-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 03 May 2016 14:34:59 +0200 Source: smarty3 Binary: smarty3 Architecture: source all Version: 3.1.10-2+deb7u1 Distribution: wheezy-security Urgency: high Maintainer: Mike Gabriel <mike.gabriel@das-netzwerkteam.de> Changed-By: Markus Koschany <apo@debian.org> Description: smarty3 - Template engine for PHP Changes: smarty3 (3.1.10-2+deb7u1) wheezy-security; urgency=high . * Non-maintainer upload by the LTS team. * CVE-2014-8350: Use smarty_internal_parsetree.php from version 3.1.21 and fix a security vulnerability that allows remote attackers to bypass the secure mode restrictions and execute arbitrary PHP code as demonstrated by "{literal}<{/literal}script language=php>" in a template. Checksums-Sha1: 19115f855e6190559e7a739a8d93083d0698ba79 2006 smarty3_3.1.10-2+deb7u1.dsc 5a71931c986a2493e2ffbaac1ed6e05f78336e6e 1644260 smarty3_3.1.10.orig.tar.gz adc88308724f4597c1be309e5eba632331fedce2 7612 smarty3_3.1.10-2+deb7u1.debian.tar.gz 8e9959892f579aae60a50a943f6c4a33ebf28909 209430 smarty3_3.1.10-2+deb7u1_all.deb Checksums-Sha256: 367df50f4e7fcdf3c26ae384fc65fa9f564c3fbe667c0cd676457b8c59d4ffd2 2006 smarty3_3.1.10-2+deb7u1.dsc 91fa8ca11287420af9c98ddf6fd8f66fdf0ec243f88f6d95f9c4137421d1da71 1644260 smarty3_3.1.10.orig.tar.gz 9f661c92d5e6e37ba8e176a984574b76ab0987d4cee60a22768b9b2bb5e6f1df 7612 smarty3_3.1.10-2+deb7u1.debian.tar.gz b482aa8b7667e88fd0fd92c97c8bdc638912f4416c4be51517de209057ddcef6 209430 smarty3_3.1.10-2+deb7u1_all.deb Files: 8647bb8575c940894503dd31f1ee8cca 2006 web optional smarty3_3.1.10-2+deb7u1.dsc 727cc6056a636ed18b7661671e096b1f 1644260 web optional smarty3_3.1.10.orig.tar.gz 17da44053235f83d703b24f41607da56 7612 web optional smarty3_3.1.10-2+deb7u1.debian.tar.gz cae3b8fa6f0a5e85632f88ea361fcf1f 209430 web optional smarty3_3.1.10-2+deb7u1_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQJ8BAEBCgBmBQJXKLUNXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRBQ0YzRDA4OEVGMzJFREVGNkExQTgzNUZE OUFEMTRCOTUxM0I1MUU0AAoJENmtFLlRO1HkLYQP/3VCxi61Kqug/6802qgUVyeo k/4IMWwhuo7Ef2V16xKMBHzP0qoDWns4LGqyKfz2OW7UbgPkqz6HObFmSV/WuCc1 /JkobihSOJTrHQaqPLmQH/uVXD7GRrO7weT0+25gNb81PiTH/lmMkjDtd5F/tTF8 zvZErx4ycSlxg/6M2Dix82Cmc09kHapykWZt2pIhYX6YddHGo4ko6CJsJ96K9Jg5 etWd7I1wzPvsm01eO8rjbqR4ACfX/vOdCxzDtW1JxzBmRvlkROPIRjN/O99pOTTM klOBEiUNbpoPYNuPk0zxeMYGI70+uCSERTvhI4uTVR8X+WJZTO3AMU+JQQHNW2mY 4YDWLkFGxlGbP5MsqdBXOuxIgb0JySp2Tck/xYmcIRmovKlLKGbNk9+mets+d1Sg g1FH+DE/T/TH5veMbFuujWAGPKq1cdfFSbePYhBiNOESBxggmxtXIdSyh3Oy8A41 ch77bQp8V2xP9u9V1bxky4A0tAMIyB2MP24fXddhy1+aJt6FPCniX4OSfvNuBASl RLUH23+TbIVOLjLGrzwQglBfG93Kc+aOgsbOqh3Qr/caklltH7PkZF3AaYW6l5q2 TxCH1UgV4ByAHnWqWOyu31pJwn7Fj3QBtJKZTnktmAm46JnHBWMwBJSY/8f96Cmf t4Hij8gPblxibQqr7rLx =y7xa -----END PGP SIGNATURE-----