Smarty v3.1.39 Release Notes

Release Date: 2021-02-17 // 8 months ago
  • ๐Ÿ”’ Security

    • Prevent access to $smarty.template_object in sandbox mode. This addresses CVE-2021-26119.
    • ๐Ÿ›  Fixed code injection vulnerability by using illegal function names in {function name='blah'}{/function}. This addresses CVE-2021-26120.

Previous changes from v3.1.38