Smarty 2.6.23 Released
5 views
Skip to first unread message
Monte Ohrt
May 13, 2009, 11:59:51 AM5/13/09
to smarty-d...@googlegroups.com, smarty-d...@googlegroups.com, smarty-...@googlegroups.com
This release addresses a correction with the {math} plugin where
backticks were not properly sanitized, creating a possible shell
execution, even from a secure template. There are no known sequences
that actually do anything, but removing backticks will rule out any
question. Also addressed, templates that exist but are not readable now
create a proper error message.
backticks were not properly sanitized, creating a possible shell
execution, even from a secure template. There are no known sequences
that actually do anything, but removing backticks will rule out any
question. Also addressed, templates that exist but are not readable now
create a proper error message.
NEWS/Changelog: http://www.smarty.net/misc/NEWS
Download: http://www.smarty.net/download.php
mumumu
May 13, 2009, 3:11:52 PM5/13/09
to Smarty Discussion
Hi,
I tried to download, but got "Invalid file requested for download!"
error.. :(
Regards.
error.. :(
Regards.
mumumu
May 13, 2009, 2:58:22 PM5/13/09
to Smarty Discussion
But I got "Invalid file requested for download!" error on download
page link. :(
http://www.smarty.net/do_download.php?download_file=Smarty-2.6.23.tar.gz
http://www.smarty.net/do_download.php?download_file=Smarty-2.6.23.zip
Best Regards.
Monte Ohrt
May 13, 2009, 3:15:33 PM5/13/09
to smarty-d...@googlegroups.com
Oops, my fault. It's fixed, try again!
mumumu
May 13, 2009, 3:19:15 PM5/13/09
to Smarty Discussion
Yes, I could download. Thank you for your fix!
# btw, sorry for my duplicate post...
# googlegroups did not reflect my post on webpage shortly..
# btw, sorry for my duplicate post...
# googlegroups did not reflect my post on webpage shortly..
Reply all
Reply to author
Forward
0 new messages