[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] One smarty3 issue fixed a long time ago in 3.0.7 upstream
Salvatore Bonaccorso
carnil at debian.org
Sun Jan 14 12:57:41 UTC 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
fb02d924 by Salvatore Bonaccorso at 2018-01-14T13:56:26+01:00
One smarty3 issue fixed a long time ago in 3.0.7 upstream
Actually since this is bascially a non-issue and never got a either a
CVE nor a Debian BTS reference we might have removed it completely.
Since bugix tracking clear now kept it as alternative choice.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -195496,10 +195496,11 @@ CVE-2011-1137 (Integer overflow in the mod_sftp (aka SFTP) module in ProFTPD 1.3
NOTE: http://bugs.proftpd.org/show_bug.cgi?id=3586
NOTE: http://www.exploit-db.com/exploits/16129/
CVE-2011-XXXX [incorrect handling of {$smarty.template} and {$smarty.current_dir}]
- - smarty3 <unfixed> (unimportant)
+ - smarty3 3.0.8-1 (unimportant)
- smarty <removed> (unimportant)
NOTE: http://www.smarty.net/forums/viewtopic.php?t=18815
NOTE: http://code.google.com/p/smarty-php/source/detail?r=3989
+ NOTE: https://github.com/smarty-php/smarty/commit/0154f17de2b2dd16ff9c016923015ac19af9c0cb(3.0.7)
NOTE: non-issue in practice, if you can place arbitrary template files you have worse problems
CVE-2011-0987 (The PMA_Bookmark_get function in libraries/bookmark.lib.php in ...)
{DSA-2167-1}
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/fb02d924309fb49d8187fa92260dffe359a7f9ee
---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/fb02d924309fb49d8187fa92260dffe359a7f9ee
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180114/f37c623d/attachment.html>
More information about the Secure-testing-commits
mailing list