[HIGH] Security fixes related to the way XML is handled

PKSA-q1m3-5gzj-p6jw GHSA-c636-cg5r-2498

Affected package: symfony/dependency-injection

Affected version: >=2.0.0,<2.0.17

Reported by:
GitHub, FriendsOfPHP/security-advisories