Accepted smarty 2.6.9-1sarge1 (source all)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Sun, 16 Mar 2008 12:05:07 +0100
Source: smarty
Binary: smarty
Architecture: source all
Version: 2.6.9-1sarge1
Distribution: oldstable-security
Urgency: high
Maintainer: Dimitri Fontaine <dfontaine@cvf.fr>
Changed-By: Thijs Kinkhorst <thijs@debian.org>
Description:
smarty - Template engine for PHP
Closes: 469492
Changes:
smarty (2.6.9-1sarge1) oldstable-security; urgency=high
.
* Non-maintainer upload by the security team.
* A \0 character in a search string could be abused to
call arbitrary PHP functions via templates.
CVE-2008-1066, closes: #469492
Files:
3c1955d0151a53532dab661fb9a9b7b3 870 web optional smarty_2.6.9-1sarge1.dsc
4ee0048de6a9b35f1b11b458493327f2 141694 web optional smarty_2.6.9.orig.tar.gz
b1835fb9b611eb5ef3f26f23c21fbdbb 3502 web optional smarty_2.6.9-1sarge1.diff.gz
39408bb8ec42a25956990f2e81bd2d7e 177048 web optional smarty_2.6.9-1sarge1_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iQEVAwUBR9z/o2z0hbPcukPfAQK8uQf/cBjknFAnsHD1mlHhfslvUDjYAuZOeipW
Y+cgaVzKItxnQRHpnv9ZPTgW7HruMnoKHSPTh6Ks6q+sVXrPGIu0s10mD8YeqjkL
I6wMgD5/JGQHfcZ7rm2COlJQl+1jWDt4Am9m/+Aip0++v02c07CIpkyNvIU5V7E5
70150+FUyljMkfuJOa6MgnOmk+Yd9UGencNDKXlWy+3LfSJ2dPUK1ZN6uwgnrNRp
bwb9TM3RB3zTiS5WWJqqE1/J7oHAGV/sT1sa1bWYJFa1drx0s5H0TffWSy6Ixr+W
7ZB2P89tKpVVaXA6aFHUqOBdxRZPMBLQmqcxlcfvDUrhB6zSiBnwEg==
=IxNY
-----END PGP SIGNATURE-----
Accepted:
smarty_2.6.9-1sarge1.diff.gz
to pool/main/s/smarty/smarty_2.6.9-1sarge1.diff.gz
smarty_2.6.9-1sarge1.dsc
to pool/main/s/smarty/smarty_2.6.9-1sarge1.dsc
smarty_2.6.9-1sarge1_all.deb
to pool/main/s/smarty/smarty_2.6.9-1sarge1_all.deb