diff --git a/change_log.txt b/change_log.txt
index 2e36f3cf..9783613e 100644
--- a/change_log.txt
+++ b/change_log.txt
@@ -6,6 +6,7 @@
         was extended or Smarty properties had been modified in the class source
       - display Smarty version number
       - Truncate lenght of Origin display and extend strin value display to 80 character
+  - bugfix in Smarty_Security  'nl2br' should be a trusted modifier, not PHP function (code.google issue 223)
   
  12.05.2015
   - bugfix {$smarty.constant.TEST} did fail  on undefined constant https://github.com/smarty-php/smarty/issues/28
diff --git a/libs/sysplugins/smarty_security.php b/libs/sysplugins/smarty_security.php
index 5a70c618..af1ca553 100644
--- a/libs/sysplugins/smarty_security.php
+++ b/libs/sysplugins/smarty_security.php
@@ -108,7 +108,6 @@ class Smarty_Security
         'count', 'sizeof',
         'in_array', 'is_array',
         'time',
-        'nl2br',
     );
     /**
      * This is an array of trusted PHP modifiers.
@@ -119,7 +118,8 @@ class Smarty_Security
      */
     public $php_modifiers = array(
         'escape',
-        'count'
+        'count',
+        'nl2br',
     );
     /**
      * This is an array of allowed tags.