-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sat, 04 May 2019 11:08:53 -1000
Source: symfony
Binary: php-symfony php-symfony-asset php-symfony-browser-kit php-symfony-class-loader php-symfony-config php-symfony-console php-symfony-css-selector php-symfony-debug php-symfony-dependency-injection php-symfony-dom-crawler php-symfony-event-dispatcher php-symfony-expression-language php-symfony-filesystem php-symfony-finder php-symfony-form php-symfony-http-foundation php-symfony-http-kernel php-symfony-intl php-symfony-ldap php-symfony-locale php-symfony-options-resolver php-symfony-process php-symfony-property-access php-symfony-property-info php-symfony-routing php-symfony-security php-symfony-security-core php-symfony-security-csrf php-symfony-security-guard php-symfony-security-http php-symfony-serializer php-symfony-stopwatch php-symfony-templating php-symfony-translation php-symfony-validator php-symfony-var-dumper php-symfony-yaml php-symfony-doctrine-bridge php-symfony-monolog-bridge php-symfony-phpunit-bridge php-symfony-proxy-manager-bridge
 php-symfony-swiftmailer-bridge php-symfony-twig-bridge php-symfony-debug-bundle php-symfony-framework-bundle php-symfony-security-bundle php-symfony-twig-bundle
 php-symfony-web-profiler-bundle
Architecture: source
Version: 2.8.7+dfsg-1.3+deb9u2
Distribution: stretch-security
Urgency: medium
Maintainer: Debian PHP PEAR Maintainers <pkg-php-pear@lists.alioth.debian.org>
Changed-By: David Prévot <taffit@debian.org>
Description:
 php-symfony - set of reusable components and framework for web projects
 php-symfony-asset - manage asset URLs
 php-symfony-browser-kit - simulate the behavior of a web browser
 php-symfony-class-loader - load PHP classes automatically
 php-symfony-config - load configurations from different data sources
 php-symfony-console - run tasks from the command line
 php-symfony-css-selector - convert CSS selectors to XPath expressions
 php-symfony-debug - tools to make debugging of PHP code easier
 php-symfony-debug-bundle - debugging tools for the Symfony framework
 php-symfony-dependency-injection - standardize and centralize construction of objects
 php-symfony-doctrine-bridge - integration for Doctrine with Symfony Components
 php-symfony-dom-crawler - ease DOM navigation for HTML and XML documents
 php-symfony-event-dispatcher - dispatch events and listen to them
 php-symfony-expression-language - compile and evaluate expressions
 php-symfony-filesystem - basic filesystem utilities
 php-symfony-finder - find files and directories
 php-symfony-form - create HTML forms and process request data
 php-symfony-framework-bundle - basic, robust and flexible MVC framework
 php-symfony-http-foundation - object-oriented layer for the HTTP specification
 php-symfony-http-kernel - building blocks for flexible and fast HTTP-based frameworks
 php-symfony-intl - limited replacement layer for the PHP extension intl
 php-symfony-ldap - abstraction layer for the PHP LDAP module
 php-symfony-locale - deprecated replacement layer for the PHP extension intl
 php-symfony-monolog-bridge - integration for Monolog with Symfony Components
 php-symfony-options-resolver - configure objects with option arrays
 php-symfony-phpunit-bridge - integration for PHPUnit with Symfony Components
 php-symfony-process - execute commands in sub-processes
 php-symfony-property-access - read from and write to an object or array
 php-symfony-property-info - extract information about properties of PHP classes
 php-symfony-proxy-manager-bridge - integration for ProxyManager with Symfony Components
 php-symfony-routing - associate a request with code that generates a response
 php-symfony-security - infrastructure for sophisticated authorization systems
 php-symfony-security-bundle - configurable security system for the Symfony framework
 php-symfony-security-core - infrastructure for authorization systems - common features
 php-symfony-security-csrf - infrastructure for authorization systems - CSRF protection
 php-symfony-security-guard - infrastructure for authorization systems - Guard features
 php-symfony-security-http - infrastructure for authorization systems - HTTP integration
 php-symfony-serializer - convert PHP objects into specific formats and vice versa
 php-symfony-stopwatch - profile PHP code
 php-symfony-swiftmailer-bridge - integration for Swift Mailer with Symfony Components
 php-symfony-templating - tools needed to build a template system
 php-symfony-translation - tools to internationalize an application
 php-symfony-twig-bridge - integration for Twig with Symfony Components
 php-symfony-twig-bundle - configurable integration of Twig with the Symfony framework
 php-symfony-validator - tools to validate classes
 php-symfony-var-dumper - ${phpcomposer:description}
 php-symfony-web-profiler-bundle - collect requests information for analysis and debugging
 php-symfony-yaml - convert YAML to PHP arrays and the other way around
Changes:
 symfony (2.8.7+dfsg-1.3+deb9u2) stretch-security; urgency=medium
 .
   * Cherry-pick upstream commits to fix security issues
     - [HttpFoundation] Remove support for legacy and risky HTTP headers
       [CVE-2018-14773]
     - [Form] Filter file uploads out of regular form types [CVE-2018-19789]
     - [Security\Http] detect bad redirect targets using backslashes
       [CVE-2018-19790]
     - [FrameworkBundle][Form] Fix XSS issues in the form theme of the PHP
       templating engine [CVE-2019-10909]
     - [DI] Check service IDs are valid [CVE-2019-10910]
     - [Security] Add a separator in the remember me cookie hash [CVE-2019-10911]
     - [PHPUnit Bridge] Prevent destructors with side-effects from being
       unserialized [CVE-2019-10912]
     - [HttpFoundation] fixed using _method parameter with invalid type
     - [HttpFoundation] reject invalid method override [CVE-2019-10913]
Checksums-Sha1:
 239a9764db742dcff870fca6b2a8bd6c3e035f27 6325 symfony_2.8.7+dfsg-1.3+deb9u2.dsc
 cddba72308b55309f8491fc921b16f24edbf1284 60440 symfony_2.8.7+dfsg-1.3+deb9u2.debian.tar.xz
 a9841b928309e31d099a7b47f64bae0e8a9797f3 26961 symfony_2.8.7+dfsg-1.3+deb9u2_amd64.buildinfo
Checksums-Sha256:
 178d2302d216ae45f378d156f8171cc3d01ec78ca3c97e11822203104973164a 6325 symfony_2.8.7+dfsg-1.3+deb9u2.dsc
 631102bda4964eadb2eaf5fb03daddaf136e3b38fe30c290b344ce2cf1f72121 60440 symfony_2.8.7+dfsg-1.3+deb9u2.debian.tar.xz
 2ddd970ff936cc0f0286772dd54df527f9824f214ac506ab94b99a0791061490 26961 symfony_2.8.7+dfsg-1.3+deb9u2_amd64.buildinfo
Files:
 0c138a5ccff80267ea86bb9b68a7e344 6325 php optional symfony_2.8.7+dfsg-1.3+deb9u2.dsc
 58566c9e260ae826e73c796ff2e16de6 60440 php optional symfony_2.8.7+dfsg-1.3+deb9u2.debian.tar.xz
 836ccb9599dedd51bf404a07dc3a7f09 26961 php optional symfony_2.8.7+dfsg-1.3+deb9u2_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQFGBAEBCAAwFiEEeHVNB7wJXHRI941mBYwc+UT2vTwFAlzTCj8SHHRhZmZpdEBk
ZWJpYW4ub3JnAAoJEAWMHPlE9r08/hUH/3IaLA1hbn3MaQRpvLfBl7TgpTftsErc
lqaBXkytBGkFzgBklFZJJFAA3w6PWDMNdcteOjPl9afbv0ROwjsJ78BTNWHj99i4
KKSx69xaKNNtTGdRawUxmj1dYVQ8AKCdHVtccZxXXNduKvT341Hvu99J1A4smtDQ
dSDq1oCUryh6rWoqNYXMZH+VV9Con7JSZOA9nrn7qlpBev5H/TRWKdbpbU609LjY
T67EWFd447ZMsh0+qaednJ0g/xe4QGjHJVM67fvYU8ilnsIu2+SDjnsOz8SYTZDN
jNe0ko1G+PA4lwL9Q6JNtdt7/MEntFbH6KPinp+XV6RQVZhvgPg7dhM=
=RdEM
-----END PGP SIGNATURE-----