-------------------------------------------------------------------------------- Fedora EPEL Update Notification FEDORA-EPEL-2013-11175 2013-08-16 15:51:48 --------------------------------------------------------------------------------
Name : php-symfony2-HttpFoundation Product : Fedora EPEL 6 Version : 2.2.5 Release : 1.el6 URL : http://symfony.com/doc/current/components/http_foundation/index.html Summary : Symfony2 HttpFoundation Component Description : The HttpFoundation Component defines an object-oriented layer for the HTTP specification.
In PHP, the request is represented by some global variables ($_GET, $_POST, $_FILE, $_COOKIE, $_SESSION...) and the response is generated by some functions (echo, header, setcookie, ...).
The Symfony2 HttpFoundation component replaces these default PHP global variables and functions by an Object-Oriented layer.
Optional dependencies: memcache, memcached, mongo
-------------------------------------------------------------------------------- Update Information:
Updated to 2.2.5
CVE-2013-4752 Request::getHost() poisioning
Release blog posts: * http://symfony.com/blog/symfony-2-2-4-released * http://symfony.com/blog/security-releases-symfony-2-0-24-2-1-12-2-2-5-and-2-...
Full change log: https://github.com/symfony/symfony/blob/v2.2.5/CHANGELOG-2.2.md -------------------------------------------------------------------------------- References:
[ 1 ] Bug #995583 - CVE-2013-4752 php-symfony2-HttpFoundation: Request::getHost() poisioning https://bugzilla.redhat.com/show_bug.cgi?id=995583 --------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use su -c 'yum update php-symfony2-HttpFoundation' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora EPEL GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------
epel-package-announce@lists.fedoraproject.org