Package: smarty4 / 4.3.0-1+deb12u2

Metadata

Package Version Patches format
smarty4 4.3.0-1+deb12u2 3.0 (quilt)

Patch series

view the series file
Patch File delta Description
CVE 2023 28447.patch | (download)

libs/plugins/modifier.escape.php | 4 3 + 1 - 0 !
libs/plugins/modifiercompiler.escape.php | 4 3 + 1 - 0 !
2 files changed, 6 insertions(+), 2 deletions(-)

 
 [patch] implement fix and tests
CVE 2024 35226.patch | (download)

libs/sysplugins/smarty_internal_compile_extends.php | 66 2 + 64 - 0 !
libs/sysplugins/smarty_internal_templatecompilerbase.php | 24 19 + 5 - 0 !
2 files changed, 21 insertions(+), 69 deletions(-)

 
 [patch] merge pull request from ghsa-4rmg-292m-wg3w

* Fixed a code injection vulnerability in extends-tag

* update tests for smarty v4