oldskool
commented
8 years ago According to the composer.lock file we're already at the 2.8 branch? https://github.com/010PHP/010php.nl/blob/385eccc9fdabd5ffaea7b96e8920c728e1ba8252/composer.lock#L2316
Closed Caroga closed 8 years ago
oldskool
commented
8 years ago According to the composer.lock file we're already at the 2.8 branch? https://github.com/010PHP/010php.nl/blob/385eccc9fdabd5ffaea7b96e8920c728e1ba8252/composer.lock#L2316
Caroga
commented
8 years ago Yes it appears so. I think I mistaken this with another repo. Thank you for noticing though. Although we do need a update to at least 2.8.6. http://symfony.com/blog/cve-2016-4423-large-username-storage-in-session http://symfony.com/blog/cve-2016-2403-unauthorized-access-on-a-misconfigured-ldap-server-when-using-an-empty-password
This is currently blocking your other pull requests
I will look into this tomorrow.
Caroga
commented
8 years ago Fixed by @oldskool in #46
Currently we run Symfony 2.7, but would like to have it updated to 2.8 as this buys us a couple of months extra support/bug fixes as stated in the Symfony roadmap.