903620 – (CVE-2023-28447) <dev-php/smarty-4.3.1: XSS vulnerability

Bug 903620 (CVE-2023-28447) - <dev-php/smarty-4.3.1: XSS vulnerability

Summary: <dev-php/smarty-4.3.1: XSS vulnerability

Status:	RESOLVED FIXED

Alias:	CVE-2023-28447

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	Normal minor (vote)
Assignee:	Gentoo Security

URL:	https://github.com/smarty-php/smarty/...
Whiteboard:	B4 [noglsa]
Keywords:

Depends on:
Blocks:

Reported:	2023-03-31 04:10 UTC by John Helmert III
Modified:	2023-05-07 20:20 UTC (History)
CC List:	2 users (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description John Helmert III archtester

2023-03-31 04:10:07 UTC

CVE-2023-28447:

Smarty is a template engine for PHP. In affected versions smarty did not properly escape javascript code. An attacker could exploit this vulnerability to execute arbitrary JavaScript code in the context of the user's browser session. This may lead to unauthorized access to sensitive user data, manipulation of the web application's behavior, or unauthorized actions performed on behalf of the user. Users are advised to upgrade to either version 3.1.48 or to 4.3.1 to resolve this issue. There are no known workarounds for this vulnerability.

Please bump to 4.3.1.

Comment 1 Larry the Git Cow gentoo-dev

2023-04-04 01:36:12 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=526704c7f0e3ba66dd5028f1a747e6512029360d

commit 526704c7f0e3ba66dd5028f1a747e6512029360d
Author:     Michael Orlitzky <mjo@gentoo.org>
AuthorDate: 2023-04-04 00:58:51 +0000
Commit:     Michael Orlitzky <mjo@gentoo.org>
CommitDate: 2023-04-04 01:34:45 +0000

    dev-php/smarty: add 4.3.1, drop 4.3.0 (fix CVE-2023-28447).
    
    Bug: https://bugs.gentoo.org/903620
    Signed-off-by: Michael Orlitzky <mjo@gentoo.org>

 dev-php/smarty/Manifest                                    |  2 +-
 .../smarty/{smarty-4.3.0.ebuild => smarty-4.3.1.ebuild}    | 14 ++++++++++++--
 2 files changed, 13 insertions(+), 3 deletions(-)

Comment 2 John Helmert III archtester

2023-04-20 04:05:48 UTC

Thanks, please cleanup.

Comment 3 Larry the Git Cow gentoo-dev

2023-05-02 22:49:49 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6cbc79e3ae55e88e98cae951dd0d3514c76b7325

commit 6cbc79e3ae55e88e98cae951dd0d3514c76b7325
Author:     Michael Orlitzky <mjo@gentoo.org>
AuthorDate: 2023-05-02 22:45:26 +0000
Commit:     Michael Orlitzky <mjo@gentoo.org>
CommitDate: 2023-05-02 22:48:38 +0000

    dev-php/smarty: drop 4.2.1
    
    Bug: https://bugs.gentoo.org/903620
    Signed-off-by: Michael Orlitzky <mjo@gentoo.org>

 dev-php/smarty/Manifest            |  1 -
 dev-php/smarty/smarty-4.2.1.ebuild | 40 --------------------------------------
 2 files changed, 41 deletions(-)

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8ad99362e881785bbda7554d0b2fbefcbaa3c499

commit 8ad99362e881785bbda7554d0b2fbefcbaa3c499
Author:     Michael Orlitzky <mjo@gentoo.org>
AuthorDate: 2023-05-02 22:44:52 +0000
Commit:     Michael Orlitzky <mjo@gentoo.org>
CommitDate: 2023-05-02 22:48:38 +0000

    dev-php/smarty: stabilize 4.3.1 for ALLARCHES
    
    Bug: https://bugs.gentoo.org/903620
    Signed-off-by: Michael Orlitzky <mjo@gentoo.org>

 dev-php/smarty/smarty-4.3.1.ebuild | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Comment 4 John Helmert III archtester

2023-05-07 20:20:37 UTC

XSS only, no GLSA. All done, thanks!