Merge branch '2.6' into 2.7

* 2.6:
  bumped Symfony version to 2.6.4
  updated VERSION for 2.6.3
  updated CHANGELOG for 2.6.3
  bumped Symfony version to 2.6.3
  updated VERSION for 2.6.2
  updated CHANGELOG for 2.6.2
  bumped Symfony version to 2.5.10
  updated VERSION for 2.5.9
  updated CHANGELOG for 2.5.9
  [FrameworkBundle] Use security.token_storage service in Controller::getUser()
  bumped Symfony version to 2.3.25
  updated VERSION for 2.3.24
  update CONTRIBUTORS for 2.3.24
  Removed unneeded version requirements
  updated CHANGELOG for 2.3.24
  fixed tests
  [Security] Don't destroy the session on buggy php releases.
  [Process] Fix input reset in WindowsPipes
  add back model_timezone and view_timezone options

Conflicts:
	src/Symfony/Component/HttpKernel/Kernel.php

1 files changed, 4 insertions, 1 deletions

diff --git a/Http/Session/SessionAuthenticationStrategy.php b/Http/Session/SessionAuthenticationStrategy.php
index dd258a0..ccfa6ba 100644
--- a/Http/Session/SessionAuthenticationStrategy.php
+++ b/Http/Session/SessionAuthenticationStrategy.php
@@ -47,7 +47,10 @@ class SessionAuthenticationStrategy implements SessionAuthenticationStrategyInte
                 return;
 
             case self::MIGRATE:
-                $request->getSession()->migrate(true);
+                // Destroying the old session is broken in php 5.4.0 - 5.4.10
+                // See php bug #63379
+                $destroy = PHP_VERSION_ID < 50400 || PHP_VERSION_ID >= 50411;
+                $request->getSession()->migrate($destroy);
 
                 return;