diff --git a/CHANGELOG-2.3.md b/CHANGELOG-2.3.md index 9b0b1f994e1d..c132013aa0e7 100644 --- a/CHANGELOG-2.3.md +++ b/CHANGELOG-2.3.md @@ -7,6 +7,14 @@ in 2.3 minor versions. To get the diff for a specific change, go to https://github.com/symfony/symfony/commit/XXX where XXX is the change hash To get the diff between two versions, go to https://github.com/symfony/symfony/compare/v2.3.0...v2.3.1 +* 2.3.18 (2014-07-15) + + * [Security] Forced validate of locales passed to the translator + * feature #11367 [HttpFoundation] Fix to prevent magic bytes injection in JSONP responses... (CVE-2014-4671) (Andrew Moore) + * bug #11386 Remove Spaceless Blocks from Twig Form Templates (chrisguitarguy) + * bug #9719 [TwigBundle] fix configuration tree for paths (mdavis1982, cordoval) + * bug #11244 [HttpFoundation] Remove body-related headers when sending the response, if body is empty (SimonSimCity) + * 2.3.17 (2014-07-07) * bug #11238 [Translation] Added unescaping of ids in PoFileLoader (JustBlackBird) diff --git a/CHANGELOG-2.4.md b/CHANGELOG-2.4.md index 6cfee77ffc24..013618165281 100644 --- a/CHANGELOG-2.4.md +++ b/CHANGELOG-2.4.md @@ -7,6 +7,15 @@ in 2.4 minor versions. To get the diff for a specific change, go to https://github.com/symfony/symfony/commit/XXX where XXX is the change hash To get the diff between two versions, go to https://github.com/symfony/symfony/compare/v2.4.0...v2.4.1 +* 2.4.8 (2014-07-15) + + * [Security] Forced validate of locales passed to the translator + * bug #11278 Remove Spaceless Blocks From Twig Templates (chrisguitarguy) + * feature #11367 [HttpFoundation] Fix to prevent magic bytes injection in JSONP responses... (CVE-2014-4671) (Andrew Moore) + * bug #11386 Remove Spaceless Blocks from Twig Form Templates (chrisguitarguy) + * bug #9719 [TwigBundle] fix configuration tree for paths (mdavis1982, cordoval) + * bug #11244 [HttpFoundation] Remove body-related headers when sending the response, if body is empty (SimonSimCity) + * 2.4.7 (2014-07-08) * bug #11283 [SecurityBundle] Remove Expression Language services when the component is unavailable (thewilkybarkid) diff --git a/CONTRIBUTORS.md b/CONTRIBUTORS.md index 007ceffdf475..ca9e441c9314 100644 --- a/CONTRIBUTORS.md +++ b/CONTRIBUTORS.md @@ -19,8 +19,8 @@ Symfony2 is the result of the work of many people who made the code better - Ryan Weaver (weaverryan) - Lukas Kahwe Smith (lsmith) - Jeremy Mikola (jmikola) - - Jean-François Simon (jfsimon) - Romain Neutron (romain) + - Jean-François Simon (jfsimon) - Benjamin Eberlei (beberlei) - Igor Wiedler (igorw) - Hugo Hamon (hhamon) @@ -44,18 +44,18 @@ Symfony2 is the result of the work of many people who made the code better - Wouter De Jong (wouterj) - Eric Clemmons (ericclemmons) - Nicolas Grekas (nicolas-grekas) + - Andrej Hudec (pulzarraider) - Deni - Henrik Westphal (snc) - Dariusz Górecki (canni) - - Andrej Hudec (pulzarraider) - Arnout Boks (aboks) + - Christian Raue - Michel Weimerskirch (mweimerskirch) - Lee McDermott - Brandon Turner - Douglas Greenshields (shieldo) - Daniel Holmes (dholmes) - Jordan Alliot (jalliot) - - Christian Raue - John Wards (johnwards) - Fran Moreno (franmomu) - Bart van den Burg (burgov) @@ -75,21 +75,21 @@ Symfony2 is the result of the work of many people who made the code better - Fabien Pennequin (fabienpennequin) - Jacob Dreesen (jdreesen) - Gábor Egyed (1ed) + - Ait Boudad Abdellatif (aitboudad) - Adrien Brault (adrienbrault) - Michal Piotrowski (eventhorizon) - - Ait Boudad Abdellatif (aitboudad) - Robert Schönthal (digitalkaoz) - Juti Noppornpitak (shiroyuki) - Sebastian Hörl (blogsh) - Daniel Gomes (danielcsgomes) - Hidenori Goto (hidenorigoto) - Peter Kokot (maastermedia) + - Christian Flothmann (xabbuh) - Jérémie Augustin (jaugustin) - David Buchmann (dbu) - Jérôme Tamarelle (gromnan) - Tigran Azatyan (tigranazatyan) - Javier Eguiluz (javier.eguiluz) - - Christian Flothmann (xabbuh) - Rafael Dohms (rdohms) - Richard Shank (iampersistent) - Gordon Franke (gimler) @@ -146,6 +146,7 @@ Symfony2 is the result of the work of many people who made the code better - Manuel Reinhard (sprain) - Danny Berger (dpb587) - Xavier Montaña Carreras (xmontana) + - Michele Orselli (orso) - Xavier Perez - Arjen Brouwer (arjenjb) - Katsuhiro OGAWA @@ -168,7 +169,6 @@ Symfony2 is the result of the work of many people who made the code better - Robert Kiss (kepten) - Kim Hemsø Rasmussen (kimhemsoe) - Wouter Van Hecke - - Michele Orselli (orso) - Michael Holm (hollo) - Marc Weistroff (futurecat) - Pierre-Yves LEBECQ (pylebecq) @@ -231,6 +231,7 @@ Symfony2 is the result of the work of many people who made the code better - Ismael Ambrosi (iambrosi) - Shein Alexey - Issei Murasawa (issei_m) + - hacfi (hifi) - Joe Lencioni - Kai - Xavier HAUSHERR @@ -274,6 +275,7 @@ Symfony2 is the result of the work of many people who made the code better - François-Xavier de Guillebon (de-gui_f) - boombatower - Fabrice Bernhard (fabriceb) + - Clément Gautier (clementgautier) - Fabian Lange (codingfabian) - Yoshio HANAWA - Baptiste Clavié (talus) @@ -294,11 +296,11 @@ Symfony2 is the result of the work of many people who made the code better - Maks Slesarenko - Markus Lanthaler (lanthaler) - Vicent Soria Durá (vicentgodella) + - Chris Wilkinson (thewilkybarkid) - Ioan Negulescu - Andrew Udvare (audvare) - alexpods - Erik Trapman (eriktrapman) - - hacfi (hifi) - De Cock Xavier (xdecock) - Alex Pott - Norbert Orzechowicz (norzechowicz) @@ -365,6 +367,7 @@ Symfony2 is the result of the work of many people who made the code better - Arturs Vonda - Sascha Grossenbacher - Ben Davies (bendavies) + - Simon Schick (simonsimcity) - Hossein Bukhamsin - Paweł Wacławczyk (pwc) - Oleg Zinchenko (cystbear) @@ -372,6 +375,7 @@ Symfony2 is the result of the work of many people who made the code better - Johannes Klauss (cloppy) - Evan Villemez - fzerorubigd + - Benjamin Grandfond (benjamin) - Tiago Brito (blackmx) - Richard van den Brand (ricbra) - develop @@ -403,7 +407,6 @@ Symfony2 is the result of the work of many people who made the code better - Marek Štípek (maryo) - John Bohn (jbohn) - Jakub Škvára (jskvara) - - Chris Wilkinson (thewilkybarkid) - Andrew Hilobok (hilobok) - Christian Soronellas (theunic) - Jérôme Vieilledent (lolautruche) @@ -532,7 +535,6 @@ Symfony2 is the result of the work of many people who made the code better - jfcixmedia - Martijn Evers - Benjamin Paap (benjaminpaap) - - Simon Schick (simonsimcity) - Christian - Sergii Smertin (nfx) - Eddie Jaoude @@ -550,6 +552,7 @@ Symfony2 is the result of the work of many people who made the code better - Benoit Garret - DerManoMann - Asmir Mustafic (goetas) + - Julien Bianchi (jubianchi) - Marcin Chwedziak - Roland Franssen (ro0) - Maciej Malarz @@ -562,20 +565,22 @@ Symfony2 is the result of the work of many people who made the code better - kaiwa - Albert Ganiev (helios-ag) - Neil Katin + - David Otton - peter - Artem Kolesnikov (tyomo4ka) - Gustavo Adrian - - Clément Gautier (clementgautier) - Yannick - Luc Vieillescazes (iamluc) - Eduardo García Sanz (coma) - David de Boer (ddeboer) - Brooks Boyd - Roger Webb + - Dmitriy Simushev - Max Voloshin (maxvoloshin) - Nicolas Fabre (nfabre) - Raul Rodriguez (raul782) - Patrick Landolt (scube) + - WybrenKoelmans - Derek Lambert - Felicitus - Krzysztof Przybyszewski @@ -730,6 +735,7 @@ Symfony2 is the result of the work of many people who made the code better - catch - Alexandre Segura - Josef Cech + - Nate (frickenate) - Matthew Foster (mfoster) - Maximilian Reichel (phramz) - Paul Seiffert (seiffert) @@ -750,7 +756,6 @@ Symfony2 is the result of the work of many people who made the code better - Andrey Ryaguzov - Gunther Konig - František Bereň - - Benjamin Grandfond (benjamin) - Christoph Nissle (derstoffel) - Ionel Scutelnicu (ionelscutelnicu) - Johnny Peck (johnnypeck) @@ -875,6 +880,7 @@ Symfony2 is the result of the work of many people who made the code better - Yorkie Chadwick (yorkie76) - Yanick Witschi - Ondrej Mirtes + - akimsko - Youpie - srsbiz - Nicolas A. Bérard-Nault @@ -1010,6 +1016,7 @@ Symfony2 is the result of the work of many people who made the code better - Adam Monsen (meonkeys) - ollie harridge (ollietb) - Paweł Szczepanek (pauluz) + - Christian López Espínola (penyaskito) - Petr Jaroš (petajaros) - Philipp Hoffmann (philipphoffmann) - Alex Carol (picard89) diff --git a/src/Symfony/Component/Process/ProcessPipes.php b/src/Symfony/Component/Process/ProcessPipes.php index 3cc61155803d..b9354e9d4aa3 100644 --- a/src/Symfony/Component/Process/ProcessPipes.php +++ b/src/Symfony/Component/Process/ProcessPipes.php @@ -335,11 +335,11 @@ private function readStreams($blocking, $close = false) $type = array_search($pipe, $this->pipes); $data = ''; - while ($dataread = fread($pipe, self::CHUNK_SIZE)) { + while ('' !== $dataread = (string) fread($pipe, self::CHUNK_SIZE)) { $data .= $dataread; } - if ($data) { + if ('' !== $data) { $read[$type] = $data; } diff --git a/src/Symfony/Component/Process/Tests/AbstractProcessTest.php b/src/Symfony/Component/Process/Tests/AbstractProcessTest.php index 4e0f4b5bb1cb..be4a81bd179e 100644 --- a/src/Symfony/Component/Process/Tests/AbstractProcessTest.php +++ b/src/Symfony/Component/Process/Tests/AbstractProcessTest.php @@ -306,6 +306,19 @@ public function testFlushOutput() $this->assertEmpty($p->getOutput()); } + public function testZeroAsOutput() + { + if (defined('PHP_WINDOWS_VERSION_BUILD')) { + // see http://stackoverflow.com/questions/7105433/windows-batch-echo-without-new-line + $p = $this->getProcess('echo | set /p dummyName=0'); + } else { + $p = $this->getProcess('printf 0'); + } + + $p->run(); + $this->assertSame('0', $p->getOutput()); + } + public function testExitCodeCommandFailed() { if (defined('PHP_WINDOWS_VERSION_BUILD')) { diff --git a/src/Symfony/Component/Process/Tests/ExecutableFinderTest.php b/src/Symfony/Component/Process/Tests/ExecutableFinderTest.php index abaa47d8ddd7..e728c0ee73d5 100644 --- a/src/Symfony/Component/Process/Tests/ExecutableFinderTest.php +++ b/src/Symfony/Component/Process/Tests/ExecutableFinderTest.php @@ -47,9 +47,9 @@ public function testFind() $this->setPath(dirname(PHP_BINARY)); $finder = new ExecutableFinder; - $result = $finder->find(basename(PHP_BINARY)); + $result = $finder->find($this->getPhpBinaryName()); - $this->assertEquals($result, PHP_BINARY); + $this->assertSamePath(PHP_BINARY, $result); } public function testFindWithDefault() @@ -83,9 +83,9 @@ public function testFindWithExtraDirs() $extraDirs = array(dirname(PHP_BINARY)); $finder = new ExecutableFinder; - $result = $finder->find(basename(PHP_BINARY), null, $extraDirs); + $result = $finder->find($this->getPhpBinaryName(), null, $extraDirs); - $this->assertEquals(PHP_BINARY, $result); + $this->assertSamePath(PHP_BINARY, $result); } public function testFindWithOpenBaseDir() @@ -105,8 +105,22 @@ public function testFindWithOpenBaseDir() ini_set('open_basedir', dirname(PHP_BINARY).PATH_SEPARATOR.'/'); $finder = new ExecutableFinder; - $result = $finder->find(basename(PHP_BINARY)); + $result = $finder->find($this->getPhpBinaryName()); - $this->assertEquals(PHP_BINARY, $result); + $this->assertSamePath(PHP_BINARY, $result); + } + + private function assertSamePath($expected, $tested) + { + if (defined('PHP_WINDOWS_VERSION_BUILD')) { + $this->assertEquals(strtolower($expected), strtolower($tested)); + } else { + $this->assertEquals($expected, $tested); + } + } + + private function getPhpBinaryName() + { + return basename(PHP_BINARY, defined('PHP_WINDOWS_VERSION_BUILD') ? '.exe' : ''); } }