| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | deps: Upgrade smarty/smarty to version 4.5.4 | Mario | 2024-10-02 | 10 | -88/+77 |
| | | | | | | | | | | | | | | | | | | | | | | | | This eliminates a potential vulnerability where an template author could inject arbitrary PHP files to be run via the 'extends' tag. See: - https://github.com/smarty-php/smarty/security/advisories/GHSA-4rmg-292m-wg3w - https://github.com/smarty-php/smarty/commit/0be92bc8a6fb83e6e0d883946f7e7c09ba4e857a Impact assessment: In our case I would consider this a low severity issue as we don't allow users to dynamically add or edit smarty templates. Templates has to be updated via merge requests, or by installing a theme. In both cases a malicious attacker already has easier ways to inject whatever code they want. Further, the extend tag is not in use in any of our core templates. (cherry picked from commit 4dff1a1e5b6d1117cf3a8ad9924d38fb7d01b687) Co-authored-by: Harald Eilertsen <haraldei@anduin.net> | ||||
| * | update composer libs | Mario | 2024-03-06 | 13 | -7/+100 |
| | | |||||
| * | composer update smarty | Mario | 2023-10-05 | 8 | -10/+37 |
| | | |||||
| * | update composer libs | Mario | 2023-05-30 | 121 | -4108/+4014 |
| | | |||||
| * | update smarty | Mario | 2023-01-27 | 275 | -205/+15086 |
| | | |||||
| * | composer update smarty | Mario | 2022-10-11 | 16 | -90/+225 |
| | | |||||
| * | Revert "update composer libs" | Mario | 2022-10-11 | 16 | -225/+90 |
| | | | | | This reverts commit 108a3efe0b6d37a7ed394a84c69b924ca727f17a. | ||||
| * | update composer libs | Mario | 2022-10-11 | 16 | -90/+225 |
| | | |||||
| * | Revert "update composer libs" | Mario | 2022-10-11 | 16 | -225/+90 |
| | | | | | This reverts commit 5e5f0aa955d86743a14531bed98501b59140ab1f. | ||||
| * | update composer libs | Mario | 2022-10-11 | 16 | -90/+225 |
| | | |||||
| * | update composer libs | Mario | 2022-05-19 | 250 | -14987/+59 |
| | | |||||
| * | composer update smarty to version 4.1 - new files | Mario | 2022-02-11 | 225 | -0/+13843 |
| | | |||||
| * | composer update smarty to version 4.1 | Mario | 2022-02-11 | 104 | -6172/+3001 |
| | | |||||
| * | composer update smarty | Mario | 2021-06-05 | 5 | -1/+16 |
| | | |||||
| * | get dev | Hilmar R | 2021-03-01 | 10 | -22/+44 |
| | | |||||
| * | new files | Mario | 2020-05-07 | 5 | -0/+6074 |
| | | |||||
| * | composer updates 2 | Mario | 2020-05-07 | 15 | -3560/+218 |
| | | |||||
| * | Revert "composer updates" | Mario | 2020-05-07 | 15 | -218/+3560 |
| | | | | This reverts commit dbfe748d274f6843fc91a3071df7be45c4ab5b00 | ||||
| * | Revert "add new files" | Mario | 2020-05-07 | 5 | -6074/+0 |
| | | | | This reverts commit c76ff4249ec0f88832a9ce6c966a2fd326482197 | ||||
| * | add new files | Mario | 2020-05-07 | 5 | -0/+6074 |
| | | |||||
| * | composer updates | Mario | 2020-05-07 | 15 | -3560/+218 |
| | | |||||
| * | another bulk of composer updates | Mario | 2019-11-10 | 11 | -1228/+1374 |
| | | | | (cherry picked from commit 6685381fd8db507493c3d7c1793f8c05c681bbce) | ||||
| * | update html_to_markdown, smarty and sabredav libs via composer | Mario Vavti | 2018-10-30 | 210 | -4995/+5602 |
| | | |||||
| * | :arrow_up: Update libraries. | Klaus Weidenbach | 2018-05-09 | 178 | -5672/+7052 |
| | | | | | | Updating smarty/smarty (v3.1.31 => v3.1.32) Updating sabre/vobject (4.1.5 => 4.1.6) | ||||
| * | actually add the smarty lib | Mario Vavti | 2017-12-18 | 224 | -0/+37136 |
 |
index : volse-hubzilla.git | |
| Volse Hubzilla -- soft fork of main Hubzilla core for Volse | Eilertsens Kodeknekkeri |
| aboutsummaryrefslogtreecommitdiffstats |