[Secure-testing-commits] r21627 - data/CVE
Hideki Yamane
henrich at alioth.debian.org
Thu Mar 14 23:01:51 UTC 2013
Author: henrich
Date: 2013-03-14 23:01:50 +0000 (Thu, 14 Mar 2013)
New Revision: 21627
Modified:
data/CVE/list
Log:
CVE-2012-4437 affects smarty
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-03-14 21:29:42 UTC (rev 21626)
+++ data/CVE/list 2013-03-14 23:01:50 UTC (rev 21627)
@@ -11454,11 +11454,12 @@
NOTE: http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2012-09-17.cb
CVE-2012-4437 (Cross-site scripting (XSS) vulnerability in the SmartyException class ...)
- smarty3 3.1.10-2 (bug #688153)
- - smarty <not-affected> (Vulnerable code not present)
+ - smarty 2.6.26-0.2 (bug #702710)
NOTE: http://www.openwall.com/lists/oss-security/2012/09/19/1
NOTE: http://secunia.com/advisories/50589/
NOTE: http://code.google.com/p/smarty-php/source/browse/trunk/distribution/change_log.txt
NOTE: http://code.google.com/p/smarty-php/source/detail?r=4658
+ NOTE: https://code.google.com/p/smarty-php/source/detail?r=4660
CVE-2012-4436 (Buffer overflow in the run_last_args function in client/fwknop.c in ...)
- fwknop 2.0.3-1 (bug #688151)
[squeeze] - fwknop <not-affected> (Vulnerable code not present)
More information about the Secure-testing-commits
mailing list