-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Tue, 15 Oct 2024 10:31:20 +0200 Source: smarty4 Architecture: source Version: 4.5.4-1 Distribution: unstable Urgency: medium Maintainer: Mike Gabriel <sunweaver@debian.org> Changed-By: Mike Gabriel <sunweaver@debian.org> Closes: 1072529 Changes: smarty4 (4.5.4-1) unstable; urgency=medium . * New upstream release. - CVE-2024-35226: Prohibit versions template authors being able to inject PHP code by choosing a malicious file name for an extends-tag. (Closes: #1072529). * debian/watch: + Only watch smarty 4.x versions. Checksums-Sha1: 122c3ce3a67506b1788821721c63287faf52353f 1973 smarty4_4.5.4-1.dsc 7ff0896d04ff36f15c8e29202d9d07b54dad8b33 363218 smarty4_4.5.4.orig.tar.gz 0556393cdaae4494034b5da7905848f4262b8404 9140 smarty4_4.5.4-1.debian.tar.xz e9aa9974820c076815291d3b14e818ee2f6164cc 7121 smarty4_4.5.4-1_source.buildinfo Checksums-Sha256: 39c144b35b603a60e066b88829bb79a5d15fec5f031eab71339fec199310644f 1973 smarty4_4.5.4-1.dsc 3bb1d7fded2f24659740db80eba76aa7fa8868a8f6d00034d1e8483da4a19b6e 363218 smarty4_4.5.4.orig.tar.gz 8ca43bd5bbdcfbc28061c7194c47cc2df468d605f964cf3be778b7f4ad1a5290 9140 smarty4_4.5.4-1.debian.tar.xz f4445853c849e70ef10d1fb42901dbc33eba4ea563232bc3e609e0758e6a742c 7121 smarty4_4.5.4-1_source.buildinfo Files: 3b73e6acc079fcf56cb19d7614143f7e 1973 web optional smarty4_4.5.4-1.dsc a927a007a528a31d5439a0c24bbca6b3 363218 web optional smarty4_4.5.4.orig.tar.gz 520ad804f3960811d3a4ce40efa4598a 9140 web optional smarty4_4.5.4-1.debian.tar.xz 6dbf798da2bf462317484b781d81b014 7121 web optional smarty4_4.5.4-1_source.buildinfo -----BEGIN PGP SIGNATURE----- iQJJBAEBCAAzFiEEm/uu6GwKpf+/IgeCmvRrMCV3GzEFAmcOKR0VHHN1bndlYXZl ckBkZWJpYW4ub3JnAAoJEJr0azAldxsxP+oP/RgMQlxpyA3A+CGOoTnVKnsoyp0c AadV3hCGPYwGqQZ/uuG8/gtSg8ZW78x6p6O+wa+jPvM42YYRALXbtrOeP4uaio7Z K5guIi1M/S7G+jLBVnQ6FpA+CiGMNc7cOJTaJWv/lu5QYcCxcs1xbWQXEIBUXOHy bhG/edwmOub6DSp7WokgVa+FaLpk59vQF4bN6H2w6CTX8olbWQEVnfg36DLa8hue vnhztrFjTZALKgo3VgNRg7jkPwrfQFFQF1qaW7xB8l5LmJsQ8jvXYU31BA2NeDeM A93fICoHOOVcnnCWZ49XguEt964dFHAXtadsthTHix3Hw3W3Ot0SZ8lE7SiTEovw UB1b5Q2rVK0ZVzMVKdTuB+IUtwmJha6hYNW/tAMQdXnPT6Xd90Ct1CvGuKNfIjtH /UiJ/es7Tp29swlR4xzruMNphgAYluJApVjihuqLXrem7qTnX+Iy1cL+39KnKDNk sedMxQC8P2wpHOzgMdDKASDqCps1JW3d3P8wmMTyW6V2OI4bqWjhV8ggw48xmsuo X7Yt838DVeKtPKj1Y7D6gaFYSnNpa1ALOyy317bfi57rs1A98rU0Mb7la0HVMBQL fcyUPLnMMe4uDx1297RVe9lyKxL0uIf9eoGmZCb3DEEblas20ebzO4LGti2g7Uys uUQSS11GQ5dp2Fch =ozZ5 -----END PGP SIGNATURE-----
