[Secure-testing-commits] r21627 - data/CVE

Hideki Yamane Thu, 14 Mar 2013 16:02:36 -0700

Author: henrich
Date: 2013-03-14 23:01:50 +0000 (Thu, 14 Mar 2013)
New Revision: 21627


Modified:
   data/CVE/list
Log:
CVE-2012-4437 affects smarty


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2013-03-14 21:29:42 UTC (rev 21626)
+++ data/CVE/list       2013-03-14 23:01:50 UTC (rev 21627)
@@ -11454,11 +11454,12 @@
        NOTE: 
http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2012-09-17.cb
 CVE-2012-4437 (Cross-site scripting (XSS) vulnerability in the SmartyException 
class ...)
        - smarty3 3.1.10-2 (bug #688153)
-       - smarty <not-affected> (Vulnerable code not present)
+       - smarty 2.6.26-0.2 (bug #702710)
        NOTE: http://www.openwall.com/lists/oss-security/2012/09/19/1
        NOTE: http://secunia.com/advisories/50589/
        NOTE: 
http://code.google.com/p/smarty-php/source/browse/trunk/distribution/change_log.txt
        NOTE: http://code.google.com/p/smarty-php/source/detail?r=4658
+        NOTE: https://code.google.com/p/smarty-php/source/detail?r=4660
 CVE-2012-4436 (Buffer overflow in the run_last_args function in 
client/fwknop.c in ...)
        - fwknop 2.0.3-1 (bug #688151)
        [squeeze] - fwknop <not-affected> (Vulnerable code not present)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r21627 - data/CVE

Reply via email to