Global navigation

   Documentation Center
   eZ Studio & eZ Platform
     User Manual
     Technical Manual
   eZ Publish 4.x / legacy

eZ Publish (5.x)

eZ Publish 5.x | For eZ Platform & eZ Studio topics see Technical manual and User manual, for eZ Publish 4.x and Legacy topics see eZ Publish legacy

Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Adapt section on Symfony 2.7 vs 2.8 to clearify we now recommend 2.8 in recent versions, also fix link to UTF-8 patch as it was pointing to private repository


titleRecommended: Enable php-openssl extension
This release fixes a vulnerability in the eZ Publish password recovery function. You need to have the PHP OpenSSL extension (ext-openssl) installed to take full advantage of the improved security, but even without it security is improved. See Security Advisory for further information.

From 5.4.2 and lower


Code Block
php -d memory_limit=-1 composer.phar require --no-update symfony/symfony:~2.7.0 sensio/distribution-bundle:~3.0 

Fix possible usage of the XmlText CustomTags pre-converters


Edit ezpublish/EzPublishKernel.php, and instantiate eZ\Bundle\EzPublishLegacySearchEngineBundle\EzPublishLegacySearchEngineBundle in the list of enabled bundles in the $bundles array in the registerBundles() method, right before EzPublishLegacyBundle.

From 5.4.9 or lower

Fix extended UTF characters

For issue EZP-26748, see the following diff for patch.

From 5.4.11 or lower

Check symfony requirement

Make sure you are using Symfony 2.78, as Symfony 2.8 is currently not supported (both are LTS releases, but 7 support is being phased out. Reasoning: 2.7's main support period is coming to an end, 2.8 introduced a few breaks that causes problems). So check version using command below, and if 2.8 follow instuctions above to correct itprovides a better version to get ready for Symfony 3.x upgrade because of deprecation warnings, and on some system configurations* Symfony 2.7 is considered less secure.

To make sure you use the recommended versions of Symfony and some related libraries run the following composer command:

Code Block
php -d memory_limit=-1 composer.phar showrequire --installed

From 5.4.9 or lower

Fix extended UTF characters


no-update symfony/symfony:^2.8.41 sensio/distribution-bundle:~3.0 symfony/assetic-bundle:~2.8

\Random strings generated by paragonie/random_compat v1 as used by 2.7 are considered to not be cryptographically secure on Windows in general, and on older PHP versions (see CVE-2015-8867).

Updating packages with composer


Show If
groupeZ Users
Instructions for RC Testing

To test a RC release you'll need to update your requirements before next step:

bashExample (pick versions from relevant RC release JIRA ticket)

With this command you'll update all packages that have received updates: