smarty (2.6.18-1ubuntu3) hardy; urgency=low
* SECURITY UPDATE: (LP: #202422)
+ libs/plugins/modifier.regex_replace.php
- The modifier.regex_replace.php plugin in Smarty before 2.6.19, as used
by Serendipity (S9Y) and other products, allows attackers to call arbitrary
PHP functions via templates, related to a '\0' character in a search string.
* References
+ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1066
+ http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=469492
-- Emanuele Gentili <email address hidden> Sat, 15 Mar 2008 06:54:31 +0100