Releases: smarty-php/smarty
Releases · smarty-php/smarty
v4.0.1
What's Changed
- Rewrote the mailto function to not use
eval
when encoding with javascript - Feature/add docs by @wisskid in #689
- Fix for php 8.0 by @pandarek in #687
- Fix a typo by @marclaporte in #690
New Contributors
- @pandarek made their first contribution in #687
- @marclaporte made their first contribution in #690
Full Changelog: v4.0.0...v4.0.1
v3.1.42
Prevent arbitrary PHP code execution through maliciously crafted expression for the math function. This addresses CVE-2021-29454
Full Changelog: v3.1.41...v3.1.42
v3.1.41
v4.0.0
v2.6.32
v4.0.0-rc.0
Pre-release for Smarty4 support PHP8.0!
Release 3.1.40
Improved javascript escaping. And Smarty now logs a warning if an unsupported escape type is used to stop you from accidentally using $var|escape:quote
and not actually quoting anything.
Release 3.1.39
Security release, handling two sandbox security issues.
v3.1.38
Release 3.1.37
Brought lexer source functionally up-to-date with compiled version (#… …625) Fixes #621