January 7, 2015 Fabien Potencier

Symfony 2.3.24 has just been released. Here is a list of the most important changes:

bug #13286 [Security] Don't destroy the session on buggy php releases. (derrabus)

bug #12417 [HttpFoundation] Fix an issue caused by php's Bug #66606. (wusuopu)

bug #13200 Don't add Accept-Range header on unsafe HTTP requests (jaytaph)

bug #12491 [Security] Don't send remember cookie for sub request (blanchonvincent)

bug #12574 [HttpKernel] Fix UriSigner::check when _hash is not at the end of the uri (nyroDev)

bug #13185 Fixes Issue #13184 - incremental output getters now return empty strings (Bailey Parker)

bug #13145 [DomCrawler] Fix behaviour with <base> tag (dkop, WouterJ)

bug #13141 [TwigBundle] Moved the setting of the default escaping strategy from the Twig engine to the Twig environment (fabpot)

bug #13114 [HttpFoundation] fixed error when an IP in the X-Forwarded-For HTTP head... (fabpot)

bug #12572 [HttpFoundation] fix checkip6 (Neime)

bug #13075 [Config] fix error handler restoration in test (nicolas-grekas)

bug #13081 [FrameworkBundle] forward error reporting level to insulated Client (nicolas-grekas)

bug #13053 [FrameworkBundle] Fixed Translation loader and update translation command. (saro0h)

bug #13048 [Security] Delete old session on auth strategy migrate (xelaris)

bug #12999 [FrameworkBundle] fix cache:clear command (nicolas-grekas)

bug #13004 add a limit and a test to FlattenExceptionTest. (Daniel Wehner)

bug #12961 fix session restart on PHP 5.3 (Tobion)

bug #12761 [Filesystem] symlink use RealPath instead LinkTarget (aitboudad)

bug #12855 [DependencyInjection] Perf php dumper (nicolas-grekas)

bug #12894 [FrameworkBundle][Template name] avoid error message for the shortcut n... (aitboudad)

bug #12858 [ClassLoader] Fix undefined index in ClassCollectionLoader (szicsu)

Want to check the integrity of this new version? Read my blog post about signing releases .

Want to be notified whenever a new Symfony release is published? Or when a version is not maintained anymore? Or only when a security issue is fixed? Consider subscribing to the Symfony Roadmap Notifications.