Merge branch '4.1' into 4.2

* 4.1:
  [Routing] fix trailing slash redirections involving a trailing var
  [EventDispatcher] Revers event tracing order
  [Security] Prefer clone over unserialize(serialize()) for user refreshment
  [Console] OutputFormatter: move strtolower to createStyleFromString
  Adjust tests to work in the armhf architecture. Fixes #29281.
  Vietnamese translations improvement
  [Form] Fixed FormErrorIterator class phpdoc
  Renamed test controller from Controller to TestController so it doesn't show up in the IDE autocomplete.
  Don't use he in docs when its not needed
  EventSubscriberInterface isn't a man
  fixed public directory of web server and assets install when configured in composer.json

Author: nicolas-grekas

Firewall/ContextListener.php

@@ -170,7 +170,7 @@ protected function refreshUser(TokenInterface $token)
 
             try {
                 $refreshedUser = $provider->refreshUser($user);
-                $newToken = unserialize(serialize($token));
+                $newToken = clone $token;
                 $newToken->setUser($refreshedUser);
 
                 // tokens can be deauthenticated if the user has been changed.