This bug was fixed in the package smarty - 2.6.19-1ubuntu1

---------------
smarty (2.6.19-1ubuntu1) intrepid; urgency=low

 * Merge from debian unstable, Ubuntu remaning changes: (LP: #226864)
  + debian/Makefile: path fixed.
  + Updated README.Debian to match path changes.

smarty (2.6.19-1) unstable; urgency=low

  * New upstream release
  * Acknowledged NMU. (Closes: #469492)
  * debian/control:
    + bumped Standards-Version to 3.7.3
    + installed php5 first in Depends
    + used the Homepage field
  * Added a lintian override for the empty directory in demo

smarty (2.6.18-1.1) unstable; urgency=high

  * Non-maintainer upload by the Security Team.
  * A null character in a search string
    allows an attacker to call arbitrary php functions via
    templates. Add patch to return the string after the null
    in a string (CVE-2008-1066; Closes: #469492).

 -- Emanuele Gentili <[EMAIL PROTECTED]>   Mon, 05 May 2008
13:55:05 +0200

** Changed in: smarty (Ubuntu)
       Status: New => Fix Released

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2008-1066

-- 
Please merge smarty 2.6.19-1 (universe) from Debian unstable
https://bugs.launchpad.net/bugs/226864
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to