Accepted smarty 2.6.18-1.1 (source all)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Sat, 15 Mar 2008 15:10:58 +0100
Source: smarty
Binary: smarty
Architecture: source all
Version: 2.6.18-1.1
Distribution: unstable
Urgency: high
Maintainer: Dimitri Fontaine <dim@tapoueh.org>
Changed-By: Nico Golde <nion@debian.org>
Description:
smarty - Template engine for PHP
Closes: 469492
Changes:
smarty (2.6.18-1.1) unstable; urgency=high
.
* Non-maintainer upload by the Security Team.
* A null character in a search string
allows an attacker to call arbitrary php functions via
templates. Add patch to return the string after the null
in a string (CVE-2008-1066; Closes: #469492).
Files:
9e8db1c79952351ca5862015430e5dd8 696 web optional smarty_2.6.18-1.1.dsc
b373ab2b38d3d0f14335a22341954c1e 4001 web optional smarty_2.6.18-1.1.diff.gz
50b75a3fef40eca050c298fae9816f35 198974 web optional smarty_2.6.18-1.1_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFH29oSHYflSXNkfP8RAq3UAJ4kxiIQovpo5cPYZFzuJAMEKRZcfwCeLaHP
9XLB08Cg8q+r3t0oh28u5jo=
=sMjS
-----END PGP SIGNATURE-----
Accepted:
smarty_2.6.18-1.1.diff.gz
to pool/main/s/smarty/smarty_2.6.18-1.1.diff.gz
smarty_2.6.18-1.1.dsc
to pool/main/s/smarty/smarty_2.6.18-1.1.dsc
smarty_2.6.18-1.1_all.deb
to pool/main/s/smarty/smarty_2.6.18-1.1_all.deb