Symfony 3.0.6 has just been released. Here is a list of the most important changes:
- security #18736 Fixed issue with blank password with Ldap (csarrazi) - CVE-2016-4423
- security #18733 limited the maximum length of a submitted username (fabpot) - CVE-2016-2403
- bug #18730 [FrameworkBundle] prevent calling get() for service_container service (xabbuh)
- bug #18705 added a conflict between Monolog bridge 2.8 and HTTP Kernel 3.0+ (fabpot)
- bug #18709 [DependencyInjection] top-level anonymous services must be public (xabbuh)
- bug #18388 [EventDispatcher] check for method to exist (xabbuh)
- bug #18699 [DependencyInjection] Use the priority of service decoration on service with parent (hason)
- bug #18692 add @Event annotation for KernelEvents (Haehnchen)
- bug #18246 [DependencyInjection] fix ambiguous services schema (backbone87)
Want to upgrade to this new release? Fortunately, because Symfony protects backwards-compatibility very closely, this should be quite easy.Read our upgrade documentation to learn more.
Want to check the integrity of this new version? Read my blog post aboutsigning releases .
Want to be notified whenever a new Symfony release is published? Or when a version is not maintained anymore? Or only when a security issue is fixed? Consider subscribing to the Symfony Roadmap Notifications.