0001-Add-a-vendor-autoload.php-needed-to-run-tests-during.patch
0002-group-online-for-test-failing-without-network.patch
0003-Remove-content-from-README.md-files.patch
0004-Add-more-tests-to-group-tty.patch
0005-Process-Make-test-AbstractProcessTest-testStartAfter.patch
0006-Increasing-timeout-in-test-AbstractProcessTest-testS.patch
0007-isFromTrustedProxy-to-confirm-request-came-from-a-tr.patch
0008-Safe-escaping-of-fragments-for-eval.patch
0009-HttpKernel-Do-not-call-the-FragmentListener-if-_cont.patch
0010-CVE-2015-8124-Session-Fixation-in-the-Remember-Me-Lo.patch
0011-CVE-2015-8125-Vulnerability-in-Security-Remember-Me-.patch
0012-CVE-2016-1902-SecureRandom-s-fallback-not-secure-whe.patch
0013-CVE-2016-4423-Large-username-storage-in-session.patch
0014-Validator-Update-IpValidatorTest-data-set-with-a-valid-reserved-IP.patch
0015-Fix-unit-test-failures.patch
0016-Security-Validate-redirect-targets-using-the-session-cook.patch
0017-SecurityBundle-Fix-syntax-error-in-test.patch
0018-prevent-bundle-readers-from-breaking-out-of-paths.patch
0019-Adding-session-strategy-to-ALL-listeners-to-avoid-any-pos.patch
0020-SecurityBundle-Fail-if-security.http_utils-cannot-be-conf.patch
0021-HttpFoundation-Remove-support-for-legacy-and-risky-HTTP-headers.patch
0022-ensure-that-submitted-data-are-uploaded-files.patch
0023-Form-The-trace-of-form-errors-is-now-displayed-in-the-profiler.patch
0024-Form-Decoupled-methods-of-ResolvedFormType-so-that-they-can-be-overridden-individually-by-decorators.patch
0025-Form-Filter-file-uploads-out-of-regular-form-types.patch
0026-Security-Http-detect-bad-redirect-targets-using-backslashes.patch
0027-CVE-2019-10909-FrameworkBundle-Form-Fix-XSS-issues-i.patch
0028-CVE-2019-10910-Backport-export-function-in-PhpDumper.patch
0029-CVE-2019-10910-DI-Check-service-IDs-are-valid-nicola.patch
0030-CVE-2019-10911-Use-HMAC-construction-for-remember-me.patch
0031-CVE-2019-10911-Security-Add-a-separator-in-the-remem.patch
0032-CVE-2019-10913-HttpFoundation-reject-invalid-method-.patch
0033-CVE-2019-18886-Security-Core-throw-AccessDeniedException-when-switch-user-fails.patch
0034-CVE-2019-18887-HttpKernel-Use-constant-time-comparison-in-UriSigner.patch
0035-CVE-2019-18888-HttpFoundation-fix-guessing-mime-types-of-files-with-leading-dash.patch
