Fedora: php-PHPMailer Fix Critical Message Injection Issue
fedora
February 11, 2016
New upstream release: fixes CVE-2015-8476.
Summary
Full Featured Email Transfer Class for PHP. PHPMailer features:
* Supports emails digitally signed with S/MIME encryption!
* Supports emails with multiple TOs, CCs, BCCs and REPLY-TOs
* Works on any platform.
* Supports Text & HTML emails.
* Embedded image support.
* Multipart/alternative emails for mail clients that do not read
HTML email.
* Flexible debugging.
* Custom mail headers.
* Redundant SMTP servers.
* Support for 8bit, base64, binary, and quoted-printable encoding.
* Word wrap.
* Multiple fs, string, and binary attachments (those from database,
string, etc).
* SMTP authentication.
* Tested on multiple SMTP servers: Sendmail, qmail, Postfix, Gmail,
Imail, Exchange, etc.
* Good documentation, many examples included in download.
* It's swift, small, and simple.
Update Information:
New upstream release: fixes CVE-2015-8476.
Topics Covered
Change Log
References
[ 1 ] Bug #1289094 - CVE-2015-8476 php-PHPMailer: Message injection caused by line breaks in addresses [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1289094
Update Instructions
This update can be installed with the "yum" update program. Use su -c 'yum update php-PHPMailer' at the command line. For more information, refer to "Managing Software with yum", available at .
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Name: php-PHPMailer
Product: Fedora 23
Version: 5.2.14
Release: 1.fc23
Summary: PHP email transport class with a lot of features
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!