Add CVE 2017-11365 #8186

fabpot · 2017-07-17T19:21:11Z

No description provided.

xabbuh · 2017-07-17T19:45:55Z

contributing/code/security.rst

@@ -103,6 +103,7 @@ Security Advisories
 This section indexes security vulnerabilities that were fixed in Symfony
 releases, starting from Symfony 1.0.0:

+* Jul 17, 2017, `CVE-2017-11365: Empty passwords validation issue <http://symfony.com/blog/cve-2017-11365-empty-passwords-validation-issue>`_ (2.7.30, 2.7.31, 2.8.23, 2.8.24, 3.2.10, 3.2.11, 3.3.3, and 3.3.4)


We should use HTTPS for the link.

Good catch, fixed

xabbuh · 2017-07-18T07:35:32Z

Thank you @fabpot.

This PR was merged into the 2.7 branch. Discussion ---------- Add CVE 2017-11365 Commits ------- 3556e82 added CVE 2017-11365

carsonbot added the Status: Needs Review label Jul 17, 2017

xabbuh reviewed Jul 17, 2017

View reviewed changes

added CVE 2017-11365

3556e82

fabpot force-pushed the cve-2017-11365 branch from b9519d5 to 3556e82 Compare July 18, 2017 07:26

xabbuh merged commit 3556e82 into symfony:2.7 Jul 18, 2017

xabbuh added a commit that referenced this pull request Jul 18, 2017

minor #8186 Add CVE 2017-11365 (fabpot)

7185f58

This PR was merged into the 2.7 branch. Discussion ---------- Add CVE 2017-11365 Commits ------- 3556e82 added CVE 2017-11365

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

Add CVE 2017-11365 #8186

Add CVE 2017-11365 #8186

Uh oh!

fabpot commented Jul 17, 2017

Uh oh!

xabbuh Jul 17, 2017

Uh oh!

fabpot Jul 18, 2017

Uh oh!

xabbuh commented Jul 18, 2017

Uh oh!

Uh oh!

Uh oh!

Add CVE 2017-11365 #8186

Add CVE 2017-11365 #8186

Uh oh!

Conversation

fabpot commented Jul 17, 2017

Uh oh!

xabbuh Jul 17, 2017

Choose a reason for hiding this comment

Uh oh!

fabpot Jul 18, 2017

Choose a reason for hiding this comment

Uh oh!

xabbuh commented Jul 18, 2017

Uh oh!

Uh oh!