[USN-7158-1] Smarty vulnerabilities

Paulo Flabiano Smorigo pfsmorigo at canonical.com
Fri Dec 13 00:46:19 UTC 2024 

==========================================================================
Ubuntu Security Notice USN-7158-1
December 12, 2024

smarty3 vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 24.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS

Summary:

Several security issues were fixed in Smarty.

Software Description:
- smarty3: The compiling PHP template engine

Details:

It was discovered that Smarty incorrectly handled query parameters in
requests. An attacker could possibly use this issue to inject arbitrary
Javascript code, resulting in denial of service or potential execution of
arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04
LTS, Ubuntu 22.04 LTS and Ubuntu 24.04 LTS.
(CVE-2018-25047, CVE-2023-28447)

It was discovered that Smarty did not properly sanitize user input when
generating templates. An attacker could, through PHP injection, possibly
use this issue to execute arbitrary code. (CVE-2024-35226)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 24.10
  smarty3                         3.1.48-1ubuntu0.24.10.1

Ubuntu 24.04 LTS
  smarty3                         3.1.48-1ubuntu0.24.04.1

Ubuntu 22.04 LTS
  smarty3                         3.1.39-2ubuntu1.22.04.2

Ubuntu 20.04 LTS
  smarty3                         3.1.34+20190228.1.c9f0de05+selfpack1-1ubuntu0.1

Ubuntu 18.04 LTS
  smarty3                         3.1.31+20161214.1.c7d42e4+selfpack1-3ubuntu0.1+esm1
                                  Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References:
  https://ubuntu.com/security/notices/USN-7158-1
  CVE-2018-25047, CVE-2023-28447, CVE-2024-35226

Package Information:
  https://launchpad.net/ubuntu/+source/smarty3/3.1.48-1ubuntu0.24.10.1
  https://launchpad.net/ubuntu/+source/smarty3/3.1.48-1ubuntu0.24.04.1
  https://launchpad.net/ubuntu/+source/smarty3/3.1.39-2ubuntu1.22.04.2
  https://launchpad.net/ubuntu/+source/smarty3/3.1.34+20190228.1.c9f0de05+selfpack1-1ubuntu0.1
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/ubuntu-security-announce/attachments/20241212/3f38bbd1/attachment.sig>

More information about the ubuntu-security-announce mailing list