Back to smarty4 PTS page

Accepted smarty4 4.1.1-1 (source) into unstable

To: debian-devel-changes@lists.debian.org
Subject: Accepted smarty4 4.1.1-1 (source) into unstable
From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Date: Sun, 29 May 2022 06:19:49 +0000
Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id:Subject: Content-Transfer-Encoding:Content-Type:MIME-Version:To:Reply-To:From:Cc: Content-ID:Content-Description:In-Reply-To:References; bh=DbbR9rPLb/gE6oXrbUdUsficDJt4AoFfKKbnY1mFhLU=; b=bihaaqmfXRUb8pnVs7vis924H8 FXu5l5bFA5r9JLjyysKHTBJgZ41X6BbCuXRgdzaGNKIf7gUcf61/u2FvRakO0yvSSVQp8tmj7bVzZ 49tt5uwSdXuplZLZPMV4iATH2E7FV2SLRlG15E5PNpGUgkK2hVX5uG6Vkp905iwKfu97Pu04xkQKS 1TVWL2j497HQgPrRJGIiGFxPKmG7WRuHMuTCClzWIjWzq+iaNbJcF9/pUZ3UXrQkCBJnYVx9jKqES bZgioy1oSsK7CsR5ezak4sii28rKmLuX0RQVskzuZMk4658DQnXdJe76y40AYnfYfZFijzHB97HMk ugKYhaxw==;
Mail-followup-to: debian-devel@lists.debian.org
Message-id: <E1nvCHF-0000p7-Ri@fasolo.debian.org>
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sun, 29 May 2022 07:58:20 +0200
Source: smarty4
Architecture: source
Version: 4.1.1-1
Distribution: unstable
Urgency: medium
Maintainer: Mike Gabriel <sunweaver@debian.org>
Changed-By: Mike Gabriel <sunweaver@debian.org>
Closes: 1010375 1011757
Changes:
 smarty4 (4.1.1-1) unstable; urgency=medium
 .
   * New upstream release.
     - CVE-2021-21408: Prevent template authors from running restricted static
       php methods. (Closes: #1010375).
     - CVE-2021-29454: Prevent template authors from running arbitrary PHP code
       by crafting a malicious math string. (Closes: #1010375, as well).
     - CVE-2022-29221: Prevent template authors from injecting PHP code by
       choosing malicious filenames. (Closes: #1011757).
   * debian/control:
     + Bump Standards-Version: to 4.6.1. No changes needed.
   * debian/smarty4.docs:
     + Drop demo/ from documentation files. Folder removed upstream.
   * debian/copyright:
     + Update copyright attributions.
Checksums-Sha1:
 e63f1e6899e030785fc8559e34576e9d74457507 1973 smarty4_4.1.1-1.dsc
 caf00055f53d86370bbc91a2048810e7bb157c4f 235624 smarty4_4.1.1.orig.tar.gz
 ac9f2bf465c54a84a8b8a1fcfd2a9ba3fda69289 8684 smarty4_4.1.1-1.debian.tar.xz
 23783cdb7ea6d64133c66ea94ac9615935f875c2 6776 smarty4_4.1.1-1_source.buildinfo
Checksums-Sha256:
 18178ffd0e97255897c95c8678aec3d1a08686a786d72420f309dafae6711868 1973 smarty4_4.1.1-1.dsc
 077847a9686a3b0e2f8bcd1ca232a452d796b188a71fbc73ca0e358c5970f21b 235624 smarty4_4.1.1.orig.tar.gz
 0ea3e9674769de094f8f8ffce9c75142ebd057a47c51883c01814f8be7002dbf 8684 smarty4_4.1.1-1.debian.tar.xz
 179dcac50f9d42bccefbe867580823257063fd72b91b8b1015032b624c715736 6776 smarty4_4.1.1-1_source.buildinfo
Files:
 59dbeb471d779e66d58abfd28f7d70b3 1973 web optional smarty4_4.1.1-1.dsc
 19f86d232cc97b7d92b01ea1c67ade70 235624 web optional smarty4_4.1.1.orig.tar.gz
 21df9c28f8c33b35ee8fb9646b4af00e 8684 web optional smarty4_4.1.1-1.debian.tar.xz
 7ec01bf3198dd71593dbd264a028e523 6776 web optional smarty4_4.1.1-1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJJBAEBCAAzFiEEm/uu6GwKpf+/IgeCmvRrMCV3GzEFAmKTDSsVHHN1bndlYXZl
ckBkZWJpYW4ub3JnAAoJEJr0azAldxsxb4AP/06Naadf+7TVQp+XpbozQt9yNyOu
wNHpsFPiWmDN37RZvVzRu9ehn4fKHoG08P4wIRNvFA0JqLa85KkbJMn5KRYYMCVD
UHXR4/vMEoaX5ie7/sxFefQOqFhVmZCgGd9Nbs542U9PMDYa2FJ1ia9FvRN0cMyZ
oewtwO/YagFZM/ypmQqqHCfi6addsVGc9CCPtKv+4eN5u1KZPS+qYlIDTyW/G1UT
yLwqGEm1W4hNEeOjSIIYEaGsFbv+DI55JE+4CSISnCd/jREw3/U5wfwczRo55xaK
NqfHQMpJwKFXq6llBmCzCjuIGxwPHkVOU9JHHFqyZ7KBbwPkILRSn7ofg3Qj/Yme
1kuI2iMeBxVBwQG6XfehPzdOuc7c/SEQvLiGuUMYC/OJ8QI+ipzrFRPW4l7LrNxZ
nmI8VFfbC6UuhOFCKijstm5/aUZJ2JS20/dpBWe/fRqTM+kkfP+DxfVXvoN4n+ij
AxcZWIvz2cPyS5/e0+bvsotY3v5KbWnyCKqLGSy11i2f4DL/zFOGPcbcMZwyZVMj
n0U3n2hG1pD6rQ3475q9z/ntrM34SWCWd77CG18R6A0E2ajEFd/1GzIpRn2sW9d9
CIdgRQUTuI28XHzROQjW650aCF0oAmaqwLbOXDzC4WSaNbhHNLQFvNdzAUhyIFFG
Hgbv7k9G7AuSpINQ
=YJxu
-----END PGP SIGNATURE-----