stable

php-twig-1.20.0-1.fc23

FEDORA-2015-13463 created by siwinski 10 years ago for Fedora 23

1.20.0 (2015-08-12)

  • forbid access to the Twig environment from templates and internal parts of Twig_Template
  • fixed limited RCEs when in sandbox mode
  • deprecated Twig_Template::getEnvironment()
  • deprecated the _self variable for usage outside of the from and import tags
  • added Twig_BaseNodeVisitor to ease the compatibility of node visitors between 1.x and 2.x

1.19.0 (2015-07-31)

  • fixed wrong error message when including an undefined template in a child template
  • added support for variadic filters, functions, and tests
  • added support for extra positional arguments in macros
  • added ignore_missing flag to the source function
  • fixed batch filter with zero items
  • deprecated Twig_Environment::clearTemplateCache()
  • fixed sandbox disabling when using the include function

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2015-13463

This update has been submitted for testing by siwinski.

10 years ago
User Icon taskotron commented 10 years ago

Taskotron: depcheck test PASSED on i386. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/116234/steps/runtask/logs/stdio (results are informative only)

User Icon taskotron commented 10 years ago

Taskotron: depcheck test PASSED on x86_64. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/116234/steps/runtask/logs/stdio (results are informative only)

This update is currently being pushed to the Fedora 23 testing updates repository.

10 years ago

This update is currently being pushed to the Fedora 23 testing updates repository.

10 years ago

This update has been pushed to testing

10 years ago

This update has reached 3 days in testing and can be pushed to stable now if the maintainer wishes

10 years ago

siwinski edited this update.

10 years ago

siwinski edited this update.

10 years ago

This update has been submitted for testing by siwinski.

10 years ago

This update has been pushed to testing

10 years ago

This update has been submitted for stable by siwinski.

10 years ago

This update has been pushed to stable

10 years ago

Please log in to add feedback.

Metadata
Type
security
Karma
0
Signed
Content Type
RPM
Test Gating
Autopush Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
disabled
Dates
submitted
10 years ago
in testing
10 years ago
in stable
10 years ago
modified
10 years ago
Builds
1
php-twig-1.20.0-1.fc23
BZ#1249259 php-twig-v1.20.0 is available
0
0
BZ#1255796 php-twig: Remote code execution via Twig templates [fedora-all]
0
0
php-twig-1.20.0-1.fc23

Automated Test Results

Copyright © 2007-2026 Red Hat, Inc. and others.

Running bodhi-server 25.11.3 on bodhi-web-21-9kdk4.

bodhi is Free Software. Please file issues if you have any problems. Read the documentation.

Composes Legal Privacy policy