Patch |
File delta |
Description |
0001 Add a vendor autoload.php needed to run tests during.patch | (download) |
vendor/autoload.php |
9 9 + 0 - 0 !
1 file changed, 9 insertions(+) |
add a vendor/autoload.php needed to run tests during package build
|
0002 group online for test failing without network.patch | (download) |
src/Symfony/Component/Filesystem/Tests/FilesystemTest.php |
3 3 + 0 - 0 !
1 file changed, 3 insertions(+) |
'@group online' for test failing without network
|
0003 Remove content from README.md files.patch | (download) |
src/Symfony/Bridge/Doctrine/README.md |
14 0 + 14 - 0 !
src/Symfony/Bridge/Monolog/README.md |
13 0 + 13 - 0 !
src/Symfony/Bridge/Propel1/README.md |
13 0 + 13 - 0 !
src/Symfony/Bridge/ProxyManager/README.md |
15 0 + 15 - 0 !
src/Symfony/Bridge/Twig/README.md |
15 0 + 15 - 0 !
src/Symfony/Component/BrowserKit/README.md |
6 0 + 6 - 0 !
src/Symfony/Component/ClassLoader/README.md |
9 0 + 9 - 0 !
src/Symfony/Component/Config/README.md |
17 0 + 17 - 0 !
src/Symfony/Component/Console/README.md |
15 0 + 15 - 0 !
src/Symfony/Component/CssSelector/README.md |
6 0 + 6 - 0 !
src/Symfony/Component/Debug/README.md |
9 0 + 9 - 0 !
src/Symfony/Component/DependencyInjection/README.md |
9 0 + 9 - 0 !
src/Symfony/Component/DomCrawler/README.md |
8 0 + 8 - 0 !
src/Symfony/Component/EventDispatcher/README.md |
9 0 + 9 - 0 !
src/Symfony/Component/Filesystem/README.md |
8 0 + 8 - 0 !
src/Symfony/Component/Finder/README.md |
8 0 + 8 - 0 !
src/Symfony/Component/Form/README.md |
9 0 + 9 - 0 !
src/Symfony/Component/HttpFoundation/README.md |
9 0 + 9 - 0 !
src/Symfony/Component/HttpKernel/README.md |
9 0 + 9 - 0 !
src/Symfony/Component/Intl/README.md |
10 1 + 9 - 0 !
src/Symfony/Component/OptionsResolver/README.md |
11 0 + 11 - 0 !
src/Symfony/Component/Process/README.md |
9 0 + 9 - 0 !
src/Symfony/Component/PropertyAccess/README.md |
14 0 + 14 - 0 !
src/Symfony/Component/Routing/README.md |
9 0 + 9 - 0 !
src/Symfony/Component/Security/README.md |
23 0 + 23 - 0 !
src/Symfony/Component/Serializer/README.md |
15 0 + 15 - 0 !
src/Symfony/Component/Stopwatch/README.md |
13 0 + 13 - 0 !
src/Symfony/Component/Templating/README.md |
18 0 + 18 - 0 !
src/Symfony/Component/Translation/README.md |
6 0 + 6 - 0 !
src/Symfony/Component/Validator/README.md |
6 0 + 6 - 0 !
src/Symfony/Component/Yaml/README.md |
8 0 + 8 - 0 !
31 files changed, 1 insertion(+), 342 deletions(-) |
remove content from readme.md files
|
0004 Add more tests to group tty.patch | (download) |
src/Symfony/Component/Process/Tests/AbstractProcessTest.php |
9 9 + 0 - 0 !
src/Symfony/Component/Process/Tests/SigchildDisabledProcessTest.php |
1 1 + 0 - 0 !
2 files changed, 10 insertions(+) |
add more tests to '@group tty'
Not all tests using a tty are in @group tty. This should be reported (and
fixed) upstream but needs further investigation:
- There might be more tests needing a tty.
- It could be that some tests in group tty may not need a tty.
|
0005 Process Make test AbstractProcessTest testStartAfter.patch | (download) |
src/Symfony/Component/Process/Tests/AbstractProcessTest.php |
6 3 + 3 - 0 !
1 file changed, 3 insertions(+), 3 deletions(-) |
[process] make test abstractprocesstest::teststartafteratimeout
useful again
The test AbstractProcessTest::testStartAfterATimeout() is pretty useless, due
to two reasons:
1. Any exception is caught
This means even the exception thrown with
$this->fail('A RuntimeException should have been raised.');
is caught, making the test pretty useless.
2. Invalid PHP code gets executed
The command that is executed in the tests actually is:
# php -r "$n = 1000; while ($n--) {echo ''; usleep(1000); }"
This does not wait ~1s, but produces the following error:
PHP Parse error: syntax error, unexpected '=' in Command line code on line 1
|
0006 Increasing timeout in test AbstractProcessTest testS.patch | (download) |
src/Symfony/Component/Process/Tests/AbstractProcessTest.php |
2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-) |
increasing timeout in test
AbstractProcessTest::testStartAfterATimeout()
This hopefully will allow ci.debian.net to run DEP-8 as installed tests
and might prevent FTBFS #775625 from hitting us again.
|
0007 isFromTrustedProxy to confirm request came from a tr.patch | (download) |
src/Symfony/Component/HttpFoundation/Request.php |
13 9 + 4 - 0 !
src/Symfony/Component/HttpFoundation/Tests/RequestTest.php |
38 25 + 13 - 0 !
2 files changed, 34 insertions(+), 17 deletions(-) |
isfromtrustedproxy to confirm request came from a trusted proxy.
|
0008 Safe escaping of fragments for eval.patch | (download) |
src/Symfony/Component/HttpKernel/HttpCache/Esi.php |
62 31 + 31 - 0 !
src/Symfony/Component/HttpKernel/Tests/HttpCache/EsiTest.php |
4 2 + 2 - 0 !
2 files changed, 33 insertions(+), 33 deletions(-) |
safe escaping of fragments for eval()
https://github.com/symfony/symfony/commit/195c57e1f50765aff33137689b16e126a689056a
|
0009 HttpKernel Do not call the FragmentListener if _cont.patch | (download) |
src/Symfony/Component/HttpKernel/EventListener/FragmentListener.php |
2 1 + 1 - 0 !
src/Symfony/Component/HttpKernel/Tests/EventListener/FragmentListenerTest.php |
20 18 + 2 - 0 !
2 files changed, 19 insertions(+), 3 deletions(-) |
[httpkernel] do not call the fragmentlistener if _controller is
already defined
|
0010 CVE 2015 8124 Session Fixation in the Remember Me Lo.patch | (download) |
src/Symfony/Component/Security/Http/Firewall/RememberMeListener.php |
8 8 + 0 - 0 !
src/Symfony/Component/Security/Tests/Http/Firewall/RememberMeListenerTest.php |
63 63 + 0 - 0 !
2 files changed, 71 insertions(+) |
cve-2015-8124: session fixation in the "remember me" login feature
|
0011 CVE 2015 8125 Vulnerability in Security Remember Me .patch | (download) |
src/Symfony/Component/Form/Extension/Csrf/CsrfProvider/DefaultCsrfProvider.php |
14 13 + 1 - 0 !
src/Symfony/Component/Security/Http/Firewall/DigestAuthenticationListener.php |
3 2 + 1 - 0 !
src/Symfony/Component/Security/Http/RememberMe/PersistentTokenBasedRememberMeServices.php |
3 2 + 1 - 0 !
src/Symfony/Component/Security/Http/RememberMe/TokenBasedRememberMeServices.php |
28 2 + 26 - 0 !
4 files changed, 19 insertions(+), 29 deletions(-) |
cve-2015-8125: vulnerability in security remember-me service
|
0012 CVE 2016 1902 SecureRandom s fallback not secure whe.patch | (download) |
src/Symfony/Component/Security/Core/Util/SecureRandom.php |
86 2 + 84 - 0 !
src/Symfony/Component/Security/vendor/paragonie/random_compat/LICENSE |
22 22 + 0 - 0 !
src/Symfony/Component/Security/vendor/paragonie/random_compat/lib/byte_safe_strings.php |
173 173 + 0 - 0 !
src/Symfony/Component/Security/vendor/paragonie/random_compat/lib/cast_to_int.php |
71 71 + 0 - 0 !
src/Symfony/Component/Security/vendor/paragonie/random_compat/lib/error_polyfill.php |
42 42 + 0 - 0 !
src/Symfony/Component/Security/vendor/paragonie/random_compat/lib/random.php |
221 221 + 0 - 0 !
src/Symfony/Component/Security/vendor/paragonie/random_compat/lib/random_bytes_com_dotnet.php |
81 81 + 0 - 0 !
src/Symfony/Component/Security/vendor/paragonie/random_compat/lib/random_bytes_dev_urandom.php |
148 148 + 0 - 0 !
src/Symfony/Component/Security/vendor/paragonie/random_compat/lib/random_bytes_libsodium.php |
86 86 + 0 - 0 !
src/Symfony/Component/Security/vendor/paragonie/random_compat/lib/random_bytes_libsodium_legacy.php |
86 86 + 0 - 0 !
src/Symfony/Component/Security/vendor/paragonie/random_compat/lib/random_bytes_mcrypt.php |
76 76 + 0 - 0 !
src/Symfony/Component/Security/vendor/paragonie/random_compat/lib/random_bytes_openssl.php |
83 83 + 0 - 0 !
src/Symfony/Component/Security/vendor/paragonie/random_compat/lib/random_int.php |
191 191 + 0 - 0 !
13 files changed, 1282 insertions(+), 84 deletions(-) |
cve-2016-1902: securerandom's fallback not secure when openssl fails
Bug: https://github.com/symfony/symfony/issues/17359
|
0013 CVE 2016 4423 Large username storage in session.patch | (download) |
src/Symfony/Component/Security/Core/SecurityContextInterface.php |
1 1 + 0 - 0 !
src/Symfony/Component/Security/Http/Firewall/UsernamePasswordFormAuthenticationListener.php |
5 5 + 0 - 0 !
src/Symfony/Component/Security/Tests/Http/Firewall/UsernamePasswordFormAuthenticationListenerTest.php |
78 78 + 0 - 0 !
3 files changed, 84 insertions(+) |
cve-2016-4423: large username storage in session
|