Hi Jan,
On Mon, 11 Mar 2013 09:16:31 -0400 (EDT)
Jan Lieskovsky jlies...@redhat.com wrote:
Just FYI the CVE identifier of CVE-2012-4437 has been previously
assigned to this issue:
http://www.openwall.com/lists/oss-security/2012/09/20/3
Hello,
https://code.google.com/p/smarty-php/source/detail?r=4660
Good catch, thanks for your report :)
And I've made a debdiff as attached.
security team
I think it would be released as stable-proposed-updates since it has
no CVEs, so I guess we probably say no DSAs for it.
Just FYI
Package: smarty
Version: 2.6.26-0.2
Severity: normal
In upstream version Smarty 2.6.27, possible security fix is applied with the
following patch.
But this fix does not seem to be applied in Debian stable package 2.6.26-0.2.
--- Smarty.class.php.orig 2009-06-18 23:47:04.0 +0900
Control: severity -1 important
Control: tags -1 +security
On Mon, 11 Mar 2013 01:03:42 +0900
Yoshinari Takaoka mum...@mumumu.org wrote:
In upstream version Smarty 2.6.27, possible security fix is applied with the
following patch.
But this fix does not seem to be applied in Debian stable
4 matches
Mail list logo