AddToAny

Share this

 

Feed items

  • warning: Declaration of views_handler_argument::init(&$view, &$options) should be compatible with views_handler::init(&$view, $options) in /home/clients/ru/domains/development4web.com/html/sites/all/modules/views/handlers/views_handler_argument.inc on line 48.
  • warning: Declaration of views_handler_filter_boolean_operator::value_validate(&$form, &$form_state) should be compatible with views_handler_filter::value_validate($form, &$form_state) in /home/clients/ru/domains/development4web.com/html/sites/all/modules/views/handlers/views_handler_filter_boolean_operator.inc on line 111.
  • warning: Declaration of views_plugin_row_node_view::options_form(&$form, &$form_state) should be compatible with views_plugin_row::options_form($form, &$form_state) in /home/clients/ru/domains/development4web.com/html/sites/all/modules/views/modules/node/views_plugin_row_node_view.inc on line 35.

A Week of Symfony #932 (4-10 November 2024)

This week, Symfony 5.4.46, 6.4.14, and 7.1.7, maintenance versions were released. In addition, we released the second beta version of Symfony 7.2 ahead of its final release at the end of November 2024.




PHP 8.4.0 RC4 available for testing

The PHP team is pleased to announce the release of PHP 8.4.0, RC4.
This is the fourth release candidate, continuing the PHP 8.4 release cycle,
the rough outline of which is specified in the
PHP Wiki.

For source downloads of PHP 8.4.0, RC4 please visit the
download page.




Solving File-Handling Challenges: Meteor Files Built on Meteor.js

IntroductionWhen creating real-time apps such as chats or dashboards, we usually consider Node.js and its many frameworks. In this tutorial, I’ll show you the most productive to create real-time apps with Zod and TypeScript.Most of you might think I’ll talk about a new JavaScript framework, but if you have been around the JavaScript community long enough, you may have heard of Meteor.js.




Build your slide deck in Laravel with Simple Slides

Simple Slides is a responsive and text-first presentation tool that engages your audience. It is built with Laravel, Vue, and PostgreSQL.
You'd want to use this if you are:




Laravel Nightwatch

Laracon AU has begun and with it comes exciting news from Taylor and the rest of the Laravel team. Announcing Laravel Nightwatch! First-class monitoring designed for Laravel.




First Public Working Draft: Audio Session

The Media Working Group has published the First Public Working Draft of Audio Session. This API defines an API surface for controlling how audio is rendered and interacts with other audio playing applications, allowing for better audio mixing or exclusive playback, depending on the context, to provide a more consistent and integrated media experience across devices.




Twig CVE-2024-51754: Unguarded calls to __toString() in a sandbox when an object is in an array or an argument list

Affected versions

Twig versions <3.11.2; >=3.12,<3.14.1 are affected by this security issue.

The issue has been fixed in Twig 3.11.2 and 3.14.1.
Note that Twig versions 1 and 2 are not maintained anymore and are vulnerable.

Description

In a sandbox, an attacker can call __toString() on an object even if the __toString() method is not allowed by the security policy when the object is part of an array or an argument list (arguments to a function or a filter for instance).




Twig CVE-2024-51755: Unguarded calls to __isset() and to array-accesses in a sandbox

Affected versions

Twig versions <3.11.2; >=3.12,<3.14.1 are affected by this security issue.

The issue has been fixed in Twig 3.11.2 and 3.14.1.
Note that Twig versions 1 and 2 are not maintained anymore and are vulnerable.

Description

In a sandbox, and attacker can access attributes of Array-like objects as they were not checked by the security policy.
They are now checked via the property policy and the __isset() method is now called after the security check.
This is a BC break.