- Committer: Bazaar Package Importer
- Date: 2008-03-15 07:33:32 UTC
- Revision ID: james.westby@ubuntu.com-20080315073332-n6uj8ywfdey5xkrj
* SECURITY UPDATE: (LP: #202422)
+ libs/plugins/modifier.regex_replace.php
- The modifier.regex_replace.php plugin in Smarty before 2.6.19, as used
by Serendipity (S9Y) and other products, allows attackers to call arbitrary
PHP functions via templates, related to a '\0' character in a search string.
* References
+ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1066
+ http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=469492
+ libs/plugins/modifier.regex_replace.php
- The modifier.regex_replace.php plugin in Smarty before 2.6.19, as used
by Serendipity (S9Y) and other products, allows attackers to call arbitrary
PHP functions via templates, related to a '\0' character in a search string.
* References
+ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1066
+ http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=469492
| Filename | Latest Rev | Last Changed | Committer | Comment | Size | ||
|---|---|---|---|---|---|---|---|
 ..
|
|||||||
internals
|
0.1.1 | 19 years ago | Bazaar Package Importer | Import upstream version 2.6.8 |
|
||
|
plugins
|
2 | 19 years ago | Bazaar Package Importer | New upstream release |
|
||
Config_File.class.php |
5 | 18 years ago | Bazaar Package Importer | * New upstream release * Added myself to Uploaders | 12.4 KB |
|
|
|
debug.tpl |
2 | 19 years ago | Bazaar Package Importer | New upstream release | 4.9 KB |
|
|
|
Smarty.class.php |
5 | 18 years ago | Bazaar Package Importer | * New upstream release * Added myself to Uploaders | 61.7 KB |
|
|
|
Smarty_Compiler.class.php |
5 | 18 years ago | Bazaar Package Importer | * New upstream release * Added myself to Uploaders | 89 KB |
|
|