Back to smarty PTS page

Accepted smarty 2.6.18-1.1 (source all)



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Sat, 15 Mar 2008 15:10:58 +0100
Source: smarty
Binary: smarty
Architecture: source all
Version: 2.6.18-1.1
Distribution: unstable
Urgency: high
Maintainer: Dimitri Fontaine <dim@tapoueh.org>
Changed-By: Nico Golde <nion@debian.org>
Description: 
 smarty     - Template engine for PHP
Closes: 469492
Changes: 
 smarty (2.6.18-1.1) unstable; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * A null character in a search string
     allows an attacker to call arbitrary php functions via
     templates. Add patch to return the string after the null
     in a string (CVE-2008-1066; Closes: #469492).
Files: 
 9e8db1c79952351ca5862015430e5dd8 696 web optional smarty_2.6.18-1.1.dsc
 b373ab2b38d3d0f14335a22341954c1e 4001 web optional smarty_2.6.18-1.1.diff.gz
 50b75a3fef40eca050c298fae9816f35 198974 web optional smarty_2.6.18-1.1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFH29oSHYflSXNkfP8RAq3UAJ4kxiIQovpo5cPYZFzuJAMEKRZcfwCeLaHP
9XLB08Cg8q+r3t0oh28u5jo=
=sMjS
-----END PGP SIGNATURE-----


Accepted:
smarty_2.6.18-1.1.diff.gz
  to pool/main/s/smarty/smarty_2.6.18-1.1.diff.gz
smarty_2.6.18-1.1.dsc
  to pool/main/s/smarty/smarty_2.6.18-1.1.dsc
smarty_2.6.18-1.1_all.deb
  to pool/main/s/smarty/smarty_2.6.18-1.1_all.deb