blob: 3efe718ceb6852a9918e70dd168cfd594e3f19df (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
|
<define-tag description>LTS security update</define-tag>
<define-tag moreinfo>
<p>It was previously discovered that there was a code-injection vulnerability in
smarty3, a PHP template engine. A via specially-crafted filename in comments
could result in arbitrary code execution.</p>
<p>However, the fix in 3.1.10-2+deb7u2 was incorrect. For Debian 7 <q>Wheezy</q>,
this regression has been addressed in smarty3 version 3.1.10-2+deb7u3.</p>
<p>We recommend that you upgrade your smarty3 packages.</p>
</define-tag>
# do not modify the following line
#include "$(ENGLISHDIR)/lts/security/2018/dla-1249-2.data"
# $Id: $
|
