--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2015-abf9659276
2016-02-11 09:49:39.042856
--------------------------------------------------------------------------------

Name        : php-PHPMailer
Product     : Fedora 23
Version     : 5.2.14
Release     : 1.fc23
URL         : https://phpmailer.worxware.com/
Summary     : PHP email transport class with a lot of features
Description :
Full Featured Email Transfer Class for PHP. PHPMailer features:

    * Supports emails digitally signed with S/MIME encryption!
    * Supports emails with multiple TOs, CCs, BCCs and REPLY-TOs
    * Works on any platform.
    * Supports Text & HTML emails.
    * Embedded image support.
    * Multipart/alternative emails for mail clients that do not read
      HTML email.
    * Flexible debugging.
    * Custom mail headers.
    * Redundant SMTP servers.
    * Support for 8bit, base64, binary, and quoted-printable encoding.
    * Word wrap.
    * Multiple fs, string, and binary attachments (those from database,
      string, etc).
    * SMTP authentication.
    * Tested on multiple SMTP servers: Sendmail, qmail, Postfix, Gmail,
      Imail, Exchange, etc.
    * Good documentation, many examples included in download.
    * It's swift, small, and simple.

--------------------------------------------------------------------------------
Update Information:

New upstream release: fixes CVE-2015-8476.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1289094 - CVE-2015-8476 php-PHPMailer: Message injection caused by line breaks in addresses [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1289094
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program. Use
su -c 'yum update php-PHPMailer' at the command line.
For more information, refer to "Managing Software with yum",
available at .

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/security/
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://lists.fedoraproject.org/admin/lists/package-announce.lists.fedoraproject.org/

Fedora 23: php-PHPMailer Security Update

February 11, 2016
New upstream release: fixes CVE-2015-8476.

Summary

Full Featured Email Transfer Class for PHP. PHPMailer features:

* Supports emails digitally signed with S/MIME encryption!

* Supports emails with multiple TOs, CCs, BCCs and REPLY-TOs

* Works on any platform.

* Supports Text & HTML emails.

* Embedded image support.

* Multipart/alternative emails for mail clients that do not read

HTML email.

* Flexible debugging.

* Custom mail headers.

* Redundant SMTP servers.

* Support for 8bit, base64, binary, and quoted-printable encoding.

* Word wrap.

* Multiple fs, string, and binary attachments (those from database,

string, etc).

* SMTP authentication.

* Tested on multiple SMTP servers: Sendmail, qmail, Postfix, Gmail,

Imail, Exchange, etc.

* Good documentation, many examples included in download.

* It's swift, small, and simple.

Update Information:

New upstream release: fixes CVE-2015-8476.

Change Log

References

[ 1 ] Bug #1289094 - CVE-2015-8476 php-PHPMailer: Message injection caused by line breaks in addresses [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1289094

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update php-PHPMailer' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
Name : php-PHPMailer
Product : Fedora 23
Version : 5.2.14
Release : 1.fc23
URL : https://phpmailer.worxware.com/
Summary : PHP email transport class with a lot of features

Related News

6.EmailConnection Touch Esm H320
2 - 3 min read
Recent security updates for Ubuntu and Debian have been released to address vulnerabilities in Thunderbird, the popular open-source mail and
30.Lock Globe Motherboard Esm H320
1 - 2 min read
As cybersecurity practitioners, we are no strangers to the constant threat of malicious actors and the importance of remaining vigilant to protect
22.Lock ScreenEffect Esm H320
1 - 2 min read
EndeavorOS Gemini is a captivating and charming desktop operating system based on Arch Linux. The new release includes a kernel upgrade, 3D graphics
25.@Sign Hook Keyboard Esm H320
1 min read
Cyber risk is increasing for individuals and organizations, making flexible and robust solutions for identifying spam and malware increasingly
19.Laptop Bed Esm H320
2 - 3 min read
The recently released Linux Kernel 6.9 brings forth a blend of crucial upgrades and enhancements, catering to the ever-evolving needs of the Linux
4.Lock AbstractDigital Esm H320
1 - 2 min read
Nmap 7.95 introduces myriad enhancements, primarily focusing on OS and service detection signatures. This reflects the dedication of the Nmap
5.ShakingHands Esm H320
3 - 5 min read
There has been a promising shift in the tech industry, with major companies pledging to release products with built-in security features. This
18.WifiCutout Landscape Esm H320
2 - 3 min read
A novel attack called TunnelVision has been discovered. It compromises the security of virtually all VPN apps, rendering their purpose useless. The

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved