v5.3.12
·
13530 commits
to 7.1
since this release
Changelog (v5.3.11...v5.3.12)
- security #cve-2021-41268 [SecurityBundle] Default signature_properties to the previous behavior (@wouterj)
- security #cve-2021-41267 [HttpKernel] Fix missing extra trusted header in sub-request (@jderusse)
- security #cve-2021-41270 [Serializer] Use single quote to escape formulas (@jderusse)
- bug #44232 [Cache] fix connecting to local Redis sockets (@nicolas-grekas)
- bug #44204 [HttpClient] fix closing curl multi handle when destructing client (@nicolas-grekas)
- bug #44208 [Process] exclude argv/argc from possible default env vars (@nicolas-grekas)
[PR] #44243
[SECURITY] Security release
Contributors
nicolas-grekas, jderusse, and wouterj