Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
fb02d924 by Salvatore Bonaccorso at 2018-01-14T13:56:26+01:00
One smarty3 issue fixed a long time ago in 3.0.7 upstream
Actually since this is bascially a non-issue and never got a either a
CVE nor a Debian BTS reference we might have removed it completely.
Since bugix tracking clear now kept it as alternative choice.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -195496,10 +195496,11 @@ CVE-2011-1137 (Integer overflow in the mod_sftp
(aka SFTP) module in ProFTPD 1.3
NOTE: http://bugs.proftpd.org/show_bug.cgi?id=3586
NOTE: http://www.exploit-db.com/exploits/16129/
CVE-2011-XXXX [incorrect handling of {$smarty.template} and
{$smarty.current_dir}]
- - smarty3 <unfixed> (unimportant)
+ - smarty3 3.0.8-1 (unimportant)
- smarty <removed> (unimportant)
NOTE: http://www.smarty.net/forums/viewtopic.php?t=18815
NOTE: http://code.google.com/p/smarty-php/source/detail?r=3989
+ NOTE:
https://github.com/smarty-php/smarty/commit/0154f17de2b2dd16ff9c016923015ac19af9c0cb(3.0.7)
NOTE: non-issue in practice, if you can place arbitrary template files
you have worse problems
CVE-2011-0987 (The PMA_Bookmark_get function in libraries/bookmark.lib.php in
...)
{DSA-2167-1}
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/fb02d924309fb49d8187fa92260dffe359a7f9ee
---
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/fb02d924309fb49d8187fa92260dffe359a7f9ee
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
