The smarty_function_math function in libs/plugins/function.math.php
in Smarty 2.6.22 allows context-dependent attackers to execute
arbitrary commands via shell metacharacters in the equation attribute
of the math function. NOTE: some of these details are obtained from
third party information.
Smarty-2.6.24 has been released meanwhile, which is now added to cvs.
Candidate for stabilization:
Arches, please test and mark stable:
Target keywords : "alpha amd64 hppa ppc ppc64 sparc x86"
Stable for HPPA.
Stable on alpha.
GLSA together with bug 212147, bug 213320, and bug 243856.