-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Sat, 11 Nov 2023 11:24:46 +0100 Source: symfony Architecture: source Version: 6.4.0~beta3+dfsg-1 Distribution: experimental Urgency: medium Maintainer: Debian PHP PEAR Maintainers <pkg-php-pear@lists.alioth.debian.org> Changed-By: David Prévot <taffit@debian.org> Closes: 1055774 1055775 Changes: symfony (6.4.0~beta3+dfsg-1) experimental; urgency=medium . [ Fabien Potencier ] * Update VERSION for 6.4.0-BETA3 . [ Nicolas Grekas ] * [Webhook] Remove user-submitted type from HTTP response [CVE-2023-46735] * [TwigBridge] Ensure CodeExtension's filters properly escape their input [CVE-2023-46734] (Closes: #1055774) . [ Robert ] * [Security] Fix possible session fixation when only the *token* changes [CVE-2023-46733] (Closes: #1055775) Checksums-Sha1: 5042a1fc00ddf77b7a0b0c109a5280e10bc8361c 16637 symfony_6.4.0~beta3+dfsg-1.dsc dd955a9df869a471a157df9caf91f301c5897fdb 8031336 symfony_6.4.0~beta3+dfsg.orig.tar.xz 93eb4cebf830b8c4531e0b6f46d0ea02bc310d1f 61592 symfony_6.4.0~beta3+dfsg-1.debian.tar.xz cb2e2dc1d53cb0169650528c9a9d1a085def387c 69798 symfony_6.4.0~beta3+dfsg-1_amd64.buildinfo Checksums-Sha256: 1ad53f20dca971c190767ed88d7abd6b5f28dc6b0bc8f50981439b337bf89458 16637 symfony_6.4.0~beta3+dfsg-1.dsc 2f460decee68520cc1301d79c09caa86bfc8ac582db58b8a7e893e8b86ebe456 8031336 symfony_6.4.0~beta3+dfsg.orig.tar.xz 7a4f3125e1d365e7e0b55643f530a365f51343f56cfe5289175eef3f207292aa 61592 symfony_6.4.0~beta3+dfsg-1.debian.tar.xz 6a6397467c29e325779f7e71729c511fc4109b56d178d2178830616efde7f368 69798 symfony_6.4.0~beta3+dfsg-1_amd64.buildinfo Files: 53d9419f8289bfb00d25cab1cbc8ff3a 16637 php optional symfony_6.4.0~beta3+dfsg-1.dsc fd350891ef3d37518ca69cab89ff05cf 8031336 php optional symfony_6.4.0~beta3+dfsg.orig.tar.xz 99a7d640257c98006a6cf8edb61bffa6 61592 php optional symfony_6.4.0~beta3+dfsg-1.debian.tar.xz d1f4262940684133a420c89f4b4d9219 69798 php optional symfony_6.4.0~beta3+dfsg-1_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQFGBAEBCAAwFiEEeHVNB7wJXHRI941mBYwc+UT2vTwFAmVPwgYSHHRhZmZpdEBk ZWJpYW4ub3JnAAoJEAWMHPlE9r08vBUIAJ3MQQymcfLhDeTXK6gJpxT+rpjRwwIn gi3/e8C4E77u/eZU8C30GRqiLaZ8OjhgJa8RhtvzHC/qV4njXdcK+dJYFFxt62As CTL8sgl0UfVkGgg7GGx06A8JxDWQ1N+5K0i5kirDrQ3AyuBrt/WvLVGkALbrYezZ fpyu4xOpFB9ofUg7mUmzq4+VS1ZVWTkGtL/HfkcLB6okHlzM2zEYytmHACVlBoOA cYFhB/mLNTjxm6ZvHT3W4m7syheViT83YLn5ZW1TcRxsPdizRnpvgh+g0KJQGBBx TcxNfwv4LKkm0WBO2PVbM1y6VPEW34wz/6+sDiD7FNOr5DNbPZg4KwI= =Iiz7 -----END PGP SIGNATURE-----