8000 added CVE 2017-11365 · symfony/symfony-docs@3556e82 · GitHub
[go: up one dir, main page]
Skip to content

Commit 3556e82

Browse files
fabpotfabpot
committed
added CVE 2017-11365
1 parent 0ae6a4c commit 3556e82

File tree

1 file changed

+1
-0
lines changed

1 file changed

+1
-0
lines changed

contributing/code/security.rst

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -103,6 +103,7 @@ Security Advisories
103103
This section indexes security vulnerabilities that were fixed in Symfony
104104
releases, starting from Symfony 1.0.0:
105105

106+
* Jul 17, 2017, `CVE-2017-11365: Empty passwords validation issue <https://symfony.com/blog/cve-2017-11365-empty-passwords-validation-issue>`_ (2.7.30, 2.7.31, 2.8.23, 2.8.24, 3.2.10, 3.2.11, 3.3.3, and 3.3.4)
106107
* May 9, 2016: `CVE-2016-2403: Unauthorized access on a misconfigured Ldap server when using an empty password <https://symfony.com/blog/cve-2016-2403-unauthorized-access-on-a-misconfigured-ldap-server-when-using-an-empty-password>`_ (2.8.0-2.8.5, 3.0.0-3.0.5)
107108
* May 9, 2016: `CVE-2016-4423: Large username storage in session <https://symfony.com/blog/cve-2016-4423-large-username-storage-in-session>`_ (2.3.0-2.3.40, 2.7.0-2.7.12, 2.8.0-2.8.5, 3.0.0-3.0.5)
108109
* January 18, 2016: `CVE-2016-1902: SecureRandom's fallback not secure when OpenSSL fails <https://symfony.com/blog/cve-2016-1902-securerandom-s-fallback-not-secure-when-openssl-fails>`_ (2.3.0-2.3.36, 2.6.0-2.6.12, 2.7.0-2.7.8)

0 commit comments

Comments
 (0)
0