Closed aharabara closed 1 year ago
zyberspace
commented
1 year ago Hi @aharabara ,
we are using Sonata Admin with Symfony 6.3 without any problems.
May i ask what makes you think Sonata Admin is only compatible with Symfony 6.2?
The composer.json requires Symfony ^6.2 meaning that all symfony versions starting with 6.2 are compatible, meaning also 6.3 and, when it gets released, also 6.4.
VincentLanglet
commented
1 year ago Sonata is compatible wih Sf 6.3.
aharabara
commented
1 year ago Hi @aharabara. You are right, I was confused with low-level dependencies and thought that the limitation was on the side of sonata bundles, but I was wrong. Thank you for help 🙇
Link to the threat description: https://github.com/advisories/GHSA-q847-2q57-wmr3 Link to the Symfony blog post: https://symfony.com/blog/cve-2023-46734-potential-xss-vulnerabilities-in-codeextension-filters We use Symfony 6.2 (the highest version compatible with Sonata project) and latest versions of bundles and packages related to Sonata project, but the only version that is patched on Symfony side is
6.3.*. Do you plan to address this security issue and if yes, then how soon we can expect it?