[Git][security-tracker-team/security-tracker][master] smarty3 DSA

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f4372c37 by Moritz Mühlenhoff at 2024-12-10T19:51:20+01:00
smarty3 DSA

- - - - -


3 changed files:

- data/CVE/list
- data/DSA/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -138392,7 +138392,6 @@ CVE-2023-28448 (Versionize is a framework for version tolerant serializion/deser
 CVE-2023-28447 (Smarty is a template engine for PHP. In affected versions smarty did n ...)
 	{DLA-3956-1}
 	- smarty3 3.1.48-1 (bug #1033964)
-	[bookworm] - smarty3 <no-dsa> (Minor issue)
 	[buster] - smarty3 <no-dsa> (Minor issue)
 	- smarty4 4.3.1-1 (bug #1033965)
 	[bookworm] - smarty4 4.3.0-1+deb12u1


=====================================
data/DSA/list
=====================================
@@ -1,3 +1,6 @@
+[10 Dec 2024] DSA-5826-1 smarty3 - security update
+	{CVE-2023-28447 CVE-2024-35226}
+	[bookworm] - smarty3 3.1.47-2+deb12u1
 [06 Dec 2024] DSA-5825-1 ceph - security update
 	{CVE-2023-43040 CVE-2024-48916}
 	[bookworm] - ceph 16.2.15+ds-0+deb12u1


=====================================
data/dsa-needed.txt
=====================================
@@ -44,9 +44,6 @@ python-tornado
 --
 ring
 --
-smarty3 (jmm)
-  Tobias Frost posted a debdiff for review addressing CVE-2023-28447 and CVE-2024-35226
---
 smarty4
 --
 sogo



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f4372c374fed8bf729ab9b271092eb7bc7b94ebe

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f4372c374fed8bf729ab9b271092eb7bc7b94ebe
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241210/d4cb90bc/attachment-0001.htm>