-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sun, 29 May 2022 14:20:14 CEST
Source: smarty3
Architecture: source
Version: 3.1.39-2+deb11u1
Distribution: bullseye-security
Urgency: high
Maintainer: Mike Gabriel <
sunweaver@debian.org>
Changed-By: Markus Koschany <
apo@debian.org>
Checksums-Sha1:
1a88cbf75e438d8b749895211b5b8f2e5d7b2fbf 2134 smarty3_3.1.39-2+deb11u1.dsc
29e48338fca86c78d910fbe3bb8d31145597d610 264604 smarty3_3.1.39.orig.tar.gz
dbc6d2c9c34dde809f90cdbb35cbabced3e1be1c 9032 smarty3_3.1.39-2+deb11u1.debian.tar.xz
aaa3450771caa78f79479330a87f404ebb491e97 6802 smarty3_3.1.39-2+deb11u1_amd64.buildinfo
Checksums-Sha256:
7a3791a709f79b840375f7f3ab384f56a5db94f9e2b60d1db2008526aac12423 2134 smarty3_3.1.39-2+deb11u1.dsc
d89ed84ed9bdf2697df9fb867acb03514ddafc8322e1b31860168adec91e70c2 264604 smarty3_3.1.39.orig.tar.gz
3af7564d1dc9fc93df05926173ba30e9718c5f7786c42091e5001948e36ccfce 9032 smarty3_3.1.39-2+deb11u1.debian.tar.xz
4ae5ca05fb7998736bc9987eeff7679ad67ac22694fdf19f1fa68f2e7e8dcb08 6802 smarty3_3.1.39-2+deb11u1_amd64.buildinfo
Changes:
smarty3 (3.1.39-2+deb11u1) bullseye-security; urgency=high
.
* Non-maintainer upload.
* Fix the following CVE:
- CVE-2021-21408: template authors could run restricted static php methods
- CVE-2021-29454: template authors could run arbitrary PHP code by crafting
a malicious math string
- CVE-2022-29221: template authors could inject php code by choosing a
malicious {block} name or {include} file name
Files:
77f301398ebb74e7fbfe29ff5898db35 2134 web optional smarty3_3.1.39-2+deb11u1.dsc
b2c0e57209c893ceebc2997025d50bb5 264604 web optional smarty3_3.1.39.orig.tar.gz
63599047a276d4ab3f01cd8fda7c6986 9032 web optional smarty3_3.1.39-2+deb11u1.debian.tar.xz
40d945967fe1bf0ab35742fcd2a701c3 6802 web optional smarty3_3.1.39-2+deb11u1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmKTZQtfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp YW4ub3JnAAoJENmtFLlRO1Hk504QAJZqk+tCy/wkBJ0byxN2OWiJ7pJJA6BqQib8 FBbZR8Dtdylw1vP3o+QkBfx9bh2RNIL0CYYAx18uxHK8tJDfvvyforJtBfgriXhX G5+pAFGfgmszAlSD6fY7OdokyC21B07dCmbPVFI57sxavDzEUFqoZ7Sdo6DP8z2K c3rtpi2ctyEap47KwBP9gntpmU/VjHSSXBM1J71qlPa15rtvXPfqKzZADoGc1V+O 8JKGaqsprbwBADhl+tw74a2iQHX+1M+CU0opbPreA03jbB+Dd8zxu034kq94/IvJ +k0+M4HmxAyXnyxStRAHldZhfMVXeFHL8j1Je958nWGaW5LxlucI7FOthOo3DNop rmKjKk5FzYR5C6YyZZoaUCSUGAKDMq5uioNugqRjJ1ofUO6y+ubSR0XDlmfVNUeu L3BdC+cuc0gN8vyg3w4E17V+q2QLDJmp9AF+T/k4entpCX5MgmhKLfzRMhgsWKN/ /qVbZT1/djAGwlRK9SuNYT5j8pCZ5hCENlNVHDMljkghssuyBunHUgwB0BOM9y2H CyCJvDShsZiIRJMw3ukJPpAXZUVvtPwMrGhkd6CcaEXvXpZeVMvWE9H5CuMXC7Nf ipiRPc4L2B0u3L6qPErpg0jifK4FqMmSSjuRI3z+6v5zLAEl8/lp2rj+UpUyb/Ra
qR7O1v5d
=2XlT
-----END PGP SIGNATURE-----
--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)