Am Sonntag, 16. März 2008 16:57:59 schrieb Nico Golde: > Package: gosa > Severity: grave > Tags: security patch > > Hi, > A security issue has been discovered in Smarty which is also > > shipped as part of gosa: > | The modifier.regex_replace.php plugin in Smarty before 2.6.19, as used > | by Serendipity (S9Y) and other products, allows attackers to call > | arbitrary PHP functions via templates, related to a '0' character in > | a search string. > > Please see the original bug in Smarty here: #469492. The patch is very > straigtforward. > > The right solution here is to not ship Smarty as part of gosa but make use > of the smarty package that is already in the archive, because the security > team now has to issue multiple DSA's for this single issue which is > obviously problematic. > > To address this bug for lenny and sid, please prepare a version of Moodle > that works with the archive version of smarty.
GOsa uses the debian integrated smarty, so this is no issue. Cajus
