[Git][security-tracker-team/security-tracker][master] new smarty issue
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Wed May 29 10:55:37 BST 2024
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
b72340ca by Moritz Muehlenhoff at 2024-05-29T11:54:53+02:00
new smarty issue
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -27,7 +27,11 @@ CVE-2024-35240 (Umbraco Commerce is an open source dotnet ecommerce solution. In
CVE-2024-35239 (Umbraco Commerce is an open source dotnet web forms solution. In affec ...)
NOT-FOR-US: Umbraco Commerce
CVE-2024-35226 (Smarty is a template engine for PHP, facilitating the separation of pr ...)
- TODO: check
+ - smarty3 <unfixed>
+ - smarty4 <unfixed>
+ NOTE: https://github.com/smarty-php/smarty/security/advisories/GHSA-4rmg-292m-wg3w
+ NOTE: https://github.com/smarty-php/smarty/commit/76881c8d33d80648f70c9b0339f770f5f69a87a2 (support/4)
+ NOTE: https://github.com/smarty-php/smarty/commit/0be92bc8a6fb83e6e0d883946f7e7c09ba4e857a (v5.2.0)
CVE-2024-23580 (HCL DRYiCE Optibot Reset Station is impacted byinsecure encryption of ...)
NOT-FOR-US: HCL
CVE-2024-23579 (HCL DRYiCE Optibot Reset Station is impacted by insecure encryption of ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b72340cacd19b0248d1d16f75dbc8a5958fb0b5c
--
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b72340cacd19b0248d1d16f75dbc8a5958fb0b5c
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240529/15bb1c38/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list