Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 666440 (CVE-2018-13982)

Summary: <dev-php/smarty-3.1.33: path traversal vulnerability (CVE-2018-13982 and CVE-2018-16831)
Product: Gentoo Security Reporter: Michael Orlitzky <mjo>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal CC: php-bugs
Priority: Normal Flags: stable-bot: sanity-check+
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://seclists.org/oss-sec/2018/q3/246
Whiteboard: B3 [noglsa cve]
Package list:
=dev-php/smarty-3.1.33
 Runtime testing required: ---

Description Michael Orlitzky gentoo-dev 2018-09-17 21:16:55 UTC 
Versions of smarty before 3.1.33 are vulnerable to a path traversal vulnerability (see $url). I believe the original CVE for this issue was CVE-2018-13982 and that  CVE-2018-16831 was issued for an incomplete fix that didn't work on Linux.
Comment 1 Larry the Git Cow gentoo-dev 2018-09-17 21:21:56 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=cb4e94e6fbc8e0781b621ee61c52b192529e7714

commit cb4e94e6fbc8e0781b621ee61c52b192529e7714
Author:     Michael Orlitzky <mjo@gentoo.org>
AuthorDate: 2018-09-17 21:17:48 +0000
Commit:     Michael Orlitzky <mjo@gentoo.org>
CommitDate: 2018-09-17 21:21:10 +0000

    dev-php/smarty: new version 3.1.33 to fix CVE-2018-13982.
    
    Bug: https://bugs.gentoo.org/666440
    Package-Manager: Portage-2.3.40, Repoman-2.3.9

 dev-php/smarty/Manifest             |  1 +
 dev-php/smarty/smarty-3.1.33.ebuild | 46 +++++++++++++++++++++++++++++++++++++
 2 files changed, 47 insertions(+)
Comment 2 Aaron Bauman (RETIRED) gentoo-dev 2019-03-10 04:20:58 UTC 
@arches, please stabilize.
Comment 3 Sergei Trofimovich (RETIRED) gentoo-dev 2019-03-10 22:31:28 UTC 
ia64 stable
Comment 4 Rolf Eike Beer archtester 2019-03-11 22:02:18 UTC 
sparc stable
Comment 5 Sergei Trofimovich (RETIRED) gentoo-dev 2019-03-11 22:46:53 UTC 
hppa stable
Comment 6 Agostino Sarubbo gentoo-dev 2019-03-14 21:14:46 UTC 
amd64 stable
Comment 7 Sergei Trofimovich (RETIRED) gentoo-dev 2019-03-17 09:47:27 UTC 
ppc stable
Comment 8 Sergei Trofimovich (RETIRED) gentoo-dev 2019-03-17 09:52:42 UTC 
ppc64 stable
Comment 9 Thomas Deutschmann (RETIRED) gentoo-dev 2019-03-27 23:46:42 UTC 
x86 stable
Comment 10 Mikle Kolyada (RETIRED) archtester Gentoo Infrastructure gentoo-dev Security 2019-05-02 21:09:08 UTC 
alpha stable
Comment 11 Larry the Git Cow gentoo-dev 2019-05-02 22:40:11 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d38cf949be695e971aa9d35dcdeb806eb509469b

commit d38cf949be695e971aa9d35dcdeb806eb509469b
Author:     Michael Orlitzky <mjo@gentoo.org>
AuthorDate: 2019-05-02 22:39:40 +0000
Commit:     Michael Orlitzky <mjo@gentoo.org>
CommitDate: 2019-05-02 22:39:40 +0000

    dev-php/smarty: remove old vulnerable versions.
    
    Bug: https://bugs.gentoo.org/666440
    Signed-off-by: Michael Orlitzky <mjo@gentoo.org>
    Package-Manager: Portage-2.3.62, Repoman-2.3.11

 dev-php/smarty/Manifest             |  3 ---
 dev-php/smarty/smarty-3.1.30.ebuild | 46 -------------------------------------
 dev-php/smarty/smarty-3.1.31.ebuild | 46 -------------------------------------
 dev-php/smarty/smarty-3.1.32.ebuild | 46 -------------------------------------
 4 files changed, 141 deletions(-)