Web Developers are used to big changes in their frameworks and tools. Being used to does not directly translated to being confortable. With the big change from Symfony in version from Symfony to Symfony2 fresh in memory - many are pondering how big of a jump it is to Symfony3.
The "httpoxy" exploit possibly affecting millions of web services is in the wild. As the vulnerability is not found in a single product, but it has a large possible surface area. The exact ways of how this could be exploited are limitless. Here are some ideas on how httpoxy exploits could be used to attack unsuspecting website visitors.
In November the Symfony project will launch two versions of the Symfony project. Symfony 3.4 to finalise the 3.x series and Symfony 4.0 to be the first release to use something known as "Symfony Flex" by default, instead of the classic Symfony Full Stack Framework. But what are these releases and what differences are there?