issues
search
OpenConext
/
Stepup-tiqr
tiqr IdP for step-up authentication
Apache License 2.0
3
stars
2
forks
source link
Update symfony to 3.4.11
#46
Closed
jorissteyn
closed
6 years ago
jorissteyn
commented
6 years ago
Resolves the following security issues:
CVE-2018-11407: CVE-2018-11407: Unauthorized access on a misconfigured LDAP server when using an empty password
https://symfony.com/cve-2018-11407
CVE-2018-11386: CVE-2018-11386: Denial of service when using PDOSessionHandler
https://symfony.com/cve-2018-11386
CVE-2018-11406: CVE-2018-11406: CSRF Token Fixation
https://symfony.com/cve-2018-11406
CVE-2018-11408: CVE-2018-11408: Open redirect vulnerability on security handlers
https://symfony.com/cve-2018-11408
CVE-2018-11385: CVE-2018-11385: Session Fixation Issue for Guard Authentication
https://symfony.com/cve-2018-11385
Resolves the following security issues: