*** This bug is a duplicate of bug 202422 *** https://bugs.launchpad.net/bugs/202422
*** This bug is a security vulnerability *** Public security bug reported: Binary package hint: smarty References: DSA-1520-1 (http://www.debian.org/security/2008/dsa-1520) Quoting: "It was discovered that the regex module in Smarty, a PHP templating engine, allows attackers to call arbitrary PHP functions via templates using the regex_replace plugin by a specially crafted search string." ** Affects: smarty (Ubuntu) Importance: Undecided Status: New ** Affects: smarty (Debian) Importance: Unknown Status: Unknown ** Visibility changed to: Public ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2008-1066 ** Bug watch added: Debian Bug tracker #469492 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=469492 ** Also affects: smarty (Debian) via http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=469492 Importance: Unknown Status: Unknown ** This bug has been marked a duplicate of bug 202422 CVE-2008-1066 smarty allows attackers to call arbitrary PHP functions via templates -- [smarty] [CVE-2008-1066] arbitrary code execution https://bugs.launchpad.net/bugs/203457 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs