Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

v5.4.53

Choose a tag to compare

View all tags
@fabpot fabpot released this 27 May 08:20
· 18319 commits to 8.2 since this release
v5.4.53
This tag was signed with the committer’s verified signature.
fabpot Fabien Potencier
SSH Key Fingerprint: mvSYYIzLe3HGrMTpwpMI1Ld++wOYnla+UqdTeOZAScE
Verified
Learn about vigilant mode.
6436e37
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Changelog (v5.4.52...v5.4.53)

  • data #64370 Release v5.4.53
  • security #cve-2026-48736 [HttpClient] Block IPv6 transition forms in NoPrivateNetworkHttpClient (@nicolas-grekas)
  • security #cve-2026-48489 [Security] Don't honor user-supplied _failure_path on failure_forward (@nicolas-grekas)
  • security #cve-2026-48784 [Routing] Fix dot-segment encoding for chained "../" and "./" in generated URLs (@nicolas-grekas)
  • bug #64346 [Runtime] Trust argv on CLI-like SAPIs to fix subprocess args (@nicolas-grekas)
  • bug #64336 [Cache] Accept '_' and ':' in prefix passed to AbstractAdapter::clear() (@nicolas-grekas)
  • bug #64316 [Yaml] Allow trailing newlines after the end-of-document marker (@nicolas-grekas)

Contributors

nicolas-grekas
Assets 2
Loading
Morty Proxy This is a proxified and sanitized view of the page, visit original site.