composer environment for tests * Drop more tests currently failing * Drop README.Debian containing advice about using a now deprecated component -- David Prévot Fri, 22 Sep 2017 17:14:57 -1000 symfony (3.1.1+dfsg-1) experimental; urgency=medium [ Fabien Potencier ] * updated VERSION for 3.1.1 -- David Prévot Fri, 17 Jun 2016 15:11:02 -0400 symfony (3.1.0+dfsg-1) experimental; urgency=medium [ Fabien Potencier ] * updated VERSION for 3.1.0 -- David Prévot Tue, 31 May 2016 11:52:34 -0400 symfony (3.1.0~rc1+dfsg-1) experimental; urgency=medium [ Fabien Potencier ] * updated VERSION for 3.1.0-RC1 [ David Prévot ] * Add php-redis to Build-Conflicts since it requires a functional server in order to pass the test suite. -- David Prévot Sun, 29 May 2016 08:18:14 -0400 symfony (3.1.0~beta1+dfsg-1) experimental; urgency=medium [ Fabien Potencier ] * updated VERSION for 3.1.0-BETA1 [ David Prévot ] * Handle pre-releases * Adapt dependencies to updated composer.json files * Add php-symfony-cache and php-symfony-inflector * Update Homepage URLs * Update autoload.php for tests * Add php-gd as build-dependency to pass more tests * Use verbose test mode to get skipped reasons -- David Prévot Sun, 15 May 2016 16:37:21 -0400 symfony (3.0.6+dfsg-1) experimental; urgency=high [ Fabien Potencier ] * bumped Symfony version to 3.0.6 * limited the maximum length of a submitted username [CVE-2016-4423] [ Charles Sarrazin ] * Fixed issue with blank password with Ldap [CVE-2016-2403] [ David Prévot ] * Build-depend on php-apcu-bc to pass more tests -- David Prévot Wed, 11 May 2016 10:47:34 -0400 symfony (3.0.5+dfsg-1) experimental; urgency=medium [ Fabien Potencier ] * bumped Symfony version to 3.0.5 [ David Prévot ] * Update Standards-Version to 3.9.8 -- David Prévot Tue, 03 May 2016 15:10:45 -0400 symfony (3.0.4+dfsg-2) experimental; urgency=medium * Get rid of php5-symfony-debug binary extension that has been deprecated for PHP 7.0 -- Ondřej Surý Fri, 15 Apr 2016 16:44:02 +0200 symfony (3.0.4+dfsg-1) experimental; urgency=medium * Upload non-LTS version to experimental [ Fabien Potencier ] * bumped Symfony version to 3.0.4 [ David Prévot ] * Track latest stable version * Drop require-dev and tests directories from homemade static autoload.php files * Drop patch to workaround “OR-ed versions are not supported” * Install Security changelog in sub-components * Update copyright * Drop php-symfony-locale and php-symfony-swiftmailer-bridge * Update main autoload.php and build-dependencies * Update version overrides and static autoload.php files * php-symfony-security only ships a static autoload.php now * Load all Bridges for the tests -- David Prévot Sat, 02 Apr 2016 16:56:36 -0400 symfony (2.8.4+dfsg-1) unstable; urgency=medium [ Fabien Potencier ] * bumped Symfony version to 2.8.4 [ Daniel Beyer ] * Drop no longer needed patch to remove content from README.md files - Remove-content-from-README.md-files.patch [ David Prévot ] * Drop now useless upstream README * Update homemade static autoload.php * Depend on php-phpdocumentor-reflection for running more tests * Exclude group dns-sensitive -- David Prévot Thu, 31 Mar 2016 19:25:29 -0400 symfony (2.8.3+dfsg-1) unstable; urgency=medium * Upload to unstable since everything should be in place now [ Fabien Potencier ] * updated VERSION for 2.8.3 [ David Prévot ] * Explicit dependency on php5-common (Closes: #811431) * Update homemade static autoload.php * PHP 7.0 transition: - Drop some now useless php-* build-dependencies - Build with recent pkg-php-tools [ Daniel Beyer ] * Drop patch to fix broken test in VarDumper (no longer needed) - VarDumper-Fix-tests-on-PHP-7.patch [ Marco Pivetta ] * #17676 - making the proxy instantiation compatible with ProxyManager 2.x by detecting proxy features -- Daniel Beyer Tue, 22 Mar 2016 17:43:00 +0100 symfony (2.8.2+dfsg-1) experimental; urgency=medium * Upload new branch to experimental [ Fabien Potencier ] * updated VERSION for 2.8.2 [ Daniel Beyer ] * Bump Standards-Version: in d/control (no changes needed) * Remove licensing for the no longer used Glyphish icons from d/copyright * Remove license CC-BY-3.0-US from d/copyright (no longer used) * Update debian/copyright for symfony 2.8 * Add patch to fix broken test in the VarDumper component - VarDumper-Fix-tests-on-PHP-7.patch * Add patch to fix broken memcache session handler in HttpFoundation - HttpFoundation-Fix-incompatibility-with-php-memcache.patch * Use php7 for building (Closes: #814799) * Use php7 for DEP-8 (as-installed) tests * Use php5 for DEP-8 (as-installed) tests against php5-symfony-debug * Skip tests (build time and DEP-8) for component PropertyInfo * Add php-symfony-property-info * Add php-symfony-ldap * Update build and DEP-8 dependencies for Symfony 2.8 [ David Prévot ] * Add CVE entry for previous changelog entry * Use the now packaged php-random-lib (via php-symfony-polyfill-php70) instead of an embedded copy * Add php-symfony-security-{core,csrf,guard,http}, php-symfony-security is becoming almost a metapackage * Add php-symfony, almost a metapackage depending on every component, shipping upgrading notes -- David Prévot Sun, 21 Feb 2016 10:40:09 -0400 symfony (2.7.9+dfsg-1) unstable; urgency=high [ Fabien Potencier ] * updated VERSION for 2.7.9 Fix insecure fallback from SecureRandom when OpenSSL fails [CVE-2016-1902] [ Daniel Beyer ] * Drop patch to skip broken tests in the Process component (no longer needed) - Skip-broken-tests-in-Process-component.patch * Add patch to provide function random_bytes() for php 5 - Embed-paragonie-random_compat-into-the-security-comp.patch * Add a README.Debian (Closes: #806903) [ David Prévot ] * Update autoload and dependencies for php-symfony-framework-bundle * Update copyright (years) * Add copyright entry for embedded paragonie/random_compat -- David Prévot Sun, 17 Jan 2016 16:23:58 -0400 symfony (2.7.7+dfsg-1) unstable; urgency=high [ Christian Flothmann ] * Vulnerability in Security Remember-Me Service [CVE-2015-8125] - fix potential timing attack issue - mitigate CSRF timing attack vulnerability - prevent timing attacks in digest auth listener * Session Fixation in the "Remember Me" Login Feature [CVE-2015-8124] - migrate session after remember me authentication [ Fabien Potencier ] * updated VERSION for 2.7.7 [ Daniel Beyer ] * Pin debian/watch to stable 2.x releases of Symfony -- Daniel Beyer Tue, 24 Nov 2015 08:10:09 +0100 symfony (2.7.6+dfsg-1) unstable; urgency=medium [ Fabien Potencier ] * updated VERSION for 2.7.6 [ David Prévot ] * Update phpunit calls with regard to network access -- Daniel Beyer Sun, 08 Nov 2015 15:14:54 +0100 symfony (2.7.5+dfsg-1) unstable; urgency=medium [ Fabien Potencier ] * updated VERSION for 2.7.5 [ David Prévot ] * debian/control: - Drop now useless transitional dummy packages (php-symfony-classloader and php-symfony-eventdispatcher) - php5-mongo makes the tests fail, since it requires a set up MongoDB server * debian/test/control: Add missing php-doctrine-data-fixtures dependency for CI [ Daniel Beyer ] * Correct incomplete autoloading for php-symfony-asset * Run tests parallel during build time, similar to how upstream does it * Run DEP-8 (as-installed) tests parallel, similar to how upstream does it * Remove prefixed 'NNNN-'-numbering for Debian patches * Use a simplistic vendor/autoload.php to run tests during build time. This is to make sure we use the autoload.php files generated by phpab and additionally eliminates the need to generate a vendor/autoload.php using phpab during build time. Instead we use now use a symbolic link for vendor/autoload.php pointing to debian/autoload.build.php. * Include tests in autoload.php files generated by phpab * Use a simplistic vendor/autoload.php for DEP-8 (as-installed) tests. This ensures we use the autoload.php files generated by phpab during DEP-8 (as-installed) test. Additionally we no longer need to generate a vendor/autoload.php using phpab. Instead we now simply use a symbolic link for vendor/autoload.php pointing to debian/autoload.DEP-8.php. * Add new patch fixing wrong autoloader detection used by some tests - FrameworkBundle-SecurityBundle-Don-t-try-to-include-.patch * Drop temporary workaround patch (no longer needed) - Temporary-workaround.patch * Update patch to skip additional tests needing network - group-online-for-test-failing-without-network.patch * Add new patch to skip broken tests in the Process component - Skip-broken-tests-in-Process-component.patch * Provide missing meta.json for php-symfony-intl -- Daniel Beyer Fri, 02 Oct 2015 20:41:11 -0400 symfony (2.7.1+dfsg-1) unstable; urgency=medium [ Fabien Potencier ] * updated VERSION for 2.7.1 -- David Prévot Sun, 14 Jun 2015 17:15:34 -0400 symfony (2.7.0+dfsg-1) unstable; urgency=medium [ Fabien Potencier ] * updated VERSION for 2.7.0 [ David Prévot ] * Adapt minimal version in CI for unstable -- David Prévot Sun, 31 May 2015 09:36:15 -0400 symfony (2.7.0~beta2+dfsg-2) unstable; urgency=high [ Daniel Beyer ] * Add patch to fix ESI unauthorized access [CVE-2015-4050] - 0007-HttpKernel-Do-not-call-the-FragmentListener-if-_cont.patch [ David Prévot ] * Override php-symfony-security-* as php-symfony-security -- David Prévot Wed, 27 May 2015 09:05:23 -0400 symfony (2.7.0~beta2+dfsg-1) unstable; urgency=medium [ Fabien Potencier ] * updated VERSION for 2.7.0-BETA2 [ David Prévot ] * Use HTTPS for homepage * Adapt minimal versions to unstable, and upload to unstble -- David Prévot Mon, 18 May 2015 23:00:16 -0400 symfony (2.7.0~beta1+dfsg-1) experimental; urgency=medium [ Fabien Potencier ] * [Asset] added the component * removed Propel bridge from Symfony Core * updated VERSION for 2.7.0-BETA1 [ Nicolas Grekas ] * [PhpUnitBridge] new bridge for testing with PHPUnit [ David Prévot ] * Add php-symfony-asset * Add php-symfony-phpunit-bridge * Remove php-symfony-propel1-bridge * Provide php5-symfony-debug extension * Provide homemade autoload.php for all Composer packages * Drop extension sources from php-symfony-debug * Drop php-symfony2-yaml reference * Bump minimal php-twig version as needed for tests [ Daniel Beyer ] * Add SVG support to the image license checker * Update copyright (year) of the image license checker script * Update debian/copyright for symfony 2.7 -- David Prévot Mon, 13 Apr 2015 18:26:01 -0400 symfony (2.6.6+dfsg-1) experimental; urgency=medium [ Fabien Potencier ] * updated VERSION for 2.6.6 [ David Prévot ] * Correct FTBFS fix attribution in previous changelog entry [ Nicolas Grekas ] * Safe escaping of fragments for eval() [ James Gilliland ] * isFromTrustedProxy to confirm request came from a trusted proxy. -- David Prévot Wed, 01 Apr 2015 16:34:09 -0400 symfony (2.6.4+dfsg-1) experimental; urgency=low * Upload to experimental to respect the freeze * Provide new binary packages: - php-symfony-debug-bundle - php-symfony-expression-language - php-symfony-var-dumper [ Daniel Beyer ] * Validate that all new images and icons are properly licensed. * Let php-symfony-security provide 4 new versioned virtual packages - php-symfony-security-acl - php-symfony-security-core - php-symfony-security-csrf - php-symfony-security-http * Add new build-dependencies needed for tests - php-doctrine-bundle - php-email-validator - php5-sqlite * Update patches (add proper Symfony prefix in vendor/autoload.php) - 0001-Add-a-vendor-autoload.php-needed-to-run-tests-during.patch - DEP-8/Use-installed-class-for-DEP-8-tests.patch * Add pkg-php-tools-overrides for egulias/email-validator * Fix FTBFS as in 2.3 (Closes: #775625) [ David Prévot ] * Track latest version in debian/watch * New upstream version * Provide a get-orig-source target * Update copyright (years) * Workaround “OR-ed versions are not supported” * Use recent php-proxy-manager and phpunit for tests * Update dependencies for DEP-8 tests -- David Prévot Fri, 06 Feb 2015 14:28:33 -0400 symfony (2.3.21+dfsg-1) unstable; urgency=low * New upstream version * Update build-dependencies (add php5-intl, drop php-symfony-icu and icu-devtools) * Exclude tests of type intl-data -- Daniel Beyer Sun, 26 Oct 2014 17:08:18 +0100 symfony (2.3.20+dfsg-1) unstable; urgency=low [ Daniel Beyer ] * New upstream version. * Drop patches (adopted upstream) - 0001-SwiftmailerBridge-Bump-allowed-versions-of-swiftmail.patch - 0004-Finder-Escape-location-for-regex-searches.patch * Fix DEP-8 tests failing if no tty is present [ David Prévot ] * Use repacksuffix feature of uscan -- Daniel Beyer Sat, 11 Oct 2014 01:44:50 +0200 symfony (2.3.19+dfsg-1) unstable; urgency=low * Initial release. (Closes: #513646) -- Daniel Beyer Sun, 07 Sep 2014 18:34:19 +0200