Smarty version in Mahara 1.0 and 1.1 has security vulnerabilities

Bug #491129 reported by François Marier on 2009-12-01
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Evan Goldenberg
Evan Goldenberg
Evan Goldenberg

Bug Description

The version of smarty bundled with Mahara has three open vulnerabilities:


The Debian/Ubuntu packages are not vulnerable since they use the packaged version of smarty.

CVE References

Changed in mahara:
milestone: none → 1.1.8
milestone: 1.1.8 → 1.0.14
milestone: 1.0.14 → none
Changed in mahara:
assignee: nobody → Evan Goldenberg (naveg)
Evan Goldenberg (naveg) wrote :

CVE-2008-4810 and CVE-2008-4811 appear to be the same issue, involving unescaped dollar signs. This was fixed in smarty r2797 (

CVE-2009-1669, which involves unneeded backticks in math equations, was fixed in smarty r3139 (

Both are trivial fixes, so I'll manually apply them to the version of smarty found in Mahara 1.0 and 1.1

Evan Goldenberg (naveg) wrote :

Fixed on the security repo, branches 1.1_STABLE and 1.0_STABLE

Changed in mahara:
status: New → Fix Committed
Changed in mahara:
status: Fix Committed → Fix Released
visibility: private → public
To post a comment you must log in.
This report contains Public Security information  Edit
Everyone can see this security related information.

Other bug subscribers