[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#702710: smarty: Possible XSS bug in Smarty error messages.

Package: smarty
Version: 2.6.26-0.2
Severity: normal

In upstream version Smarty 2.6.27, possible security fix is applied with the following patch.
But this fix does not seem to be applied in Debian stable package 2.6.26-0.2.

--- Smarty.class.php.orig       2009-06-18 23:47:04.000000000 +0900
+++ Smarty.class.php    2013-03-11 00:32:14.000000000 +0900
@@ -1090,7 +1090,8 @@
     function trigger_error($error_msg, $error_type = E_USER_WARNING)
-        trigger_error("Smarty error: $error_msg", $error_type);
+        $msg = htmlentities($error_msg);
+        trigger_error("Smarty error: $msg", $error_type);


-- System Information:
Debian Release: 6.0.7
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: i386 (i686)

Kernel: Linux 2.6.32-5-686 (SMP w/1 CPU core)
Locale: LANG=ja_JP.UTF-8, LC_CTYPE=ja_JP.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages smarty depends on:
ii  php5-cli               5.3.3-7+squeeze15 command-line interpreter for the p

smarty recommends no packages.

smarty suggests no packages.

-- no debconf information

Reply to: