News


09/09/2024 - 18:55

Affected Versions

Twig >1.0.0,<=1.44.7 || >2.0.0,<=2.16.0 || >3.0.0,<=3.11.0 || >=3.12.0,<3.14.0 versions are affected by this security issue.

Even if twig 1.x and 2.x are not maintained anymore, we've released new versions with the security fix.

This issue has been fixed in Twig 1.44.8, 2.16.1, and 3.14.0.

Description

Under some circumstances, the sandbox security checks are not run which allows user-contributed templates to bypass the sandbox restrictions.

The security issue happens when all these conditions are met:





09/08/2024 - 09:46

This week, the upcoming Symfony 7.2 version focused on adding compatibility with Twig 4 and updating tests to support PHPUnit 10 and later versions.





09/05/2024 - 16:55

Taylor tweeted this morning:
"I'm excited to announce that Laravel has raised a $57M Series A in partnership with Accel."





09/04/2024 - 02:01

Version 1.2 of Yii Network Utilities package has been released. Here is the list of changes included in the new version:

  • Added IP_PATTERN and IP_REGEXP constants to IpHelper for checking IP of both IPv4 and IPv6 versions.
  • Added NEGATION_CHARACTER constant to IpRanges used to negate ranges.
  • Added isIpv4(), isIpv6(), isIp() methods to IpHelper.




09/03/2024 - 17:24

WordCamp US 2024 rounds out this year’s trio of flagship WordCamps. Starting September 17, open source and WordPress professionals from around the world will touch down in Portland, Oregon, for four days of learning, connecting, and collaborating. 





09/03/2024 - 15:51

Node v23.5.0 (Current)