FEDORA-EPEL-2015-7612 created by siwinski 4 years ago for Fedora EPEL 7
stable

1.20.0 (2015-08-12)

  • forbid access to the Twig environment from templates and internal parts of Twig_Template
  • fixed limited RCEs when in sandbox mode
  • deprecated Twig_Template::getEnvironment()
  • deprecated the _self variable for usage outside of the from and import tags
  • added Twig_BaseNodeVisitor to ease the compatibility of node visitors between 1.x and 2.x

1.19.0 (2015-07-31)

  • fixed wrong error message when including an undefined template in a child template
  • added support for variadic filters, functions, and tests
  • added support for extra positional arguments in macros
  • added ignore_missing flag to the source function
  • fixed batch filter with zero items
  • deprecated Twig_Environment::clearTemplateCache()
  • fixed sandbox disabling when using the include function
This update has been submitted for testing by siwinski. 4 years ago
This update is currently being pushed to the Fedora EPEL 7 testing updates repository. 4 years ago
This update has been pushed to testing 4 years ago
siwinski edited this update. 4 years ago
siwinski edited this update. 4 years ago
This update has been submitted for testing by siwinski. 4 years ago
This update has been pushed to testing 4 years ago
siwinski edited this update. 4 years ago
This update has been submitted for stable by siwinski. 4 years ago
This update has been pushed to stable. 4 years ago

Please login to add feedback.

Metadata
Type
security
Karma
0
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Dates
submitted
4 years ago
in testing
4 years ago
in stable
4 years ago
modified
4 years ago
BZ#1249259 php-twig-v1.20.0 is available
0
0
BZ#1255795 php-twig: Remote code execution via Twig templates
0
0
BZ#1255797 php-twig: Remote code execution via Twig templates [epel-all]
0
0

Automated Test Results