Bug#1055986: bookworm-pu: package symfony/5.4.23+dfsg-1+deb12u1
Control: tags -1 + confirmed
On Wed, 2023-11-15 at 13:53 +0100, David Prévot wrote:
> I’d like to fix the following two security issues in the next point
> release, as advised by the security team (they do not intend to issue
> a
> DSA for that).
>
> [TwigBridge] Ensure CodeExtension's filters properly escape their
> input
> [CVE-2023-46734] (Closes: #1055774)
> [Security] Fix possible session fixation when only the *token*
> changes
> [CVE-2023-46733] (Closes: #1055775)
Please go ahead.
Regards,
Adam
Reply to: