aboutsummaryrefslogtreecommitdiffstats
path: root/vendor/smarty
Commit message (Collapse)AuthorAgeFilesLines
* deps: Upgrade smarty/smarty to version 4.5.4Harald Eilertsen2024-09-2810-88/+77
| | | | | | | | | | | | | | | | | | | This eliminates a potential vulnerability where an template author could inject arbitrary PHP files to be run via the 'extends' tag. See: - https://github.com/smarty-php/smarty/security/advisories/GHSA-4rmg-292m-wg3w - https://github.com/smarty-php/smarty/commit/0be92bc8a6fb83e6e0d883946f7e7c09ba4e857a Impact assessment: In our case I would consider this a low severity issue as we don't allow users to dynamically add or edit smarty templates. Templates has to be updated via merge requests, or by installing a theme. In both cases a malicious attacker already has easier ways to inject whatever code they want. Further, the extend tag is not in use in any of our core templates.
* update composer libsMario2024-03-0613-7/+100
|
* composer update smartyMario2023-10-058-10/+37
|
* update composer libsMario2023-05-30121-4108/+4014
|
* update smartyMario2023-01-27275-205/+15086
|
* composer update smartyMario2022-10-1116-90/+225
|
* Revert "update composer libs"Mario2022-10-1116-225/+90
| | | | This reverts commit 108a3efe0b6d37a7ed394a84c69b924ca727f17a.
* update composer libsMario2022-10-1116-90/+225
|
* Revert "update composer libs"Mario2022-10-1116-225/+90
| | | | This reverts commit 5e5f0aa955d86743a14531bed98501b59140ab1f.
* update composer libsMario2022-10-1116-90/+225
|
* update composer libsMario2022-05-19250-14987/+59
|
* composer update smarty to version 4.1 - new filesMario2022-02-11225-0/+13843
|
* composer update smarty to version 4.1Mario2022-02-11104-6172/+3001
|
* composer update smartyMario2021-06-055-1/+16
|
* get devHilmar R2021-03-0110-22/+44
|
* new filesMario2020-05-075-0/+6074
|
* composer updates 2Mario2020-05-0715-3560/+218
|
* Revert "composer updates"Mario2020-05-0715-218/+3560
| | | This reverts commit dbfe748d274f6843fc91a3071df7be45c4ab5b00
* Revert "add new files"Mario2020-05-075-6074/+0
| | | This reverts commit c76ff4249ec0f88832a9ce6c966a2fd326482197
* add new filesMario2020-05-075-0/+6074
|
* composer updatesMario2020-05-0715-3560/+218
|
* another bulk of composer updatesMario2019-11-1011-1228/+1374
| | | (cherry picked from commit 6685381fd8db507493c3d7c1793f8c05c681bbce)
* update html_to_markdown, smarty and sabredav libs via composerMario Vavti2018-10-30210-4995/+5602
|
* :arrow_up: Update libraries.Klaus Weidenbach2018-05-09178-5672/+7052
| | | | | Updating smarty/smarty (v3.1.31 => v3.1.32) Updating sabre/vobject (4.1.5 => 4.1.6)
* actually add the smarty libMario Vavti2017-12-18224-0/+37136