request #47659 symfony/yaml: 8.0.1 -> 8.0.13

Infos

Artifact ID#47659

Submitted byThomas Gerbet (tgerbet)

Last Modified On2026-05-28 17:04

Submitted on2026-05-28 16:13

Rank49387

Details

Summary *

symfony/yaml: 8.0.1 -> 8.0.13

Original Submission

Fixes CVE-2026-45304, CVE-2026-45305 and CVE-2026-45133: DoS issues who do not have an impact in Tuleap use cases. symfony/yaml is only a transitive dep of some of our dev tools.

https://github.com/symfony/yaml/compare/v8.0.1...v8.0.13

CategoryDependencies

Reported in versionEmpty

PlatformEmpty

Is an Enhancement or an internal improvement?

[ ] enhancement
[ ] internal improvement

CC listEmpty

Stage

Assigned toThomas Gerbet (tgerbet)

StatusClosed

Close date2026-05-28

Attachments

AttachmentsEmpty

References

Cross references

Show items referenced by request #47659

Referenced by request #47659

Artifact

rel #47138 17.6

Other

gerrit #37853

Follow-ups

Joris MASSON (jmasson)

2026-05-28 17:04

Connected artifacts
- Added Fixed in: rel #47138

Tracker Workflow Manager (forge__tracker_workflow_manager)

2026-05-28 17:03

Closed by @tgerbet with git #tuleap/tuleap/53cba6c6de60c6d281919ced0733d85f9cd074e8.

Status changed from Under implementation to Closed
Close date set to 2026-05-28

Thomas Gerbet (tgerbet)

2026-05-28 16:14

See gerrit #37853.

Public

Referenced by request #47659

Artifact

Other

Follow-ups