[ubuntu/focal-security] smarty3 3.1.34+20190228.1.c9f0de05+selfpack1-1ubuntu0.1 (Accepted)
Paulo Flabiano Smorigo
pfsmorigo at canonical.com
Thu Dec 12 19:56:41 UTC 2024
smarty3 (3.1.34+20190228.1.c9f0de05+selfpack1-1ubuntu0.1) focal-security; urgency=medium
* SECURITY UPDATE: Cross site scripting vulnerability
- debian/patches/CVE-2018-25047.patch: Applied appropriate
javascript and html escaping in mailto plugin to counter injection
attacks.
- debian/patches/CVE-2023-28447.patch: Implement fix and tests
- debian/patches/CVE-2024-35226.patch: Fixed a code injection
vulnerability in extends-tag.
- CVE-2018-25047
- CVE-2023-28447
- CVE-2024-35226
Date: 2024-12-03 17:33:11.009593+00:00
Changed-By: Paulo Flabiano Smorigo <pfsmorigo at canonical.com>
https://launchpad.net/ubuntu/+source/smarty3/3.1.34+20190228.1.c9f0de05+selfpack1-1ubuntu0.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Focal-changes
mailing list