Bugfix: Package smarty/smarty needs update from v 3.1.31 to latest 3.1.33 (or later). - Githubissues

BitLucid / ninjawars

The code repository where ninjas are prototyped for the ninja game @ ninjawars.net

http://ninjawars.net

13 stars 8 forks source link

Bugfix: Package smarty/smarty needs update from v 3.1.31 to latest 3.1.33 (or later). #925

Closed tchalvak closed 5 years ago

tchalvak commented 5 years ago

Scrutinizer reports security issue with installed package: https://scrutinizer-ci.com/g/BitLucid/ninjawars/issues/master/files/composer.lock?filter%5Bseverities%5D%5B0%5D=15

Message:

IssueId: 32207879 Message: There is a security advisory for your installed version of smarty/smarty:Trusted-Directory Bypass via Path Traversal Filename: composer.lock LineNumber: 1417 Link: https://scrutinizer-ci.com/g/BitLucid/ninjawars/issues/master/files/composer.lock?filter%5Bseverities%5D%5B0%5D=15&issueId=32207879

tchalvak commented 5 years ago

wontfix for now, the update was done, I believe, but unable to update to tip of smarty package due to errors that it caused.