Hello, >> https://code.google.com/p/smarty-php/source/detail?r=4660 > > Good catch, thanks for your report :) > And I've made a debdiff as attached. > >> security team > I think it would be released as stable-proposed-updates since it has > no CVEs, so I guess we probably say no DSAs for it.
Just FYI the CVE identifier of CVE-2012-4437 has been previously assigned to this issue: http://www.openwall.com/lists/oss-security/2012/09/20/3 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4437 > > And I don't know QA upload can be done as such way, so please let me > know appropriate manner for upload if you know it. Thank you && Regards, Jan. -- Jan iankko Lieskovsky / Red Hat Security Response Team > > > -- > Regards, > > Hideki Yamane henrich @ debian.or.jp/org > http://wiki.debian.org/HidekiYamane -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org