** Branch linked: lp:ubuntu/karmic/smarty
--
CVE-2008-1066 smarty allows attackers to call arbitrary PHP functions via
templates
https://bugs.launchpad.net/bugs/202422
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs
** Branch linked: lp:~ubuntu-branches/ubuntu/edgy/smarty/edgy-security
** Branch linked: lp:ubuntu/dapper-updates/smarty
** Branch linked: lp:~ubuntu-branches/ubuntu/feisty/smarty/feisty-
security
** Branch linked: lp:~ubuntu-branches/ubuntu/gutsy/smarty/gutsy-security
--
CVE-2008-1066 smarty
** Changed in: gallery2 (Ubuntu Dapper)
Status: New = Won't Fix
--
CVE-2008-1066 smarty allows attackers to call arbitrary PHP functions via
templates
https://bugs.launchpad.net/bugs/202422
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to
The 18 month support period for Gutsy Gibbon 7.10 has reached its end of life -
http://www.ubuntu.com/news/ubuntu-7.10-eol . As a result, we are closing the
Gutsy task.
** Changed in: gallery2 (Ubuntu Gutsy)
Status: New = Won't Fix
--
CVE-2008-1066 smarty allows attackers to call
Ubuntu Feisty Fawn is no longer supported, so a SRU will not be issued
for this release. Marking Feisty as Won't Fix.
** Changed in: gallery2 (Ubuntu Feisty)
Status: New = Won't Fix
--
CVE-2008-1066 smarty allows attackers to call arbitrary PHP functions via
templates
This bug was fixed in the package gallery2 - 2.2.4-1ubuntu0.1
---
gallery2 (2.2.4-1ubuntu0.1) hardy-security; urgency=low
* SECURITY UPDATE: multiple cross-site scripting, information disclosure,
and restriction bypass vulnerabilities (LP: #242671), and arbitrary code
Ubuntu Edgy Eft is no longer supported, so a SRU will not be issued for
this release. Marking Edgy as Won't Fix.
** Changed in: gallery2 (Ubuntu Edgy)
Status: New = Won't Fix
--
CVE-2008-1066 smarty allows attackers to call arbitrary PHP functions via
templates
** Changed in: gallery2 (Debian)
Status: New = Fix Released
--
CVE-2008-1066 smarty allows attackers to call arbitrary PHP functions via
templates
https://bugs.launchpad.net/bugs/202422
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to
gallery2 is also affected, as it has a vulnerable embedded copy. It's
fixed in Intrepid.
** Also affects: gallery2 (Ubuntu)
Importance: Undecided
Status: New
** Bug watch added: Debian Bug tracker #471160
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=471160
** Also affects:
** Changed in: gallery2 (Debian)
Status: Unknown = New
--
CVE-2008-1066 smarty allows attackers to call arbitrary PHP functions via
templates
https://bugs.launchpad.net/bugs/202422
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
smarty (2.6.11-1ubuntu0.1) dapper-security; urgency=low
* SECURITY UPDATE: (LP: #202422)
+ libs/plugins/modifier.regex_replace.php
- The modifier.regex_replace.php plugin in Smarty before 2.6.19, as used
by Serendipity (S9Y) and other products, allows attackers to call
arbitrary
This bug was fixed in the package smarty - 2.6.18-1ubuntu2.1
---
smarty (2.6.18-1ubuntu2.1) gutsy-security; urgency=low
* SECURITY UPDATE: (LP: #202422)
+ libs/plugins/modifier.regex_replace.php
- The modifier.regex_replace.php plugin in Smarty before 2.6.19, as used
This bug was fixed in the package smarty - 2.6.14-1ubuntu0.7.04.1
---
smarty (2.6.14-1ubuntu0.7.04.1) feisty-security; urgency=low
* SECURITY UPDATE: (LP: #202422)
+ libs/plugins/modifier.regex_replace.php
- The modifier.regex_replace.php plugin in Smarty before 2.6.19, as
** Changed in: smarty (Ubuntu Edgy)
Status: Fix Committed = Fix Released
--
CVE-2008-1066 smarty allows attackers to call arbitrary PHP functions via
templates
https://bugs.launchpad.net/bugs/202422
You received this bug notification because you are a member of Ubuntu
Bugs, which is
Thanks for supplying the debdiffs for dapper - gutsy, Emanuele. The
edgy and feisty diffs do not have the proper version number as specified
in https://wiki.ubuntu.com/SecurityUpdateProcedures. Can you update that
and resubmit? Thanks again!
--
CVE-2008-1066 smarty allows attackers to call
** Attachment added: feisty_smarty_2.6.14-1ubuntu0.7.04.1.debdiff
http://launchpadlibrarian.net/12783891/feisty_smarty_2.6.14-1ubuntu0.7.04.1.debdiff
--
CVE-2008-1066 smarty allows attackers to call arbitrary PHP functions via
templates
https://bugs.launchpad.net/bugs/202422
You received
** Attachment added: edgy_smarty_2.6.14-1ubuntu0.6.10.1.debdiff
http://launchpadlibrarian.net/12783896/edgy_smarty_2.6.14-1ubuntu0.6.10.1.debdiff
--
CVE-2008-1066 smarty allows attackers to call arbitrary PHP functions via
templates
https://bugs.launchpad.net/bugs/202422
You received this
Thanks Emanuele!
** Changed in: smarty (Ubuntu Dapper)
Status: In Progress = Fix Committed
** Changed in: smarty (Ubuntu Edgy)
Status: In Progress = Fix Committed
** Changed in: smarty (Ubuntu Feisty)
Status: In Progress = Fix Committed
** Changed in: smarty (Ubuntu Gutsy)
Uploaded, thanks ;)
** Changed in: smarty (Ubuntu Hardy)
Status: In Progress = Fix Committed
--
CVE-2008-1066 smarty allows attackers to call arbitrary PHP functions via
templates
https://bugs.launchpad.net/bugs/202422
You received this bug notification because you are a member of
This bug was fixed in the package smarty - 2.6.18-1ubuntu3
---
smarty (2.6.18-1ubuntu3) hardy; urgency=low
* SECURITY UPDATE: (LP: #202422)
+ libs/plugins/modifier.regex_replace.php
- The modifier.regex_replace.php plugin in Smarty before 2.6.19, as used
by Serendipity
** Changed in: smarty (Debian)
Status: New = Fix Released
--
CVE-2008-1066 smarty allows attackers to call arbitrary PHP functions via
templates
https://bugs.launchpad.net/bugs/202422
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to
** Changed in: smarty (Ubuntu Gutsy)
Importance: Undecided = Medium
Assignee: (unassigned) = Emanuele Gentili (emgent)
Status: New = In Progress
** Changed in: smarty (Ubuntu Feisty)
Importance: Undecided = Medium
Assignee: (unassigned) = Emanuele Gentili (emgent)
** Attachment added: hardy_smarty_2.6.18-1ubuntu3.debdiff
http://launchpadlibrarian.net/12683015/hardy_smarty_2.6.18-1ubuntu3.debdiff
--
CVE-2008-1066 smarty allows attackers to call arbitrary PHP functions via
templates
https://bugs.launchpad.net/bugs/202422
You received this bug
** Attachment added: gutsy_smarty_2.6.18-1ubuntu2.1.debdiff
http://launchpadlibrarian.net/12683052/gutsy_smarty_2.6.18-1ubuntu2.1.debdiff
--
CVE-2008-1066 smarty allows attackers to call arbitrary PHP functions via
templates
https://bugs.launchpad.net/bugs/202422
You received this bug
** Attachment added: feisty_smarty_2.6.14-1ubuntu0.7.04.debdiff
http://launchpadlibrarian.net/12683072/feisty_smarty_2.6.14-1ubuntu0.7.04.debdiff
--
CVE-2008-1066 smarty allows attackers to call arbitrary PHP functions via
templates
https://bugs.launchpad.net/bugs/202422
You received this
** Attachment added: edgy_smarty_2.6.14-1ubuntu0.6.10.debdiff
http://launchpadlibrarian.net/12683082/edgy_smarty_2.6.14-1ubuntu0.6.10.debdiff
--
CVE-2008-1066 smarty allows attackers to call arbitrary PHP functions via
templates
https://bugs.launchpad.net/bugs/202422
You received this bug
** Attachment added: dapper_smarty_2.6.11-1ubuntu0.1.debdiff
http://launchpadlibrarian.net/12683095/dapper_smarty_2.6.11-1ubuntu0.1.debdiff
--
CVE-2008-1066 smarty allows attackers to call arbitrary PHP functions via
templates
https://bugs.launchpad.net/bugs/202422
You received this bug
** Changed in: smarty (Ubuntu)
Status: Confirmed = In Progress
--
CVE-2008-1066 smarty allows attackers to call arbitrary PHP functions via
templates
https://bugs.launchpad.net/bugs/202422
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to
** Changed in: smarty (Debian)
Status: Unknown = New
--
CVE-2008-1066 smarty allows attackers to call arbitrary PHP functions via
templates
https://bugs.launchpad.net/bugs/202422
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
29 matches
Mail list logo
