Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Fedora 24: Security Update for php-zendframework-zend-mail to Prevent RCE

fedora
Calendar Grey December 31, 2016
Dist Fedora Esm H88
Update Available for php-zendframework-zend-mail addressing critical vulnerability in Sendmail adapter. Upgrade to version 2.7.2 promptly.
**Version 2.7.2** - 2016-12-19 - Fixes [ZF2016-04](https://framework.zend.com/security/advisory/ZF2016-04)

Summary

Zend\Mail provides generalized functionality to compose and send both text

and MIME-compliant multipart email messages. Mail can be sent with Zend\Mail

via the Mail\Transport\Sendmail, Mail\Transport\Smtp or the

Mail\Transport\File transport. Of course, you can also implement your own

transport by implementing the Mail\Transport\TransportInterface.

Documentation: https://zendframework.github.io/zend-mail/

Update Information:

**Version 2.7.2** - 2016-12-19 - Fixes [ZF2016-04](https://framework.zend.com/security/advisory/ZF2016-04). Potential remote code execution in zend-mail via Sendmail adapter

Topics%20covered

Topics Covered

security advisory fedora remote code execution security patch zend framework

Change Log

References

Fedora Update Notification FEDORA-2016-1185de6aa6 2016-12-31 18:54:49.148584
Name : php-zendframework-zend-mail Product : Fedora 24 Version : 2.7.2 Release : 1.fc24 URL : https://zendframework.github.io/zend-mail/ Summary : Zend Framework Mail component Description : Zend\Mail provides generalized functionality to compose and send both text and MIME-compliant multipart email messages. Mail can be sent with Zend\Mail via the Mail\Transport\Sendmail, Mail\Transport\Smtp or the Mail\Transport\File transport. Of course, you can also implement your own transport by implementing the Mail\Transport\TransportInterface.
Documentation: https://zendframework.github.io/zend-mail/

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade php-zendframework-zend-mail' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html

Severity
critical
Lowest
Low
Medium
High
Critical

Name: php-zendframework-zend-mail
Product: Fedora 24
Version: 2.7.2
Release: 1.fc24
URL: https://zendframework.github.io/zend-mail/
Summary: Zend Framework Mail component

Topics%20covered

Topics Covered

security advisory fedora remote code execution security patch zend framework

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here