Hi, Here are the open issues I see in the security layer: 1) rememberme https://github.com/fabpot/symfony/pull/254
2) csrf missing in form_login http://groups.google.com/group/symfony-devs/browse_thread/thread/a6050244c09a42ea/f306a4241aa18e8c?#f306a4241aa18e8c 3) password in clear text in the session http://groups.google.com/group/symfony-devs/browse_thread/thread/268c603699a7e0b5/56f5b7eed853d413 4) Extension refactoring http://groups.google.com/group/symfony-devs/browse_thread/thread/a1252a0f232c6692# http://groups.google.com/group/symfony-devs/browse_thread/thread/c4e6ffc7ecbcf708# 5) other pull requests https://github.com/fabpot/symfony/pull/386 https://github.com/fabpot/symfony/pull/395 6) open tickets http://trac.symfony-project.org/ticket/9301 http://trac.symfony-project.org/ticket/9300 http://trac.symfony-project.org/ticket/9275 7) not sure if we want to include it here, but there are a couple tickets about listeners in general http://trac.symfony-project.org/ticket/9250 http://trac.symfony-project.org/ticket/9249 http://trac.symfony-project.org/ticket/9248 regards, Lukas Kahwe Smith [email protected] -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups "symfony developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/symfony-devs?hl=en
