Bug 748751 (CVE-2009-5052)
Summary: | CVE-2009-5052 php-Smarty: Multiple unspecified vulnerabilities in Smarty before 3.0.0 beta 6 | ||||||||
---|---|---|---|---|---|---|---|---|---|
Product: | [Other] Security Response | Reporter: | Jan Lieskovsky <jlieskov> | ||||||
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> | ||||||
Status: | CLOSED NOTABUG | QA Contact: | |||||||
Severity: | low | Docs Contact: | |||||||
Priority: | low | ||||||||
Version: | unspecified | CC: | christof, gwync | ||||||
Target Milestone: | --- | Keywords: | Security | ||||||
Target Release: | --- | ||||||||
Hardware: | All | ||||||||
OS: | Linux | ||||||||
Whiteboard: | |||||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||||
Doc Text: | Story Points: | --- | |||||||
Clone Of: | Environment: | ||||||||
Last Closed: | 2011-10-25 14:37:17 UTC | Type: | --- | ||||||
Regression: | --- | Mount Type: | --- | ||||||
Documentation: | --- | CRM: | |||||||
Verified Versions: | Category: | --- | |||||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||
Cloudforms Team: | --- | Target Upstream Version: | |||||||
Embargoed: | |||||||||
Attachments: |
|
Description
Jan Lieskovsky
2011-10-25 09:31:46 UTC
From the look at the Smarty changelog [2] the security flaws fixed in v3.0.0 before beta 6 are as follows (relevant SVN log records are listed too): ============= * 12/28/2009 - update for security fixes SVN log entry: r3416 | Uwe.Tews | 2009-12-28 16:27:13 +0100 (Mon, 28 Dec 2009) | 2 lines - update for security fixes - make modifier plugins always trusted ============= * 12/27/2009 - closed a security hole regarding PHP code injection into cache files SVN log entry: 3407 | Uwe.Tews | 2009-12-27 16:06:49 +0100 (Sun, 27 Dec 2009) | 11 lines --- this is a major update with a couple of internal changes --- - new config file lexer/parser (thanks to Thue Jnaus Kristensen) - template lexer/parser fixes for PHP and {literal} handing (thanks to Thue Jnaus Kristensen) - fix on registered plugins with different type but same name - rewrite of plugin handling (optimized execution speed) - closed a security hole regarding PHP code injection into cache files - fixed bug in clear cache handling - Renamed a couple of internal classes - code cleanup for merging compiled templates - couple of runtime optimizations (still not all done) Created attachment 530043 [details]
Smarty r3407 upstream patch
Created attachment 530044 [details]
Smarty r3416 upstream patch
These issues did NOT affect the versions of the php-Smarty package, as shipped with Fedora release of 14 and 15. -- These issues did NOT affect the versions of the php-Smarty package, as present within Fedora EPEL 5 and Fedora EPEL 6 repositories. |