Univention Bugzilla – Bug 46169
smarty3: Multiple issues (4.2)
Last modified: 2018-02-14 13:31:51 CET
smarty3 (3.1.21-1+deb8u1) CVE-2017-1000480 9.8 Smarty 3 before 3.1.32 is vulnerable to a PHP code injection when calling fetch() or display() functions on custom resources that does not sanitize template name.
cbdce0672e Bug #46169: smarty3
YAML: OK Build: OK (no patches) Tests: OK
<http://errata.software-univention.de/ucs/4.2/281.html>
Regression! 16e9b31334 Bug #46169: smarty3_3.1.21-1+deb8u2
I think it would be better to open a new bug instead of re-opening closed issues. YAML: OK Build: OK (no patches) Tests: OK
<http://errata.software-univention.de/ucs/4.2/303.html>