The Laravel team released an important security update for Laravel 6 (v6.18.27) and Laravel 7 (v7.22.0) with a planned security release for Laravel 5.5 LTS forthcoming. You should update your applications to the latest patch releases as soon as possible, especially if you’re using the “cookie” session driver.
SECURITY: Laravel 6.18.27 and 7.22.0 have been released with a security related patch. All Laravel users should upgrade to these versions as soon as possible. https://t.co/uqtulq4H3f
— Laravel (@laravelphp) July 27, 2020
Laravel 6 is the current LTS version of Laravel. However, the previous LTS 5.5 version will receive essential security updates through the end of August 2020.
Laravel 5.5. users should avoid using the “cookie” session driver in production immediately:
Since we have not yet released a security release for the Laravel 5.5 version of the framework, we recommend that all applications running Laravel 5.5 and earlier do not use the “cookie” session driver in their production deployments.
Further details are available on the Laravel Blog.Filed in: News
Join 31,000+ others and never miss out on new tips, tutorials, and more.
- Senior Full-Stack Engineer
[REMOTE: USA Only] All Other Applications Will be Rejected Immediately"
- Senior Full Stack PHP Developer
Motto Design Studio
- 👉 Looking for Senior Back-End Laravel API Developer - Immediate (Full-time Contractor) 🎉
ApproveMe.com // The Document Signing Experience™
- Senior Software Engineer
Remote or Los Angeles
- Sr. Software Engineer
Salt Lake City, UT
Laravel’s Growing Community of Women Developers
Larabelles is a community launching later this year that focuses on reducing barriers for women to enter the world of…
How to make a Laravel app multi-tenant in minutes
In this tutorial, learn how to make your Laravel app multi-tenant using the Tenancy for Laravel package