smarty3 (3.1.33+20180830.1.3a78a21f+selfpack1-1) unstable; urgency=medium * New upstream release. - CVE-2018-16831: Don't bypass trusted directories with "../". (Closes: #908698). * debian/control: + Bump Standards-Version: to 4.2.1. No changes needed. -- Mike Gabriel <email address hidden> Mon, 17 Sep 2018 13:04:18 +0200