Bug 46169

Summary: smarty3: Multiple issues (4.2)
Product: UCS Reporter: Philipp Hahn <hahn>
Component: Security updatesAssignee: Philipp Hahn <hahn>
Status: CLOSED FIXED QA Contact: Stefan Gohmann <gohmann>
Severity: normal    
Priority: P5    
Version: UCS 4.2   
Target Milestone: UCS 4.2-3-errata   
Hardware: Other   
OS: Linux   
URL: http://metadata.ftp-master.debian.org/changelogs/main/s/smarty3/smarty3_3.1.21-1+deb8u1_changelog
What kind of report is it?: Security Issue What type of bug is this?: ---
Who will be affected by this bug?: --- How will those affected feel about the bug?: ---
User Pain: Enterprise Customer affected?:
School Customer affected?: ISV affected?:
Waiting Support: Flags outvoted (downgraded) after PO Review:
Ticket number: Bug group (optional):
Max CVSS v3 score: 9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) NVD

Description Philipp Hahn univentionstaff 2018-01-25 14:30:11 CET 
smarty3 (3.1.21-1+deb8u1)

CVE-2017-1000480        9.8     Smarty 3 before 3.1.32 is vulnerable to a PHP code injection when calling fetch() or display() functions on custom resources that does not sanitize template name.
Comment 1 Philipp Hahn univentionstaff 2018-01-25 14:53:35 CET 
cbdce0672e Bug #46169: smarty3
Comment 2 Stefan Gohmann univentionstaff 2018-01-30 11:24:03 CET 
YAML: OK

Build: OK (no patches)

Tests: OK
Comment 3 Arvid Requate univentionstaff 2018-01-31 16:58:25 CET 
<http://errata.software-univention.de/ucs/4.2/281.html>
Comment 4 Philipp Hahn univentionstaff 2018-02-07 15:54:33 CET 
Regression!
16e9b31334 Bug #46169: smarty3_3.1.21-1+deb8u2
Comment 5 Stefan Gohmann univentionstaff 2018-02-09 16:08:26 CET 
I think it would be better to open a new bug instead of re-opening closed issues.


YAML: OK

Build: OK (no patches)

Tests: OK
Comment 6 Arvid Requate univentionstaff 2018-02-14 13:31:51 CET 
<http://errata.software-univention.de/ucs/4.2/303.html>