MGASA-2022-0226 - Updated php-smarty packages fix security vulnerability
Publication date: 13 Jun 2022
URL: https://advisories.mageia.org/MGASA-2022-0226.html
Type: security
Affected Mageia releases: 8
CVE: CVE-2022-29221
Template authors could inject php code by choosing a malicious {block}
name or {include} file name. (CVE-2022-29221)
References:
- https://bugs.mageia.org/show_bug.cgi?id=30495
- https://www.debian.org/security/2022/dsa-5151
- https://github.com/smarty-php/smarty/security/advisories/GHSA-634x-pc3q-cf4c
- https://github.com/smarty-php/smarty/releases/tag/v4.1.1
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29221
SRPMS:
- 8/core/php-smarty-4.1.1-1.mga8
Mageia 2022-0226: php-smarty security update
Template authors could inject php code by choosing a malicious {block} name or {include} file name
Summary
Template authors could inject php code by choosing a malicious {block}
name or {include} file name. (CVE-2022-29221)
References
- https://bugs.mageia.org/show_bug.cgi?id=30495
- https://www.debian.org/security/2022/dsa-5151
- https://github.com/smarty-php/smarty/security/advisories/GHSA-634x-pc3q-cf4c
- https://github.com/smarty-php/smarty/releases/tag/v4.1.1
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29221
Resolution
MGASA-2022-0226 - Updated php-smarty packages fix security vulnerability
SRPMS
- 8/core/php-smarty-4.1.1-1.mga8
Severity
Publication date: 13 Jun 2022
URL: https://advisories.mageia.org/MGASA-2022-0226.html
Type: security
CVE: CVE-2022-29221
News
HOWTOs
Features
How To Hide Your IP And Keep From Being Tracked
Which Browser is Best for Online Security?
Complete Guide to Using Wapiti Web Vulnerability Scanner to Keep Your Web Applications & Websites Secure
Guide to Web Application Penetration Testing
Thank You for Participating in Our Security Dashboard Redesign Survey
About Us
Powered By
