Security #6: Update PHP Mailer to version 5.2.22 - WB 2.11.0 - Project Maintenance

Security #6

Update PHP Mailer to version 5.2.22

Added by Matthias over 5 years ago. Updated over 5 years ago.

Status:

Done

Priority:

Dringend

Assignee:

Manuela

Target version:

Start date:

2017-02-12

Due date:

% Done:

Estimated time:

Operating System:

Description

https://github.com/PHPMailer/PHPMailer

SECURITY Fix CVE-2017-5223, local file disclosure vulnerability if content passed to msgHTML() is sourced from unfiltered user input. Reported by Yongxiang Li of Asiasecurity. The fix for this means that calls to msgHTML() without a $basedir will not import images with relative URLs, and relative URLs containing .. will be ignored.

History

#1 Updated by Manuela over 5 years ago

Status changed from New to Done
Priority changed from Normal to Dringend

upgrade to 5.2.22 done

#2 Updated by Manuela over 5 years ago

Tracker changed from Error to Security

Also available in: Atom PDF

Project

General

Profile

WB 2.11.0

Issues

Security #6

Update PHP Mailer to version 5.2.22

History

#1 Updated by Manuela over 5 years ago

#2 Updated by Manuela over 5 years ago