Fedora 33: FEDORA-2020-1c549262f1 Critical: Php-Symfony4 Header Issue

Symfony PHP framework (version 4).

NOTE: Does not require PHPUnit bridge.

**Version 4.4.13** (2020-09-02) * security **CVE-2020-15094** Remove headers

with internal meaning from HttpClient responses (mpdude) * bug #38024 [Console]

Fix undefined index for inconsistent command name definition (chalasr) * bug

#38023 [DI] fix inlining of non-shared services (nicolas-grekas) * bug #38020

[PhpUnitBridge] swallow deprecations (xabbuh) * bug #38010 [Cache] Psr16Cache

does not handle Proxy cache items (alex-dev) * bug #37937 [Serializer] fixed

fix encoding of cache keys with anonymous classes (michaelzangerle) ----**Version 4.4.12** (2020-08-31) * bug #37966 [HttpClient][MockHttpClient][DX]

Throw when the response factory callable does not return a valid response

(fancyweb) * bug #37971 [PropertyInfo] Backport support for typed properties

(PHP 7.4) (dunglas) * bug #37970 [PhpUnitBridge] Polyfill new phpunit 9.1

assertions (phpfour) * bug #37960 [PhpUnit] Add polyfill for

assertMatchesRegularExpression() (dunglas) * bug #37949 [Yaml] fix more numeric

cases changing in PHP 8 (xabbuh) * bug #37921 [Yaml] account for is_numeric()

behavior changes in PHP 8 (xabbuh) * bug #37912 [ExpressionLanguage] fix

passing arguments to call_user_func_array() on PHP 8 (xabbuh) * bug #37907

[Messenger] stop using the deprecated schema synchronizer API (xabbuh) * bug

#37900 [Mailer] Fixed mandrill api header structure (wulff) * bug #37888

[Mailer] Reorder headers used to determine Sender (cvmiert) * bug #37872

[Sendgrid-Mailer] Fixed envelope recipients on sendgridApiTransport

(arendjantetteroo) * bug #37860 [Serializer][ClassDiscriminatorMapping] Fix

getMappedObjectType() when a discriminator child extends another one (fancyweb)

* bug #37853 [Validator] ensure that the validator is a mock object for

backwards-compatibility (xabbuh) * bug #36340 [Serializer] Fix configuration of

the cache key (dunglas) * bug #36810 [Messenger] Do not stack retry stamp

(jderusse) * bug #37849 [FrameworkBundle] Add missing mailer transports in xsd

(l-vo) * bug #37586 [ErrorHandler][DebugClassLoader] Add mixed and static

return types support (fancyweb) * bug #37845 [Serializer] Fix variadic support

when using type hints (fabpot) * bug #37841 [VarDumper] Backport handler lock

when using VAR_DUMPER_FORMAT (ogizanagi) * bug #37725 [Form] Fix Guess phpdoc

return type (franmomu) * bug #37771 Use PHPUnit 9.3 on php 8 (derrabus) * bug

#36140 [Validator] Add BC layer for notInRangeMessage when min and max are set

(l-vo) * bug #35843 [Validator] Add target guards for Composite nested

constraints (ogizanagi) * bug #37803 Fix for issue #37681 (Rav) * bug #37744

[Yaml] Fix for #36624; Allow PHP constant as first key in block (jnye) * bug

#37767 [Form] fix mapping errors from unmapped forms (xabbuh) * bug #37731

[Console] Table: support cells with newlines after a cell with colspan >= 2

(GMTA) * bug #37791 Fix redis connect with empty password (alexander-schranz)

* bug #37790 Fix deprecated libxml_disable_entity_loader (fabpot) * bug #37763

Fix deprecated libxml_disable_entity_loader (jderusse) * bug #37774 [Console]

Make sure we pass a numeric array of arguments to call_user_func_array()

(derrabus) * bug #37729 [FrameworkBundle] fail properly when the required

service is not defined (xabbuh) * bug #37701 [Serializer] Fix that it will

never reach DOMNode (TNAJanssen) * bug #37671 [Cache] fix saving no-expiry

items with ArrayAdapter (philipp-kolesnikov) * bug #37102 [WebProfilerBundle]

Fix error with custom function and web profiler routing tab (JakeFr) * bug

#37560 [Finder] Fix GitIgnore parser when dealing with (sub)directories and take

order of lines into account (Jeroeny) * bug #37700 [VarDumper] Improve previous

fix on light array coloration (l-vo) * bug #37705 [Mailer] Added the missing

reset tag to mailer.logger_message_listener (vudaltsov) * bug #37697

[Messenger] reduce column length for MySQL 5.6 compatibility (xabbuh)

* Wed Sep 2 2020 Remi Collet - 4.4.13-1

- update to 4.4.13

* Mon Aug 31 2020 Remi Collet - 4.4.12-1

- update to 4.4.12

- allow doctrine/dbal 3.0

su -c 'dnf upgrade --advisory FEDORA-2020-1c549262f1' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/