Feed items

  • warning: Declaration of views_handler_argument::init(&$view, &$options) should be compatible with views_handler::init(&$view, $options) in /home/clients/ru/domains/development4web.com/html/sites/all/modules/views/handlers/views_handler_argument.inc on line 48.
  • warning: Declaration of views_handler_filter_boolean_operator::value_validate(&$form, &$form_state) should be compatible with views_handler_filter::value_validate($form, &$form_state) in /home/clients/ru/domains/development4web.com/html/sites/all/modules/views/handlers/views_handler_filter_boolean_operator.inc on line 111.
  • warning: Declaration of views_plugin_row_node_view::options_form(&$form, &$form_state) should be compatible with views_plugin_row::options_form($form, &$form_state) in /home/clients/ru/domains/development4web.com/html/sites/all/modules/views/modules/node/views_plugin_row_node_view.inc on line 35.

CVE-2024-50343: Incorrect response from Validator when input ends with `\n`

Affected versions

Symfony versions <5.4.43; >=6, <6.4.11; >=7, <7.1.4 of the Symfony Validator component are affected by this security issue.

The issue has been fixed in Symfony 5.4.43, 6.4.11, and 7.1.4.

Description

It is possible to trick a Validator configured with a regular expression using the $ metacharacters, with an input ending with \n.

Resolution

Symfony now uses the D regex modifier to match the entire input.





CVE-2024-50342: Internal address and port enumeration allowed by NoPrivateNetworkHttpClient

Affected versions

Symfony versions <5.4.46; >=6, <6.4.14; >=7, <7.1.7 of the Symfony HttpClient component are affected by this security issue.

The issue has been fixed in Symfony 5.4.46, 6.4.14, and 7.1.7.

Description

When using the NoPrivateNetworkHttpClient, some internal information is still leaking during host resolution, which leads to possible IP/port enumeration.

Resolution

The NoPrivateNetworkHttpClient now filters blocked IPs earlier to prevent such leaks.





CVE-2024-50340: Ability to change environment from query

Affected versions

Symfony versions <5.4.46; >=6, <6.4.14; >=7, <7.1.7 of the Symfony Runtime component are affected by this security issue.

The issue has been fixed in Symfony 5.4.46, 6.4.14, and 7.1.7.

Description

When the register_argc_argv php directive is set to on , and users call any URL with a special crafted query string, they are able to change the environment or debug mode used by the kernel when handling the request.





WordPress 6.7 Release Candidate 3

The third release candidate (RC3) for WordPress 6.7 is ready for download and testing!

This version of the WordPress software is under development. Please do not install, run, or test this version of WordPress on production or mission-critical websites. Instead, it’s recommended that you evaluate RC3 on a test server and site.





First Public Working Draft: Web Audio API 1.1

The Audio Working Group has published a First Public Working Draft of Web Audio API 1.1. This specification describes a high-level Web API for processing and synthesizing audio in web applications.





Laravel Solr

If you have ever had a need to implement search into your application you've probably heard of Apache Solr. Solr is a fast, open source search platform built on the full-text, vector, and geospatial search capabilities of Apache Lucene.





[news] Yii Request Provider 1.1

Version 3.8 of Yii HTML package is released. There are some improvements:





[news] Yii HTML 3.8

Version 3.8 of Yii HTML package is released. There are some improvements:





Laravel Roundup - November

Welcome to the November edition of the Laravel Roundup. This covers recent highlights, community events, Laravel jobs, and more!





Bento Laravel SDK

Bento is an Email Marketing & Automation Platform for Startups and their team recently created an official Laravel SDK.