v5.0.7
Changelog (v5.0.6...v5.0.7)
- security #cve-2020-5255 [HttpFoundation] Do not set the default Content-Type based on the Accept header (@yceruto)
- security #cve-2020-5275 [Security] Fix access_control behavior with unanimous decision strategy (@chalasr)
- bug #36262 [DI] fix generating TypedReference from PriorityTaggedServiceTrait (@nicolas-grekas)
- bug #36252 [Security/Http] Allow setting cookie security settings for delete_cookies (@wouterj)
- bug #36261 [FrameworkBundle] revert to legacy wiring of the session when circular refs are detected (@nicolas-grekas)
- bug #36259 [DomCrawler] Fix BC break in assertions breaking Panther (@dunglas)
- bug #36181 [BrowserKit] fixed missing post request parameters in file uploads (@codebay)
- bug #36216 [Validator] Assert Valid with many groups (@phucwan91)
- bug #36222 [Console] Fix OutputStream for PHP 7.4 (@guillbdx)
[PR] #36269
[SECURITY] Security release