Das Update betrifft alle Nutzer, die den quoteIdentifier() in AbstractPlatform oder DoctrineDBALConnection nutzen. It was brought to our attention that identifier quoting in Doctrine DBAL has a potential security problem when user-input is passed into this function, making the security aspect of this functionality obsolete.
DBAL steht in den Versionen 2.0.8 und 2.1.2 ab sofort zum Download bereit.