Date: Tue, 4 Nov 2008 23:13:02 +1100 From: Steffen Joeris <steffen.joeris@...lelinux.de> To: oss-security@...ts.openwall.com Cc: vuln@...unia.com, coley@...re.org Subject: Re: Regarding SA32329 (Smarty "_expand_quoted_text()" Security Bypass) On Sun, 26 Oct 2008 12:20:54 am Robert Buchholz wrote: > Hi, > > unfortunately, Secunia does not list any references for SA32329 . > Apparantly, they are refering to the last three commits to > libs/Smarty_Compiler.class.php, r2781:2797 . > > However, this issue is not fixed in 2.6.20, and I could not find a > 2.6.20-1 release. I have no idea where this version information comes > from. > > It might be worthwhile to check applications that bundle smarty, like > tikiwiki, gallery 2 or PEAR-PhpDocumentor. This issue has now been given CVE-2008-4810 and CVE-2008-4811. However, isn't CVE-2008-4811 already covered by CVE-2008-4810 or could someone please enlighten me? The latest patch I can see from upstream is an additional preg_replace() and he kept the old one. Cheers Steffen Download attachment "signature.asc " of type "application/pgp-signature" (198 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.