[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#702710: smarty: Possible XSS bug in Smarty error messages.

Hi Jan,

On Mon, 11 Mar 2013 09:16:31 -0400 (EDT)
Jan Lieskovsky <jlieskov@redhat.com> wrote:
> Just FYI the CVE identifier of CVE-2012-4437 has been previously
> assigned to this issue:
>   http://www.openwall.com/lists/oss-security/2012/09/20/3
>   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4437

 Thank you for your valuable information, Jan.
 Now I've prepared updated package as attached debdiff.


 Hideki Yamane     henrich @ debian.or.jp/org

Attachment: CVE-2012-4437_smarty.debdiff
Description: Binary data

Reply to: