Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | deps: Upgrade smarty/smarty to version 4.5.4 | Harald Eilertsen | 2024-09-28 | 10 | -88/+77 |
| | | | | | | | | | | | | | | | | | | | This eliminates a potential vulnerability where an template author could inject arbitrary PHP files to be run via the 'extends' tag. See: - https://github.com/smarty-php/smarty/security/advisories/GHSA-4rmg-292m-wg3w - https://github.com/smarty-php/smarty/commit/0be92bc8a6fb83e6e0d883946f7e7c09ba4e857a Impact assessment: In our case I would consider this a low severity issue as we don't allow users to dynamically add or edit smarty templates. Templates has to be updated via merge requests, or by installing a theme. In both cases a malicious attacker already has easier ways to inject whatever code they want. Further, the extend tag is not in use in any of our core templates. | ||||
* | update composer libs | Mario | 2024-03-06 | 13 | -7/+100 |
| | |||||
* | composer update smarty | Mario | 2023-10-05 | 8 | -10/+37 |
| | |||||
* | update composer libs | Mario | 2023-05-30 | 121 | -4108/+4014 |
| | |||||
* | update smarty | Mario | 2023-01-27 | 275 | -205/+15086 |
| | |||||
* | composer update smarty | Mario | 2022-10-11 | 16 | -90/+225 |
| | |||||
* | Revert "update composer libs" | Mario | 2022-10-11 | 16 | -225/+90 |
| | | | | This reverts commit 108a3efe0b6d37a7ed394a84c69b924ca727f17a. | ||||
* | update composer libs | Mario | 2022-10-11 | 16 | -90/+225 |
| | |||||
* | Revert "update composer libs" | Mario | 2022-10-11 | 16 | -225/+90 |
| | | | | This reverts commit 5e5f0aa955d86743a14531bed98501b59140ab1f. | ||||
* | update composer libs | Mario | 2022-10-11 | 16 | -90/+225 |
| | |||||
* | update composer libs | Mario | 2022-05-19 | 250 | -14987/+59 |
| | |||||
* | composer update smarty to version 4.1 - new files | Mario | 2022-02-11 | 225 | -0/+13843 |
| | |||||
* | composer update smarty to version 4.1 | Mario | 2022-02-11 | 104 | -6172/+3001 |
| | |||||
* | composer update smarty | Mario | 2021-06-05 | 5 | -1/+16 |
| | |||||
* | get dev | Hilmar R | 2021-03-01 | 10 | -22/+44 |
| | |||||
* | new files | Mario | 2020-05-07 | 5 | -0/+6074 |
| | |||||
* | composer updates 2 | Mario | 2020-05-07 | 15 | -3560/+218 |
| | |||||
* | Revert "composer updates" | Mario | 2020-05-07 | 15 | -218/+3560 |
| | | | This reverts commit dbfe748d274f6843fc91a3071df7be45c4ab5b00 | ||||
* | Revert "add new files" | Mario | 2020-05-07 | 5 | -6074/+0 |
| | | | This reverts commit c76ff4249ec0f88832a9ce6c966a2fd326482197 | ||||
* | add new files | Mario | 2020-05-07 | 5 | -0/+6074 |
| | |||||
* | composer updates | Mario | 2020-05-07 | 15 | -3560/+218 |
| | |||||
* | another bulk of composer updates | Mario | 2019-11-10 | 11 | -1228/+1374 |
| | | | (cherry picked from commit 6685381fd8db507493c3d7c1793f8c05c681bbce) | ||||
* | update html_to_markdown, smarty and sabredav libs via composer | Mario Vavti | 2018-10-30 | 210 | -4995/+5602 |
| | |||||
* | :arrow_up: Update libraries. | Klaus Weidenbach | 2018-05-09 | 178 | -5672/+7052 |
| | | | | | Updating smarty/smarty (v3.1.31 => v3.1.32) Updating sabre/vobject (4.1.5 => 4.1.6) | ||||
* | actually add the smarty lib | Mario Vavti | 2017-12-18 | 224 | -0/+37136 |