Commit 0bf320c6 authored by Markus Koschany's avatar Markus Koschany Committed by Mike Gabriel

upload to wheezy-security (debian/3.1.10-2+deb7u1)

parent f03b5671
smarty3 (3.1.10-2+deb7u1) wheezy-security; urgency=high
* Non-maintainer upload by the LTS team.
* CVE-2014-8350: Use smarty_internal_parsetree.php from version 3.1.21 and
fix a security vulnerability that allows remote attackers to bypass the
secure mode restrictions and execute arbitrary PHP code as demonstrated by
"{literal}<{/literal}script language=php>" in a template.
-- Markus Koschany <apo@debian.org> Tue, 03 May 2016 14:34:59 +0200
smarty3 (3.1.10-2) unstable; urgency=low
* Fix CVE-2012-4437: Add patch 001_escape-smarty-exception-messages.patch.
......
This diff is collapsed.
001_escape-smarty-exception-messages.patch
CVE-2014-8350.patch
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment