fmfi-svt / anketa

Študentská anketa FMFI a iných fakúlt UK
https://anketa.uniba.sk/
Other
0 stars 1 forks source link

Bump symfony/symfony from 2.3.42 to 2.8.52 #278

Open dependabot[bot] opened 5 years ago

dependabot[bot] commented 5 years ago

Bumps symfony/symfony from 2.3.42 to 2.8.52.

Release notes *Sourced from [symfony/symfony's releases](https://github.com/symfony/symfony/releases).* > ## v2.8.52 > **Changelog** (since https://github.com/symfony/symfony/compare/v2.8.51...v2.8.52) > > * security #cve-2019-18888 [HttpFoundation] fix guessing mime-types of files with leading dash ([@​nicolas-grekas](https://github.com/nicolas-grekas)) > * security #cve-2019-18887 [HttpKernel] Use constant time comparison in UriSigner ([@​stof](https://github.com/stof)) > > [PR] [symfony/symfony#34349](https://github-redirect.dependabot.com/symfony/symfony/pull/34349) > [SECURITY] Security release > > ## v2.8.50 > **Changelog** (since https://github.com/symfony/symfony/compare/v2.8.49...v2.8.50) > > * security #cve-2019-10910 [DI] Check service IDs are valid ([@​nicolas-grekas](https://github.com/nicolas-grekas)) > * security #cve-2019-10909 [FrameworkBundle][Form] Fix XSS issues in the form theme of the PHP templating engine ([@​stof](https://github.com/stof)) > * security #cve-2019-10912 [PHPUnit Bridge] Prevent destructors with side-effects from being unserialized ([@​nicolas-grekas](https://github.com/nicolas-grekas)) > * security #cve-2019-10911 [Security] Add a separator in the remember me cookie hash ([@​pborreli](https://github.com/pborreli)) > * security #cve-2019-10913 [HttpFoundation] reject invalid method override ([@​nicolas-grekas](https://github.com/nicolas-grekas)) > > [PR] [symfony/symfony#31145](https://github-redirect.dependabot.com/symfony/symfony/pull/31145) > [SECURITY] Security release > > ## v2.8.49 > **Changelog** (since https://github.com/symfony/symfony/compare/v2.8.48...v2.8.49) > > * security #cve-2018-19790 [Security\Http] detect bad redirect targets using backslashes ([@​xabbuh](https://github.com/xabbuh)) > * security #cve-2018-19789 [Form] Filter file uploads out of regular form types ([@​nicolas-grekas](https://github.com/nicolas-grekas)) > > [PR] [symfony/symfony#29487](https://github-redirect.dependabot.com/symfony/symfony/pull/29487) > [SECURITY] Security release > > ## v2.8.48 > **Changelog** (since https://github.com/symfony/symfony/compare/v2.8.47...v2.8.48) > > * bug [#28917](https://github-redirect.dependabot.com/symfony/symfony/issues/28917) [DoctrineBridge] catch errors while converting to db values in data collector ([@​alekitto](https://github.com/alekitto)) > * bug [#27314](https://github-redirect.dependabot.com/symfony/symfony/issues/27314) [DoctrineBridge] fix case sensitivity issue in RememberMe\DoctrineTokenProvider ([@​PF4Public](https://github.com/PF4Public)) > * bug [#29308](https://github-redirect.dependabot.com/symfony/symfony/issues/29308) [Translation] Use XLIFF source rather than resname when there's no target ([@​thewilkybarkid](https://github.com/thewilkybarkid)) > * bug [#26244](https://github-redirect.dependabot.com/symfony/symfony/issues/26244) [BrowserKit] fixed BC Break for HTTP_HOST header ([@​brizzz](https://github.com/brizzz)) > * bug [#28147](https://github-redirect.dependabot.com/symfony/symfony/issues/28147) [DomCrawler] exclude fields inside "template" tags ([@​Gorjunov](https://github.com/Gorjunov)) > * bug [#29271](https://github-redirect.dependabot.com/symfony/symfony/issues/29271) [HttpFoundation] Fix trailing space for mime-type with parameters ([@​Sascha](https://github.com/Sascha) Dens) > * bug [#29223](https://github-redirect.dependabot.com/symfony/symfony/issues/29223) [Validator] Added the missing constraints instance checks ([@​thomasbisignani](https://github.com/thomasbisignani)) > * bug [#29182](https://github-redirect.dependabot.com/symfony/symfony/issues/29182) [Form] Fixed empty data for compound date types ([@​HeahDude](https://github.com/HeahDude)) > * bug [#29185](https://github-redirect.dependabot.com/symfony/symfony/issues/29185) [Form] Fixed keeping hash of equal \DateTimeInterface on submit ([@​HeahDude](https://github.com/HeahDude)) > * bug [#28731](https://github-redirect.dependabot.com/symfony/symfony/issues/28731) [Form] invalidate forms on transformation failures ([@​xabbuh](https://github.com/xabbuh)) > * bug [#29152](https://github-redirect.dependabot.com/symfony/symfony/issues/29152) [Config] Unset key during normalization ([@​ro0NL](https://github.com/ro0NL)) > * bug [#29057](https://github-redirect.dependabot.com/symfony/symfony/issues/29057) [HttpFoundation] replace any preexisting Content-Type headers ([@​nicolas-grekas](https://github.com/nicolas-grekas)) > > [PR] [symfony/symfony#29333](https://github-redirect.dependabot.com/symfony/symfony/pull/29333) > > ## v2.8.47 > **Changelog** (since https://github.com/symfony/symfony/compare/v2.8.46...v2.8.47) > ... (truncated)
Commits - [`88f3ef6`](https://github.com/symfony/symfony/commit/88f3ef62d6ab870128352c8686c7889562698faf) Merge pull request [#34349](https://github-redirect.dependabot.com/symfony/symfony/issues/34349) from fabpot/release-2.8.52 - [`44dbe04`](https://github.com/symfony/symfony/commit/44dbe046a56b1e510b40ab7ecdeb946e7388d709) updated VERSION for 2.8.52 - [`be612fe`](https://github.com/symfony/symfony/commit/be612fe316924132f286db6374c656dbcc564242) updated CHANGELOG for 2.8.52 - [`2d6bf2e`](https://github.com/symfony/symfony/commit/2d6bf2e689cbaf6500ed21a6ccfd45bcd5f3c931) Fix CHANGELOG - [`af70ccb`](https://github.com/symfony/symfony/commit/af70ccb73b9bf994774be39226446b3802def601) security #cve-2019-18888 [HttpFoundation] fix guessing mime-types of files wi... - [`d41bd42`](https://github.com/symfony/symfony/commit/d41bd42ad5d51e0f4d24259ec2814ccb294c3ba2) security #cve-2019-18887 [HttpKernel] Use constant time comparison in UriSign... - [`2dfc115`](https://github.com/symfony/symfony/commit/2dfc115f6dd56fcc12a6941e8050349cc4d04dbe) [HttpFoundation] fix guessing mime-types of files with leading dash - [`9a50fc5`](https://github.com/symfony/symfony/commit/9a50fc572202f0da41b095900eec79fa3694777c) [HttpKernel] Use constant time comparison in UriSigner - [`78d86f8`](https://github.com/symfony/symfony/commit/78d86f8516ea82fa809c0289a01d04f5aa3c0cd0) bumped version - [`d4843fe`](https://github.com/symfony/symfony/commit/d4843fe948d18611a07469d74eff0836ec988ce7) fixed version - Additional commits viewable in [compare view](https://github.com/symfony/symfony/compare/v2.3.42...v2.8.52)


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot ignore this [patch|minor|major] version` will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/fmfi-svt/anketa/network/alerts).

This change is Reviewable