[ubuntu/jammy-security] smarty3 3.1.39-2ubuntu1.22.04.2 (Accepted)
Paulo Flabiano Smorigo
pfsmorigo at canonical.com
Thu Dec 12 19:56:40 UTC 2024
smarty3 (3.1.39-2ubuntu1.22.04.2) jammy-security; urgency=medium
* SECURITY UPDATE: Cross site scripting vulnerability
- debian/patches/CVE-2018-25047.patch: Applied appropriate
javascript and html escaping in mailto plugin to counter injection
attacks.
- debian/patches/CVE-2023-28447.patch: Implement fix and tests
- debian/patches/CVE-2024-35226.patch: Fixed a code injection
vulnerability in extends-tag.
- CVE-2018-25047
- CVE-2023-28447
- CVE-2024-35226
Date: 2024-12-03 17:33:16.580689+00:00
Changed-By: Paulo Flabiano Smorigo <pfsmorigo at canonical.com>
https://launchpad.net/ubuntu/+source/smarty3/3.1.39-2ubuntu1.22.04.2
-------------- next part --------------
Sorry, changesfile not available.
More information about the jammy-changes
mailing list