3 matches found
Symfony Session Fixation Vulnerability
A session fixation vulnerability within the "Remember Me" login feature allows an attacker to impersonate the victim towards the web application if the session id value was previously known to the attacker. This issue has been fixed in Symfony 2.3.35, 2.6.12, and 2.7.7. Note that no fixes are...
Fedora 23 : php-symfony-2.7.7-2.fc23 / php-twig-1.23.1-2.fc23 (2015-0efcb5fbc5)
Twig 1.23.1 2015-11-05 fixed some exception messages which triggered PHP warnings fixed BC on TwigTestNodeTestCase Twig 1.23.0 2015-10-29 - deprecated the possibility to override an extension by registering another one with the same name deprecated TwigExtensionInterface::getGlobals added...
Fedora 22 : php-symfony-2.7.7-2.fc22 / php-twig-1.23.1-2.fc22 (2015-0b89738311)
Twig 1.23.1 2015-11-05 fixed some exception messages which triggered PHP warnings fixed BC on TwigTestNodeTestCase Twig 1.23.0 2015-10-29 - deprecated the possibility to override an extension by registering another one with the same name deprecated TwigExtensionInterface::getGlobals added...