[Git][security-tracker-team/security-tracker][master] CVE-2022-29221/smarty3, smarty4 unfixed 1011757 & 1011758

Thu May 26 13:37:17 BST 2022


Neil Williams pushed to branch master at Debian Security Tracker / security-tracker


Commits:
60519131 by Neil Williams at 2022-05-26T13:36:57+01:00
CVE-2022-29221/smarty3, smarty4 unfixed 1011757 & 1011758

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -6987,7 +6987,14 @@ CVE-2022-29222 (Pion DTLS is a Go implementation of Datagram Transport Layer Sec
 	NOTE: https://github.com/pion/dtls/commit/d2f797183a9f044ce976e6df6f362662ca722412 (v2.1.5)
 	NOTE: https://github.com/pion/dtls/releases/tag/v2.1.5
 CVE-2022-29221 (Smarty is a template engine for PHP, facilitating the separation of pr ...)
-	TODO: check
+	- smarty4 <unfixed> (bug #1011757)
+	- smarty3 <unfixed> (bug #1011758)
+	- smarty <removed>
+	NOTE: https://github.com/smarty-php/smarty/security/advisories/GHSA-634x-pc3q-cf4c
+	NOTE: https://github.com/smarty-php/smarty/commit/64ad6442ca1da31cefdab5c9874262b702cccddd (v4.1.1)
+	NOTE: https://github.com/smarty-php/smarty/commit/3606c4717ed6348e114a610ff1e446048dcd0345 (support/3.1)
+	NOTE: https://github.com/smarty-php/smarty/releases/tag/v3.1.45
+	NOTE: https://github.com/smarty-php/smarty/releases/tag/v4.1.1
 CVE-2022-29220
 	RESERVED
 CVE-2022-29219 (Lodestar is a TypeScript implementation of the Ethereum Consensus spec ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/60519131a471301873410fc5f773c260326c7f2c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/60519131a471301873410fc5f773c260326c7f2c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220526/97313e0f/attachment.htm>
