Package: mahara Severity: grave Tags: security patch Hi, A security issue has been discovered in Smarty which is also shipped as part of mahara:
| The modifier.regex_replace.php plugin in Smarty before 2.6.19, as used | by Serendipity (S9Y) and other products, allows attackers to call | arbitrary PHP functions via templates, related to a '0' character in | a search string. Please see the original bug in Smarty here: #469492. The patch is very straigtforward. The right solution here is to not ship Smarty as part of mahara but make use of the smarty package that is already in the archive, because the security team now has to issue multiple DSA's for this single issue which is obviously problematic. To address this bug for lenny and sid, please prepare a version of Moodle that works with the archive version of smarty. Kind regards Nico -- Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted.
pgp9WFjvAvNMT.pgp
Description: PGP signature
