1. Forum
  2. Usenet
  3. LINUX.DEBIAN.CHANGES

  • Accepted smarty3 3.1.47-2+deb12u1 (source) into proposed-updates

    From Debian FTP Masters@21:1/5 to All on Thu Dec 12 11:40:01 2024
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA256

    Format: 1.8
    Date: Fri, 06 Dec 2024 14:39:32 +0100
    Source: smarty3
    Architecture: source
    Version: 3.1.47-2+deb12u1
    Distribution: bookworm-security
    Urgency: high
    Maintainer: Mike Gabriel <sunweaver@debian.org>
    Changed-By: Tobias Frost <tobi@debian.org>
    Closes: 1033964 1072530
    Changes:
    smarty3 (3.1.47-2+deb12u1) bookworm-security; urgency=high
    .
    * Non-maintainer upload by the Security Team.
    * CVE-2023-28447 - JavaScript injection (Closes: #1033964)
    * CVE-2024-35226 - PHP Code injection by untrusted template authors
    (Closes: #1072530)
    * Add simple autopkgtests for the three CVEs.
    Checksums-Sha1:
    2cafd5b943cc99d10cbf684eba1e0b673840a8ef 2009 smarty3_3.1.47-2+deb12u1.dsc
    70ca3a4b318f0766e73cd7cdd1d8078f1b0cd5c8 266736 smarty3_3.1.47.orig.tar.gz
    7fab9b782643ac81770db40ebb06ae4f7166eab9 10220 smarty3_3.1.47-2+deb12u1.debian.tar.xz
    6821a8e5638834c8bf1af3ec28abb858dd6a17d8 6609 smarty3_3.1.47-2+deb12u1_amd64.buildinfo
    Checksums-Sha256:
    7880dd1f3e805f494cfd5fc05c474276a28020d6aec4da6da910a6d20a3e06ff 2009 smarty3_3.1.47-2+deb12u1.dsc
    c38db4b6be9891dd6f20c5d96f475c4539e310bb67a0e2aad7d6d585f14c8be0 266736 smarty3_3.1.47.orig.tar.gz
    ab94b09b710f274ef5539faef71548d406da1d6baaa58bb3cf5885b38cd6a73f 10220 smarty3_3.1.47-2+deb12u1.debian.tar.xz
    478460db50985978de4dbbab516092bf074ea05b3098711c3e2c5e72509f731c 6609 smarty3_3.1.47-2+deb12u1_amd64.buildinfo
    Files:
    2b34e477be3f9f246a329a7bb4e64b67 2009 web optional smarty3_3.1.47-2+deb12u1.dsc
    d1a27eb9553a61758d76edc589dc4a8c 266736 web optional smarty3_3.1.47.orig.tar.gz
    0914596d0448be3b7162f6653c26781a 10220 web optional smarty3_3.1.47-2+deb12u1.debian.tar.xz
    0be6a952719dc3de1f9d70aa85209dfb 6609 web optional smarty3_3.1.47-2+deb12u1_amd64.buildinfo

    -----BEGIN PGP SIGNATURE-----

    iQIzBAEBCAAdFiEE/d0M/zhkJ3YwohhskWT6HRe9XTYFAmdS//AACgkQkWT6HRe9 XTZC+w//S2evUu//eoVFNQXA8AL9OLLbbfU4pwyiroJqpJ9VcCEUS/JbIhwaPMxd uR9Mk7q2Aaxk8urHTS+21fH/W69crl/qQZs8QvP1BiiiHU/bNv7Vt1N68SiHMa1E py+9PwLiWobYE59gJ5K36a+xZ4GkOYhtBKD02sUe4lg9MvMgbqQSN7iosLcvArvY 0roH0htFp4/Hzgh7Vpj1cPtyIMEB9C6GSkyWWbfPANNK6ubtoQA3O+xIpNthMdvF 9O8oStGUA8GxUR/u4fJDaUKMolhnUKll5+C8x6dG4x2zXJJRCTTTYrQjDauV+8oT haPA6eXyi5vZh658VpVqJMGzCsRxuiiUImuhdu/f+JcyVsh38QyebrBsw1TllRTK BtFw7fzCxoi605Gu1d7q9FnslBWewhNKDDlFgozDAv3k0wZeZ2MJvFL0tyDTC0P5 sRcC8y32ixduoGjOvU+GKzTGFld22zE77vVhodcQjodInEdKg79dEOnFsLlBGcRP qKxK29X3zBKzD2rUXO1WSxFsFNj7EowQ5HWwUincXbEl8fcS9xQwBNNwiWVwumvz s6P+bpTQ+MGP1RlYr22F6M4hUbX9sX3GOaoCJTupOVoTR2an2dqe7IpWEzAQXC6/ 0Z4FYufK3cW0k5ZBVIXl7uMar97poALm3gTM6Jf2UajJa4SRGGY=
    =jhgf
    -----END PGP SIGNATURE-----


    --==============◄81622490034321506=Content-Type: application/pgp-signature

    -----BEGIN PGP SIGNATURE-----

    iHUEABYIAB0WIQTziqJOuF8J+ZI8pJSb9qggYcy5IQUCZ1q7vgAKCRCb9qggYcy5 IeUbAP4+2kVLf+poEuxHbj9my8nLEgjBQZMimzelWMgStpf73wEA+HyT0/YFHA8u XU3nPWbXw/RFS4xiw7d3LhluIpLHgwE=3zyQ
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)