Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -5 articles for you...
89
security advisorycriticalFedoraFedora 32 2020-06e87e71fe Critical: php-PHPMailer CVE-2020-13625 Fix
Fix CVE-2020-13625 vulnerability.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2020-06e87e71fe 2020-07-01 01:48:22.588196 --------------------------------------------------------------------------------Name : php-PHPMailer Product : Fedora 32 Version : 5.2.28 Release : 2.fc32 URL : https://github.com/PHPMailer/PHPMailer Summary : PHP email transport class with a lot of features Description : Full Featured Email Transfer Class for PHP. PHPMailer features: * Supports emails digitally signed with S/MIME encryption! * Supports emails with multiple TOs, CCs, BCCs and REPLY-TOs * Works on any platform. * Supports Text & HTML emails. * Embedded image support. * Multipart/alternative emails for mail clients that do not read HTML email. * Flexible debugging. * Custom mail headers. * Redundant SMTP servers. * Support for 8bit, base64, binary, and quoted-printable encoding. * Word wrap. * Multiple fs, string, and binary attachments (those from database, string, etc). * SMTP authentication. * Tested on multiple SMTP servers: Sendmail, qmail, Postfix, Gmail, Imail, Exchange, etc. * Good documentation, many examples included in download. * It's swift, small, and simple. --------------------------------------------------------------------------------Update Information: Fix CVE-2020-13625 vulnerability. --------------------------------------------------------------------------------ChangeLog: * Sun Jun 21 2020 Patrick Monnerat 5.2.28-2 - Patch "cve2020-13625" fixes CVE-2020-13625 vulnerability. This is a backport of https://github.com/PHPMailer/PHPMailer/commit/c2796cb. https://bugzilla.redhat.com/show_bug.cgi?id=1848842 --------------------------------------------------------------------------------References: [ 1 ] Bug #1848842 - CVE-2020-13625 php-PHPMailer: output escaping could resultin the file type being misinterpreted [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1848842 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-06e87e71fe' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Jun 30, 2020
•Critical
Fedora
89
security advisorycriticalFedoraFedora 31: FEDORA-2020-0bbe6304e3 Critical php-PHPMailer CVE Fix
Fix CVE-2020-13625 vulnerability.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2020-0bbe6304e3 2020-07-01 01:34:56.095584 --------------------------------------------------------------------------------Name : php-PHPMailer Product : Fedora 31 Version : 5.2.28 Release : 2.fc31 URL : https://github.com/PHPMailer/PHPMailer Summary : PHP email transport class with a lot of features Description : Full Featured Email Transfer Class for PHP. PHPMailer features: * Supports emails digitally signed with S/MIME encryption! * Supports emails with multiple TOs, CCs, BCCs and REPLY-TOs * Works on any platform. * Supports Text & HTML emails. * Embedded image support. * Multipart/alternative emails for mail clients that do not read HTML email. * Flexible debugging. * Custom mail headers. * Redundant SMTP servers. * Support for 8bit, base64, binary, and quoted-printable encoding. * Word wrap. * Multiple fs, string, and binary attachments (those from database, string, etc). * SMTP authentication. * Tested on multiple SMTP servers: Sendmail, qmail, Postfix, Gmail, Imail, Exchange, etc. * Good documentation, many examples included in download. * It's swift, small, and simple. --------------------------------------------------------------------------------Update Information: Fix CVE-2020-13625 vulnerability. --------------------------------------------------------------------------------ChangeLog: * Sun Jun 21 2020 Patrick Monnerat 5.2.28-2 - Update to 5.2.28 - Patch "cve2020-13625" fixes CVE-2020-13625 vulnerability. This is a backport of https://github.com/PHPMailer/PHPMailer/commit/c2796cb. https://bugzilla.redhat.com/show_bug.cgi?id=1848842 --------------------------------------------------------------------------------References: [ 1 ] Bug #1848842 - CVE-2020-13625 php-PHPMailer: outputescaping could result in the file type being misinterpreted [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1848842 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-0bbe6304e3' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Jun 30, 2020
•Critical
Fedora
89
security advisoryFedorasecurity fixFedora 28: FEDORA-2018-f73869d61e Critical: PHP-PHPMailer Object Injection
**Version 5.2.27** * SECURITY Fix potential object injection vulnerability. **CVE-2018-19296**. Reported by Sehun Oh of cyberone.kr. Note that the 5.2 branch is deprecated and will not receive security updates after 31st December 2018.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2018-f73869d61e 2018-11-27 17:11:25.740573 --------------------------------------------------------------------------------Name : php-PHPMailer Product : Fedora 28 Version : 5.2.27 Release : 1.fc28 URL : https://github.com/PHPMailer/PHPMailer Summary : PHP email transport class with a lot of features Description : Full Featured Email Transfer Class for PHP. PHPMailer features: * Supports emails digitally signed with S/MIME encryption! * Supports emails with multiple TOs, CCs, BCCs and REPLY-TOs * Works on any platform. * Supports Text & HTML emails. * Embedded image support. * Multipart/alternative emails for mail clients that do not read HTML email. * Flexible debugging. * Custom mail headers. * Redundant SMTP servers. * Support for 8bit, base64, binary, and quoted-printable encoding. * Word wrap. * Multiple fs, string, and binary attachments (those from database, string, etc). * SMTP authentication. * Tested on multiple SMTP servers: Sendmail, qmail, Postfix, Gmail, Imail, Exchange, etc. * Good documentation, many examples included in download. * It's swift, small, and simple. --------------------------------------------------------------------------------Update Information: **Version 5.2.27** * SECURITY Fix potential object injection vulnerability. **CVE-2018-19296**. Reported by Sehun Oh of cyberone.kr. Note that the 5.2 branch is deprecated and will not receive security updates after 31st December 2018. --------------------------------------------------------------------------------ChangeLog: * Fri Nov 162018 Remi Collet - 5.2.27-1 - update to 5.2.27 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2018-f73869d61e' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Nov 27, 2018
•Critical
Fedora
89
security advisorysecurity updatecriticalFedora 25: php-PHPMailer Critical Update for CVE-2016-10045
**Version 5.2.21** (December 28th 2016) * Fix missed number update in version file - no functional changes ---- **Version 5.2.20** (December 28th 2016) * **SECURITY** Critical security update for CVE-2016-10045 please update now! Thanks to [Dawid Golunski]() and Paul Buonopane (Zenexer). ---- ** Version 5.2.19** (December 26th 2016) * Minor cleanup. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2016-6941d25875 2017-01-06 04:21:36.344988 -------------------------------------------------------------------------------- Name : php-PHPMailer Product : Fedora 25 Version : 5.2.21 Release : 1.fc25 URL : https://github.com/PHPMailer/PHPMailer Summary : PHP email transport class with a lot of features Description : Full Featured Email Transfer Class for PHP. PHPMailer features: * Supports emails digitally signed with S/MIME encryption! * Supports emails with multiple TOs, CCs, BCCs and REPLY-TOs * Works on any platform. * Supports Text & HTML emails. * Embedded image support. * Multipart/alternative emails for mail clients that do not read HTML email. * Flexible debugging. * Custom mail headers. * Redundant SMTP servers. * Support for 8bit, base64, binary, and quoted-printable encoding. * Word wrap. * Multiple fs, string, and binary attachments (those from database, string, etc). * SMTP authentication. * Tested on multiple SMTP servers: Sendmail, qmail, Postfix, Gmail, Imail, Exchange, etc. * Good documentation, many examples included in download. * It's swift, small, and simple. -------------------------------------------------------------------------------- Update Information: **Version 5.2.21** (December 28th 2016) * Fix missed number update in version file - no functional changes ---- **Version 5.2.20** (December 28th 2016) * **SECURITY** Critical security update for CVE-2016-10045 please update now! Thanks to [Dawid Golunski]()and Paul Buonopane (Zenexer). ---- ** Version 5.2.19** (December 26th 2016) * Minor cleanup ** Version 5.2.18** (December 24th 2016) * **SECURITY** Critical security update for CVE-2016-10033 please update now! Thanks to [Dawid Golunski](). * Add ability to extract the SMTP transaction ID from some common SMTP success messages * Minor documentation tweaks ** Version 5.2.17** (December 9th 2016) * This is officially the last feature release of 5.2. Security fixes only from now on; use PHPMailer 6.0! * Allow DKIM private key to be provided as a string * Provide mechanism to allow overriding of boundary and message ID creation * Improve Brazilian Portuguese, Spanish, Swedish, Romanian, and German translations * PHP 7.1 support for Travis-CI * Fix some language codes * Add security notices * Improve DKIM compatibility in older PHP versions * Improve trapping and capture of SMTP connection errors * Improve passthrough of error levels for debug output * PHPDoc cleanup -------------------------------------------------------------------------------- References: [ 1 ] Bug #1409489 - CVE-2016-10033 phpmailer: Parameter injection via mail() function https://bugzilla.redhat.com/show_bug.cgi?id=1409489 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade php-PHPMailer' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
Jan 06, 2017
•Critical
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!