symfony (4.4.19+dfsg-2+deb11u6) bullseye; urgency=medium
* Fix homemade autoload (Closes: #1078843, #1078838, #1078837, #1078836)
* Skip failing test with library loaded from system path
-- David Prévot <taffit@debian.org> Sat, 17 Aug 2024 07:41:44 +0200
symfony (4.4.19+dfsg-2+deb11u5) bullseye; urgency=medium
* make sure that the submitted year is an accepted choice (Closes: #1061033)
* Force system dependencies loading
-- David Prévot <taffit@debian.org> Sun, 18 Feb 2024 10:59:51 +0100
symfony (4.4.19+dfsg-2+deb11u4) bullseye; urgency=medium
* [Mime] regenerate test certificates (Closes: #1034854)
* Backport security fix from Symfony 4.4.51
- [TwigBridge] Ensure CodeExtension's filters properly escape their input
[CVE-2023-46734] (Closes: #1055774)
-- David Prévot <taffit@debian.org> Sat, 11 Nov 2023 19:09:20 +0100
symfony (4.4.19+dfsg-2+deb11u3) bullseye; urgency=medium
* Drop dependency bump.
Thanks to Paul Gevers <elbrus@debian.org>
-- David Prévot <taffit@debian.org> Mon, 27 Feb 2023 23:05:34 +0100
symfony (4.4.19+dfsg-2+deb11u2) bullseye; urgency=medium
* Backport security fixes from Symfony 4.4.50
- [HttpKernel] Remove private headers before storing responses with
HttpCache [CVE-2022-24894]
- [Security/Http] Remove CSRF tokens from storage on successful login
[CVE-2022-24895]
-- David Prévot <taffit@debian.org> Wed, 01 Feb 2023 19:38:41 +0100
symfony (4.4.19+dfsg-2+deb11u1) bullseye; urgency=medium
* Prevent CSV injection via formulas [CVE-2021-41270]
-- David Prévot <taffit@debian.org> Wed, 24 Nov 2021 06:07:00 -0400
symfony (4.4.19+dfsg-2) unstable; urgency=medium
* Prevent user enumeration via response content [CVE-2021-21424]
* typo fix: var-exporter and phpunit-bridge description
-- David Prévot <taffit@debian.org> Thu, 13 May 2021 05:33:42 -0400
symfony (4.4.19+dfsg-1) unstable; urgency=medium
[ Fabien Potencier ]
* Bump license year
* Update VERSION for 4.4.19
[ Nicolas Grekas ]
* [ProxyManagerBridge] switch to "friendsofphp/proxy-manager-lts"
[ David Prévot ]
* Update gbp import-orig workflow
* Verify upstream signed tag on import
* Adapt dependencies and descriptions to new upstream version
* Update copyright (years)
-- David Prévot <taffit@debian.org> Wed, 27 Jan 2021 18:24:02 -0400
symfony (4.4.18+dfsg-3) unstable; urgency=medium
* Declare explicit dependency on recent php-proxy-manager
-- David Prévot <taffit@debian.org> Sun, 17 Jan 2021 14:01:23 -0400
symfony (4.4.18+dfsg-2) unstable; urgency=medium
* Use Laminas instead of Zend
* Drop backward compatibility for PHPUnit
* Install /u/s/p/autoloaders file
* Adapt tests to recent php-proxy-manager
-- David Prévot <taffit@debian.org> Mon, 11 Jan 2021 12:14:32 -0400
symfony (4.4.18+dfsg-1) unstable; urgency=medium
[ Fabien Potencier ]
* Update VERSION for 4.4.18
[ Wouter de Jong ]
* Added compatibility with PHPunit 9.5
[ David Prévot ]
* Update homemade autoload.php
-- David Prévot <taffit@debian.org> Sat, 19 Dec 2020 09:42:13 -0400
symfony (4.4.17+dfsg-2) unstable; urgency=medium
* Use recent Doctrine\Persistence path
-- David Prévot <taffit@debian.org> Tue, 08 Dec 2020 05:40:53 -0400
symfony (4.4.17+dfsg-1) unstable; urgency=medium
[ Fabien Potencier ]
* Update VERSION for 4.4.17
[ Nicolas Grekas ]
* [ProxyManager] use "composer/package-versions-deprecated"
[ David Prévot ]
* Update watch file format version to 4.
* Set upstream metadata fields: Security-Contact.
* Update Standards-Version to 4.5.1
* Don’t pull useless dependency
-- David Prévot <taffit@debian.org> Sun, 06 Dec 2020 11:10:03 -0400
symfony (4.4.14+dfsg-1) unstable; urgency=medium
[ Fabien Potencier ]
* Update VERSION for 4.4.14
[ David Prévot ]
* Update homemade autoload.php
-- David Prévot <taffit@debian.org> Sun, 27 Sep 2020 16:10:07 -0400
symfony (4.4.13+dfsg-1) unstable; urgency=medium
[ Fabien Potencier ]
* Update VERSION for 4.4.13
[ Matthias Pigulla ]
* Remove headers with internal meaning from HttpClient responses
[CVE-2020-15094]
-- David Prévot <taffit@debian.org> Wed, 02 Sep 2020 07:10:45 -0400
symfony (4.4.12+dfsg-1) unstable; urgency=medium
[ Fabien Potencier ]
* Update VERSION for 4.4.12
[ David Prévot ]
* Rename main branch to debian/bullseye (DEP-14)
* Use legacy PHPUnit (8.3) assertions.
We should use the PHPUnit Bridge Polyfill instead.
-- David Prévot <taffit@debian.org> Mon, 31 Aug 2020 08:48:31 -0400
symfony (4.4.11+dfsg-2) unstable; urgency=medium
* Drop workaround for PHP 7.4.5 now that 7.4.9 is in (Closes: #969075)
-- David Prévot <taffit@debian.org> Thu, 27 Aug 2020 11:42:39 -0400
symfony (4.4.11+dfsg-1) unstable; urgency=medium
[ Fabien Potencier ]
* Update VERSION for 4.4.11
[ David Prévot ]
* Restore +dfsg version
-- David Prévot <taffit@debian.org> Thu, 30 Jul 2020 07:00:30 +0200
symfony (4.4.10-1) unstable; urgency=medium
[ Fabien Potencier ]
* updated VERSION for 4.4.10
[ David Prévot ]
* [VarExporter] tfix: s/markAsSkipped/markTestSkipped/
* Set Rules-Requires-Root: no.
* vulcain is not available for the testsuite
-- David Prévot <taffit@debian.org> Tue, 14 Jul 2020 11:13:28 -0400
symfony (4.4.9-1) unstable; urgency=medium
[ Fabien Potencier ]
* updated VERSION for 4.4.9
[ David Prévot ]
* Handle new php-symfony-polyfill-php80 dependency
* Update patches for 4.4.9 testsuite
-- David Prévot <taffit@debian.org> Sun, 31 May 2020 14:45:20 -1000
symfony (4.4.8-2) unstable; urgency=medium
* Allow stderr for CI
-- David Prévot <taffit@debian.org> Sun, 31 May 2020 03:28:40 -1000
symfony (4.4.8-1) unstable; urgency=medium
[ Fabien Potencier ]
* updated VERSION for 4.4.8, fixes security issues (Closes: #961415)
[ Robin Chalas ]
* [Security] Fix access_control behavior with unanimous decision strategy
[CVE-2020-5275]
[ Yonel Ceruto ]
* [HttpFoundation] Do not set the default Content-Type based on the Accept
header [CVE-2020-5255]
[ Jérémy Derussé ]
* Escape variable in Exception Template [CVE-2020-5274]
[ David Prévot ]
* Use debhelper-compat 13
* Simplify override_dh_auto_test
* Workaround failing tests with php7.4 (Closes: #952431)
-- David Prévot <taffit@debian.org> Wed, 27 May 2020 14:34:35 -1000
symfony (4.4.4-1) unstable; urgency=medium
[ Fabien Potencier ]
* updated VERSION for 4.4.4
[ Yonel Ceruto ]
* Added debug argument to decide if debug page should be shown or not
[CVE-2020-5275]
[ David Prévot ]
* Update dependency for CI (Closes: #949045)
* Update copyright (years)
* Update Standards-Version to 4.5.0
-- David Prévot <taffit@debian.org> Sun, 02 Feb 2020 07:46:16 -1000
symfony (4.4.2-1) unstable; urgency=medium
* Upload LTS release to unstable
[ Fabien Potencier ]
* updated VERSION for 4.4.2
[ David Prévot ]
* Fix include in php-symfony-twig-bridge autoload.php
* Drop Mailer Bridges from autoload.php.tests.tpl (already in autoload.php)
* Handle packaging in a bullseye branch
* Set upstream metadata fields:
Bug-Database, Repository, Repository-Browse, Bug-Submit
* Update homemade overrides and autoload.php
* Drop more currently failing tests
-- David Prévot <taffit@debian.org> Sun, 22 Dec 2019 08:09:38 +1100
symfony (4.4.0~beta2-1) experimental; urgency=medium
* Upload beta to experimental
[ Fabien Potencier ]
* updated VERSION for 4.4.0-BETA2
[ Yonel Ceruto ]
* Added ErrorHandler component
[ Nyholm ]
* Adding .gitattributes to remove Tests directory from "dist"
[ David Prévot ]
* Track version 4
* Add new php-symfony-error-handler component
* Update build-dependencies
+ Drop php-fig-link-util
+ Add php-guzzlehttp-promises, php-http-httplug, php-psr-link,
php-twig-cssinliner-extra, php-twig-inky-extra, and
php-twig-markdown-extra
* Update homemade overrides and autoload.php
* Update Hompage URLs to 4.4
* Handle dummy image for tests
* Update images checksum and copyright
* Update copyright
* Document gbp import-ref usage
* Drop currently broken assertions
-- David Prévot <taffit@debian.org> Wed, 13 Nov 2019 17:27:41 -1000
symfony (4.3.8+dfsg-1) unstable; urgency=medium
[ Christophe Coevoet ]
* Use constant time comparison in UriSigner [CVE-2019-18887]
[ Nicolas Grekas ]
* [Cache] forbid serializing AbstractAdapter and TagAwareAdapter instances
[CVE-2019-18889]
* [VarExporter] fix exporting some strings [CVE-2019-11325]
* [HttpFoundation] fix guessing mime-types of files with leading dash
[CVE-2019-18888]
* [Mime] fix guessing mime-types of files with leading dash [CVE-2019-18888]
* [Security\Core] throw AccessDeniedException when switch user fails
[CVE-2019-18886]
[ Fabien Potencier ]
* updated VERSION for 4.3.8
[ David Prévot ]
* Track stable version for now
* Update homemade overrides
* Exclude whole directory
-- David Prévot <taffit@debian.org> Wed, 13 Nov 2019 06:24:18 -1000
symfony (4.3.6+dfsg-1) unstable; urgency=medium
[ Fabien Potencier ]
* updated VERSION for 4.3.6
[ David Prévot ]
* Update homemade overrides
-- David Prévot <taffit@debian.org> Sat, 02 Nov 2019 00:34:40 -1000
symfony (4.3.5+dfsg-1) unstable; urgency=medium
[ Fabien Potencier ]
* updated VERSION for 4.3.5
[ David Prévot ]
* Set upstream metadata fields: Repository.
* Drop versioned dependency satisfied in (old)stable
* Update Standards-Version to 4.4.1
* Don’t fail unit tests on warning
* Drop test failing with PHPUnit 8.4
-- David Prévot <taffit@debian.org> Mon, 07 Oct 2019 16:33:02 -1000
symfony (4.3.4+dfsg-1) unstable; urgency=medium
[ Fabien Potencier ]
* updated VERSION for 4.3.4
[ Steve Langasek ]
* Unset http proxy for autopkgtest (Closes: #934647)
[ David Prévot ]
* Update homemade overrides
* Exclude another file for phpab
* Remove obsolete fields Name, Contact from debian/upstream/metadata.
* Extend d/clean for PHPUnit 8
* PHPUnit 7 compliance (from PHPUnit 8)
-- David Prévot <taffit@debian.org> Tue, 27 Aug 2019 17:02:02 -1000
symfony (4.3.3+dfsg-3) unstable; urgency=medium
* Set upstream metadata fields: Contact, Name.
* Adapt files path for CI
-- David Prévot <taffit@debian.org> Tue, 30 Jul 2019 01:19:47 -0400
symfony (4.3.3+dfsg-2) unstable; urgency=medium
* Add missing dependency for CI
-- David Prévot <taffit@debian.org> Mon, 29 Jul 2019 13:16:35 -0300
symfony (4.3.3+dfsg-1) unstable; urgency=medium
[ Fabien Potencier ]
* updated VERSION for 4.3.3
[ David Prévot ]
* Update homemade autoload
-- David Prévot <taffit@debian.org> Sun, 28 Jul 2019 23:35:21 -0300
symfony (4.3.2+dfsg-1) unstable; urgency=medium
* Upload to unstable now that buster has been released
[ Fabien Potencier ]
* updated VERSION for 4.3.2
[ David Prévot ]
* Update homemade autoload
* Update Standards-Version to 4.4.0
-- David Prévot <taffit@debian.org> Fri, 19 Jul 2019 17:19:50 -0300
symfony (4.3.1+dfsg-1) experimental; urgency=medium
[ Nicolas Grekas ]
* Reference individual contracts packages
[ Fabien Potencier ]
* updated VERSION for 4.3.1
[ David Prévot ]
* Update homemade autoload and overrides
* Drop failing tests with recent PHP (Closes: #930003)
-- David Prévot <taffit@debian.org> Tue, 25 Jun 2019 11:19:31 -1000
symfony (4.3.0~beta1+dfsg-1) experimental; urgency=medium
[ Fabien Potencier ]
* updated VERSION for 4.3.0-BETA1
[ David Prévot ]
* Update homemade autoload and overrides
* Update Hompage URLs for 4.3
* Update phpab template
* Add new components:
- php-symfony-http-client
- php-symfony-mailer
- php-symfony-mime
* Add new php-symfony-*-mailer bridges
* Update images checksums
* Use php-curl, php-masterminds-html5, php-nyholm-psr7, and
php-psr-http-client for tests
-- David Prévot <taffit@debian.org> Sat, 11 May 2019 15:57:52 -1000
symfony (4.2.8+dfsg-1) experimental; urgency=medium
* Upload new major upstream version to experimental
[ Fabien Potencier ]
* updated VERSION for 4.2.8
[ Kunal Mehta ]
* Remove and replace php-symfony-polyfill-* dependencies (Closes: #821138)
[ David Prévot ]
* Revert "Stick to version 3"
* Drop php-symfony-class-loader removed upstream
* Add new php-symfony-messenger
* Add new php-symfony-var-exporter
* Install new var-dump-server binary
* Drop php-memcache dependency, not handled upstream anymore
* Add new php-symfony-contracts build-dependency
* Add php-amqp build-dependency for tests
* Be tolerant to duplicate definitions in tests
* Update copyright for moved, updated and new images, and years
* Update homemade autoload and overrides
* Update Hompage URLs for 4.2
* Use debhelper-compat 12
* Update Standards-Version to 4.3.0
* Use debian/clean for directories
-- David Prévot <taffit@debian.org> Sat, 04 May 2019 14:54:49 -1000
symfony (3.4.19+dfsg-1) unstable; urgency=medium
[ Fabien Potencier ]
* updated VERSION for 3.4.19
- fix the testsuite with PHP 7.3 (Closes: #914273)
-- David Prévot <taffit@debian.org> Wed, 28 Nov 2018 15:26:40 -1000
symfony (3.4.17+dfsg-1) unstable; urgency=medium
[ Fabien Potencier ]
* updated VERSION for 3.4.17
[ Albert Casdemont ]
* [PHPUnitBridge] Fix microtime() format
[ David Prévot ]
* Use https in Format
-- David Prévot <taffit@debian.org> Sat, 06 Oct 2018 09:48:54 -1000
symfony (3.4.16+dfsg-1) unstable; urgency=medium
[ Fabien Potencier ]
* updated VERSION for 3.4.16
[ David Prévot ]
* Use debhelper-compat 11
* Drop get-orig-source target
* Update fixes with recent PHPUnit
-- David Prévot <taffit@debian.org> Tue, 02 Oct 2018 22:54:50 -1000
symfony (3.4.15+dfsg-2) unstable; urgency=medium
* Add more tests to tty group
-- David Prévot <taffit@debian.org> Sat, 01 Sep 2018 08:09:52 -1000
symfony (3.4.15+dfsg-1) unstable; urgency=medium
[ Fabien Potencier ]
* updated VERSION for 3.4.15
[ David Prévot ]
* Don’t fail on deprecated notice (Closes: #905425)
* Update dependency override
* Update Standards-Version to 4.2.1
-- David Prévot <taffit@debian.org> Fri, 31 Aug 2018 15:24:14 -1000
symfony (3.4.14+dfsg-1) unstable; urgency=medium
* New upstream version fixing two security issues:
- [CVE-2018-14773] Remove support for legacy and risky HTTP headers
- [CVE-2018-14774] Possible host header injection when using HttpCache
[ Fabien Potencier ]
* updated VERSION for 3.4.14
[ David Prévot ]
* Update dependency override
* Update Standards-Version to 4.2.0
-- David Prévot <taffit@debian.org> Fri, 03 Aug 2018 12:52:59 +0800
symfony (3.4.13+dfsg-1) unstable; urgency=medium
[ Fabien Potencier ]
* updated VERSION for 3.4.13
[ David Prévot ]
* Drop test currently failing on CI
* Update dependency override
-- David Prévot <taffit@debian.org> Wed, 25 Jul 2018 11:50:50 +0800
symfony (3.4.12+dfsg-1) unstable; urgency=medium
* New upstream version fixing several security issues:
- [CVE-2018-11385] Session Fixation Issue for Guard Authentication
- [CVE-2018-11386] Denial of service when using PDOSessionHandler
- [CVE-2018-11406] CSRF Token Fixation
- [CVE-2018-11407] Unauthorized access on a misconfigured LDAP
server when using an empty password
- [CVE-2018-11408] Open redirect vulnerability on security handlers
[ Fabien Potencier ]
* updated VERSION for 3.4.12
[ Gert de Pagter ]
* Use symfony/polyfill-ctype
[ David Prévot ]
* Blacklist projectservicecontainer for ci
* Update dependency override
* Update homemade autoload.php files for php-symfony-polyfill-ctype
* Update dependency overrides
* Update Standards-Version to 4.1.5
* Add php-symfony-polyfill-ctype build-dependency
* Fix and workaround tests with recent PHPUnit
* Drop inexistant php-mongo for Build-Conflicts (Closes: #827782)
[ Daniel Bannert ]
* [PHPunit] suite variable should be used (Closes: #896108)
-- David Prévot <taffit@debian.org> Sun, 22 Jul 2018 11:29:08 +0800
symfony (3.4.6+dfsg-1) unstable; urgency=medium
[ Fabien Potencier ]
* updated VERSION for 3.4.6
[ David Prévot ]
* Update dependency overrides
* Blacklist projectservicecontainer for tests
* Make sure to load SymfonyTestsListener
* Move project repository to salsa.d.o
* Update Standards-Version to 4.1.3
* Fix testsuite with native PHP 7.2
-- David Prévot <taffit@debian.org> Mon, 05 Mar 2018 16:46:15 -1000
symfony (3.4.3+dfsg-1) unstable; urgency=medium
[ Fabien Potencier ]
* updated VERSION for 3.4.3
[ David Prévot ]
* Update versioned dependencies
* Update copyright (years)
-- David Prévot <taffit@debian.org> Sat, 06 Jan 2018 15:32:31 +0530
symfony (3.4.2+dfsg-1) unstable; urgency=medium
[ Fabien Potencier ]
* updated VERSION for 3.4.2
[ David Prévot ]
* Update homemade autoload.php files for new suggested packages
-- David Prévot <taffit@debian.org> Fri, 15 Dec 2017 14:28:24 -1000
symfony (3.4.1+dfsg-1) unstable; urgency=medium
[ Fabien Potencier ]
* updated VERSION for 3.4.1
[ David Prévot ]
* Add missing dependency for ci
* Update Standards-Version to 4.1.2
-- David Prévot <taffit@debian.org> Tue, 05 Dec 2017 16:12:52 -1000
symfony (3.4.0+dfsg-1) unstable; urgency=medium
* Upload stable version to unstable
[ Fabien Potencier ]
* updated VERSION for 3.4.0
-- David Prévot <taffit@debian.org> Thu, 30 Nov 2017 14:45:36 -1000
symfony (3.4.0~rc2+dfsg-1) experimental; urgency=medium
[ Fabien Potencier ]
* updated VERSION for 3.4.0-RC2
[ David Prévot ]
* Update versioned dependencies
* Build-depend on recent phpunit
* Build-Depend on php-phpdbg for the testsuite
-- David Prévot <taffit@debian.org> Sat, 25 Nov 2017 19:52:11 -1000
symfony (3.4.0~rc1+dfsg-1) experimental; urgency=medium
[ Fabien Potencier ]
* updated VERSION for 3.4.0-RC1
[ David Prévot ]
* Update dependency overrides
* Update test patches
-- David Prévot <taffit@debian.org> Thu, 23 Nov 2017 11:29:17 -1000
symfony (3.4.0~beta1+dfsg-1) experimental; urgency=medium
[ Fabien Potencier ]
* updated VERSION for 3.4.0-BETA1
[ Jérémy Derussé ]
* [Lock] Re-add the Lock component in 3.4
[ David Prévot ]
* Stick to version 3
* Update dependencies
* Update homemade autoload.php files
* Update Homepage URLs
* New php-symfony-lock package
* Update images licenses
* Drop more tests currently failing
-- David Prévot <taffit@debian.org> Sun, 22 Oct 2017 13:55:42 -1000
symfony (3.3.10+dfsg-1) experimental; urgency=medium
[ Fabien Potencier ]
* updated VERSION for 3.3.10
[ David Prévot ]
* Update Standards-Version to 4.1.1
* Drop Form test currently failing
-- David Prévot <taffit@debian.org> Tue, 10 Oct 2017 22:03:41 -1000
symfony (3.3.9+dfsg-1) experimental; urgency=medium
[ Fabien Potencier ]
* updated VERSION for 3.3.9
[ David Prévot ]
* Update dependency overrides
* Update homemade autoload.php files
* Update source for new binary packages:
- php-symfony-dotenv
- php-symfony-web-link
- php-symfony-workflow
- php-symfony-web-server-bundle
* Don’t ship new phpunit wrapper
* Update components homepage
* Install (and load) Symfony/Bundle/FullStack.php in php-symfony
* Handle another way to embed SVG for copyright check
* Update debian/licensing/image-checksums.dcf
* Update copyright
* Add new build-dependencies
* Ship Test classes
* Update Standards-Version to 4.1.0
* Update php-symfony-cache description
* Adapt phpunit call
* Add patches to workaround the lack of Composer environment for tests
* Drop more tests currently failing
* Drop README.Debian containing advice about using a now deprecated component
-- David Prévot <taffit@debian.org> Fri, 22 Sep 2017 17:14:57 -1000
symfony (3.1.1+dfsg-1) experimental; urgency=medium
[ Fabien Potencier ]
* updated VERSION for 3.1.1
-- David Prévot <taffit@debian.org> Fri, 17 Jun 2016 15:11:02 -0400
symfony (3.1.0+dfsg-1) experimental; urgency=medium
[ Fabien Potencier ]
* updated VERSION for 3.1.0
-- David Prévot <taffit@debian.org> Tue, 31 May 2016 11:52:34 -0400
symfony (3.1.0~rc1+dfsg-1) experimental; urgency=medium
[ Fabien Potencier ]
* updated VERSION for 3.1.0-RC1
[ David Prévot ]
* Add php-redis to Build-Conflicts since it requires a functional server
in order to pass the test suite.
-- David Prévot <taffit@debian.org> Sun, 29 May 2016 08:18:14 -0400
symfony (3.1.0~beta1+dfsg-1) experimental; urgency=medium
[ Fabien Potencier ]
* updated VERSION for 3.1.0-BETA1
[ David Prévot ]
* Handle pre-releases
* Adapt dependencies to updated composer.json files
* Add php-symfony-cache and php-symfony-inflector
* Update Homepage URLs
* Update autoload.php for tests
* Add php-gd as build-dependency to pass more tests
* Use verbose test mode to get skipped reasons
-- David Prévot <taffit@debian.org> Sun, 15 May 2016 16:37:21 -0400
symfony (3.0.6+dfsg-1) experimental; urgency=high
[ Fabien Potencier ]
* bumped Symfony version to 3.0.6
* limited the maximum length of a submitted username [CVE-2016-4423]
[ Charles Sarrazin ]
* Fixed issue with blank password with Ldap [CVE-2016-2403]
[ David Prévot ]
* Build-depend on php-apcu-bc to pass more tests
-- David Prévot <taffit@debian.org> Wed, 11 May 2016 10:47:34 -0400
symfony (3.0.5+dfsg-1) experimental; urgency=medium
[ Fabien Potencier ]
* bumped Symfony version to 3.0.5
[ David Prévot ]
* Update Standards-Version to 3.9.8
-- David Prévot <taffit@debian.org> Tue, 03 May 2016 15:10:45 -0400
symfony (3.0.4+dfsg-2) experimental; urgency=medium
* Get rid of php5-symfony-debug binary extension that has been
deprecated for PHP 7.0
-- Ondřej Surý <ondrej@debian.org> Fri, 15 Apr 2016 16:44:02 +0200
symfony (3.0.4+dfsg-1) experimental; urgency=medium
* Upload non-LTS version to experimental
[ Fabien Potencier ]
* bumped Symfony version to 3.0.4
[ David Prévot ]
* Track latest stable version
* Drop require-dev and tests directories from homemade static
autoload.php files
* Drop patch to workaround “OR-ed versions are not supported”
* Install Security changelog in sub-components
* Update copyright
* Drop php-symfony-locale and php-symfony-swiftmailer-bridge
* Update main autoload.php and build-dependencies
* Update version overrides and static autoload.php files
* php-symfony-security only ships a static autoload.php now
* Load all Bridges for the tests
-- David Prévot <taffit@debian.org> Sat, 02 Apr 2016 16:56:36 -0400
symfony (2.8.4+dfsg-1) unstable; urgency=medium
[ Fabien Potencier ]
* bumped Symfony version to 2.8.4
[ Daniel Beyer ]
* Drop no longer needed patch to remove content from README.md files
- Remove-content-from-README.md-files.patch
[ David Prévot ]
* Drop now useless upstream README
* Update homemade static autoload.php
* Depend on php-phpdocumentor-reflection for running more tests
* Exclude group dns-sensitive
-- David Prévot <taffit@debian.org> Thu, 31 Mar 2016 19:25:29 -0400
symfony (2.8.3+dfsg-1) unstable; urgency=medium
* Upload to unstable since everything should be in place now
[ Fabien Potencier ]
* updated VERSION for 2.8.3
[ David Prévot ]
* Explicit dependency on php5-common (Closes: #811431)
* Update homemade static autoload.php
* PHP 7.0 transition:
- Drop some now useless php-* build-dependencies
- Build with recent pkg-php-tools
[ Daniel Beyer ]
* Drop patch to fix broken test in VarDumper (no longer needed)
- VarDumper-Fix-tests-on-PHP-7.patch
[ Marco Pivetta ]
* #17676 - making the proxy instantiation compatible with ProxyManager 2.x
by detecting proxy features
-- Daniel Beyer <dabe@deb.ymc.ch> Tue, 22 Mar 2016 17:43:00 +0100
symfony (2.8.2+dfsg-1) experimental; urgency=medium
* Upload new branch to experimental
[ Fabien Potencier ]
* updated VERSION for 2.8.2
[ Daniel Beyer ]
* Bump Standards-Version: in d/control (no changes needed)
* Remove licensing for the no longer used Glyphish icons from d/copyright
* Remove license CC-BY-3.0-US from d/copyright (no longer used)
* Update debian/copyright for symfony 2.8
* Add patch to fix broken test in the VarDumper component
- VarDumper-Fix-tests-on-PHP-7.patch
* Add patch to fix broken memcache session handler in HttpFoundation
- HttpFoundation-Fix-incompatibility-with-php-memcache.patch
* Use php7 for building (Closes: #814799)
* Use php7 for DEP-8 (as-installed) tests
* Use php5 for DEP-8 (as-installed) tests against php5-symfony-debug
* Skip tests (build time and DEP-8) for component PropertyInfo
* Add php-symfony-property-info
* Add php-symfony-ldap
* Update build and DEP-8 dependencies for Symfony 2.8
[ David Prévot ]
* Add CVE entry for previous changelog entry
* Use the now packaged php-random-lib (via php-symfony-polyfill-php70)
instead of an embedded copy
* Add php-symfony-security-{core,csrf,guard,http}, php-symfony-security is
becoming almost a metapackage
* Add php-symfony, almost a metapackage depending on every component,
shipping upgrading notes
-- David Prévot <taffit@debian.org> Sun, 21 Feb 2016 10:40:09 -0400
symfony (2.7.9+dfsg-1) unstable; urgency=high
[ Fabien Potencier ]
* updated VERSION for 2.7.9
Fix insecure fallback from SecureRandom when OpenSSL fails [CVE-2016-1902]
[ Daniel Beyer ]
* Drop patch to skip broken tests in the Process component (no longer needed)
- Skip-broken-tests-in-Process-component.patch
* Add patch to provide function random_bytes() for php 5
- Embed-paragonie-random_compat-into-the-security-comp.patch
* Add a README.Debian (Closes: #806903)
[ David Prévot ]
* Update autoload and dependencies for php-symfony-framework-bundle
* Update copyright (years)
* Add copyright entry for embedded paragonie/random_compat
-- David Prévot <taffit@debian.org> Sun, 17 Jan 2016 16:23:58 -0400
symfony (2.7.7+dfsg-1) unstable; urgency=high
[ Christian Flothmann ]
* Vulnerability in Security Remember-Me Service [CVE-2015-8125]
- fix potential timing attack issue
- mitigate CSRF timing attack vulnerability
- prevent timing attacks in digest auth listener
* Session Fixation in the "Remember Me" Login Feature [CVE-2015-8124]
- migrate session after remember me authentication
[ Fabien Potencier ]
* updated VERSION for 2.7.7
[ Daniel Beyer ]
* Pin debian/watch to stable 2.x releases of Symfony
-- Daniel Beyer <dabe@deb.ymc.ch> Tue, 24 Nov 2015 08:10:09 +0100
symfony (2.7.6+dfsg-1) unstable; urgency=medium
[ Fabien Potencier ]
* updated VERSION for 2.7.6
[ David Prévot ]
* Update phpunit calls with regard to network access
-- Daniel Beyer <dabe@deb.ymc.ch> Sun, 08 Nov 2015 15:14:54 +0100
symfony (2.7.5+dfsg-1) unstable; urgency=medium
[ Fabien Potencier ]
* updated VERSION for 2.7.5
[ David Prévot ]
* debian/control:
- Drop now useless transitional dummy packages
(php-symfony-classloader and php-symfony-eventdispatcher)
- php5-mongo makes the tests fail, since it requires a set up
MongoDB server
* debian/test/control: Add missing php-doctrine-data-fixtures
dependency for CI
[ Daniel Beyer ]
* Correct incomplete autoloading for php-symfony-asset
* Run tests parallel during build time, similar to how upstream does it
* Run DEP-8 (as-installed) tests parallel, similar to how upstream does it
* Remove prefixed 'NNNN-'-numbering for Debian patches
* Use a simplistic vendor/autoload.php to run tests during build time.
This is to make sure we use the autoload.php files generated by phpab
and additionally eliminates the need to generate a vendor/autoload.php
using phpab during build time. Instead we use now use a symbolic link
for vendor/autoload.php pointing to debian/autoload.build.php.
* Include tests in autoload.php files generated by phpab
* Use a simplistic vendor/autoload.php for DEP-8 (as-installed) tests.
This ensures we use the autoload.php files generated by phpab during
DEP-8 (as-installed) test. Additionally we no longer need to generate
a vendor/autoload.php using phpab. Instead we now simply use a symbolic
link for vendor/autoload.php pointing to debian/autoload.DEP-8.php.
* Add new patch fixing wrong autoloader detection used by some tests
- FrameworkBundle-SecurityBundle-Don-t-try-to-include-.patch
* Drop temporary workaround patch (no longer needed)
- Temporary-workaround.patch
* Update patch to skip additional tests needing network
- group-online-for-test-failing-without-network.patch
* Add new patch to skip broken tests in the Process component
- Skip-broken-tests-in-Process-component.patch
* Provide missing meta.json for php-symfony-intl
-- Daniel Beyer <dabe@deb.ymc.ch> Fri, 02 Oct 2015 20:41:11 -0400
symfony (2.7.1+dfsg-1) unstable; urgency=medium
[ Fabien Potencier ]
* updated VERSION for 2.7.1
-- David Prévot <taffit@debian.org> Sun, 14 Jun 2015 17:15:34 -0400
symfony (2.7.0+dfsg-1) unstable; urgency=medium
[ Fabien Potencier ]
* updated VERSION for 2.7.0
[ David Prévot ]
* Adapt minimal version in CI for unstable
-- David Prévot <taffit@debian.org> Sun, 31 May 2015 09:36:15 -0400
symfony (2.7.0~beta2+dfsg-2) unstable; urgency=high
[ Daniel Beyer ]
* Add patch to fix ESI unauthorized access [CVE-2015-4050]
- 0007-HttpKernel-Do-not-call-the-FragmentListener-if-_cont.patch
[ David Prévot ]
* Override php-symfony-security-* as php-symfony-security
-- David Prévot <taffit@debian.org> Wed, 27 May 2015 09:05:23 -0400
symfony (2.7.0~beta2+dfsg-1) unstable; urgency=medium
[ Fabien Potencier ]
* updated VERSION for 2.7.0-BETA2
[ David Prévot ]
* Use HTTPS for homepage
* Adapt minimal versions to unstable, and upload to unstble
-- David Prévot <taffit@debian.org> Mon, 18 May 2015 23:00:16 -0400
symfony (2.7.0~beta1+dfsg-1) experimental; urgency=medium
[ Fabien Potencier ]
* [Asset] added the component
* removed Propel bridge from Symfony Core
* updated VERSION for 2.7.0-BETA1
[ Nicolas Grekas ]
* [PhpUnitBridge] new bridge for testing with PHPUnit
[ David Prévot ]
* Add php-symfony-asset
* Add php-symfony-phpunit-bridge
* Remove php-symfony-propel1-bridge
* Provide php5-symfony-debug extension
* Provide homemade autoload.php for all Composer packages
* Drop extension sources from php-symfony-debug
* Drop php-symfony2-yaml reference
* Bump minimal php-twig version as needed for tests
[ Daniel Beyer ]
* Add SVG support to the image license checker
* Update copyright (year) of the image license checker script
* Update debian/copyright for symfony 2.7
-- David Prévot <taffit@debian.org> Mon, 13 Apr 2015 18:26:01 -0400
symfony (2.6.6+dfsg-1) experimental; urgency=medium
[ Fabien Potencier ]
* updated VERSION for 2.6.6
[ David Prévot ]
* Correct FTBFS fix attribution in previous changelog entry
[ Nicolas Grekas ]
* Safe escaping of fragments for eval()
[ James Gilliland ]
* isFromTrustedProxy to confirm request came from a trusted proxy.
-- David Prévot <taffit@debian.org> Wed, 01 Apr 2015 16:34:09 -0400
symfony (2.6.4+dfsg-1) experimental; urgency=low
* Upload to experimental to respect the freeze
* Provide new binary packages:
- php-symfony-debug-bundle
- php-symfony-expression-language
- php-symfony-var-dumper
[ Daniel Beyer ]
* Validate that all new images and icons are properly licensed.
* Let php-symfony-security provide 4 new versioned virtual packages
- php-symfony-security-acl
- php-symfony-security-core
- php-symfony-security-csrf
- php-symfony-security-http
* Add new build-dependencies needed for tests
- php-doctrine-bundle
- php-email-validator
- php5-sqlite
* Update patches (add proper Symfony prefix in vendor/autoload.php)
- 0001-Add-a-vendor-autoload.php-needed-to-run-tests-during.patch
- DEP-8/Use-installed-class-for-DEP-8-tests.patch
* Add pkg-php-tools-overrides for egulias/email-validator
* Fix FTBFS as in 2.3 (Closes: #775625)
[ David Prévot ]
* Track latest version in debian/watch
* New upstream version
* Provide a get-orig-source target
* Update copyright (years)
* Workaround “OR-ed versions are not supported”
* Use recent php-proxy-manager and phpunit for tests
* Update dependencies for DEP-8 tests
-- David Prévot <taffit@debian.org> Fri, 06 Feb 2015 14:28:33 -0400
symfony (2.3.21+dfsg-1) unstable; urgency=low
* New upstream version
* Update build-dependencies (add php5-intl, drop php-symfony-icu and
icu-devtools)
* Exclude tests of type intl-data
-- Daniel Beyer <dabe@deb.ymc.ch> Sun, 26 Oct 2014 17:08:18 +0100
symfony (2.3.20+dfsg-1) unstable; urgency=low
[ Daniel Beyer ]
* New upstream version.
* Drop patches (adopted upstream)
- 0001-SwiftmailerBridge-Bump-allowed-versions-of-swiftmail.patch
- 0004-Finder-Escape-location-for-regex-searches.patch
* Fix DEP-8 tests failing if no tty is present
[ David Prévot ]
* Use repacksuffix feature of uscan
-- Daniel Beyer <dabe@deb.ymc.ch> Sat, 11 Oct 2014 01:44:50 +0200
symfony (2.3.19+dfsg-1) unstable; urgency=low
* Initial release. (Closes: #513646)
-- Daniel Beyer <dabe@deb.ymc.ch> Sun, 07 Sep 2014 18:34:19 +0200