Comment 8 for bug 1543740

Ok, so we have a few options, I think, Steve, upon review.

We can either backport just: https://github.com/symfony/symfony/commit/0c6400a42867b7c4e8231196ea6f7a38dfab4405 to the current version. Which *might* work.

We could update to 2.7.10, which released on 2/28.

We could merge with Debian experimental, which I can do. Based upon my reading of the changelog for 2.8.2+dfsg-1:

symfony (2.8.2+dfsg-1) experimental; urgency=medium

  * Upload new branch to experimental

  [ Fabien Potencier ]
  * updated VERSION for 2.8.2

  [ Daniel Beyer ]
  * Bump Standards-Version: in d/control (no changes needed)
  * Remove licensing for the no longer used Glyphish icons from d/copyright
  * Remove license CC-BY-3.0-US from d/copyright (no longer used)
  * Update debian/copyright for symfony 2.8
  * Add patch to fix broken test in the VarDumper component
    - VarDumper-Fix-tests-on-PHP-7.patch
  * Add patch to fix broken memcache session handler in HttpFoundation
    - HttpFoundation-Fix-incompatibility-with-php-memcache.patch
  * Use php7 for building (Closes: #814799)
  * Use php7 for DEP-8 (as-installed) tests
  * Use php5 for DEP-8 (as-installed) tests against php5-symfony-debug
  * Skip tests (build time and DEP-8) for component PropertyInfo
  * Add php-symfony-property-info
  * Add php-symfony-ldap
  * Update build and DEP-8 dependencies for Symfony 2.8

  [ David Prévot ]
  * Add CVE entry for previous changelog entry
  * Use the now packaged php-random-lib (via php-symfony-polyfill-php70)
    instead of an embedded copy
  * Add php-symfony-security-{core,csrf,guard,http}, php-symfony-security is
    becoming almost a metapackage
  * Add php-symfony, almost a metapackage depending on every component,
    shipping upgrading notes

 -- David Prévot <email address hidden> Sun, 21 Feb 2016 10:40:09 -0400

---

I think we should do the last. Steve, given that, should I file a FFe?