Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[shopsys] update twig/twig to v2.15.4 #2527

Merged
merged 1 commit into from Jan 12, 2023
Merged

[shopsys] update twig/twig to v2.15.4 #2527

merged 1 commit into from Jan 12, 2023

Conversation

RostislavKreisinger
Copy link
Contributor

Q A
Description, reason for the PR update twig/twig to v2.15.4 - fix CVE-2022-39261 - https://symfony.com/blog/twig-security-release-possibility-to-load-a-template-outside-a-configured-directory-when-using-the-filesystem-loader
New feature No
BC breaks No
Fixes issues ...
Have you read and signed our License Agreement for contributions? Yes

@RostislavKreisinger RostislavKreisinger added Bug Something isn't working Security Issue concerning the security of the application labels Jan 3, 2023
TomasLudvik
TomasLudvik requested changes Jan 9, 2023
View reviewed changes
composer.json Outdated Show resolved Hide resolved
@TomasLudvik TomasLudvik changed the title update twig/twig to v2.15.4 - fix CVE-2022-39261 [shopsys] update twig/twig to v2.15.4 Jan 9, 2023
@TomasLudvik TomasLudvik added this to the SSFW 11.0.0 milestone Jan 9, 2023
@TomasLudvik TomasLudvik removed the Bug Something isn't working label Jan 9, 2023
TomasLudvik
TomasLudvik requested changes Jan 9, 2023
View reviewed changes
upgrade/UPGRADE-v11.0.0-dev.md Outdated Show resolved Hide resolved
composer.json Outdated Show resolved Hide resolved
@RostislavKreisinger RostislavKreisinger force-pushed the rk-fw-1013-fix-cve-2022-39261-in-twig branch from e8b0862 to ecfbeb0 Compare January 9, 2023 13:55
@RostislavKreisinger RostislavKreisinger force-pushed the rk-fw-1013-fix-cve-2022-39261-in-twig branch from ecfbeb0 to 2d96929 Compare January 12, 2023 07:20
@sonarcloud
Copy link

sonarcloud bot commented Jan 12, 2023

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
0.0% 0.0% Duplication

@RostislavKreisinger RostislavKreisinger merged commit 272b828 into master Jan 12, 2023
@RostislavKreisinger RostislavKreisinger deleted the rk-fw-1013-fix-cve-2022-39261-in-twig branch January 12, 2023 07:38
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@TomasLudvik TomasLudvik TomasLudvik approved these changes

Assignees
No one assigned
Labels
Security Issue concerning the security of the application
Projects
None yet
Milestone
SSFW 11.0.0
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@RostislavKreisinger @TomasLudvik