Sicherheit: Mangelnde Eingabeprüfung in php-PHPMailer
Aktuelle Meldungen Distributionen
Name: Mangelnde Eingabeprüfung in php-PHPMailer
ID: FEDORA-2020-06e87e71fe
Distribution: Fedora
Plattformen: Fedora 32
Datum: Mi, 1. Juli 2020, 10:30
Referenzen: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13625
Applikationen: PHPMailer


Fedora Update Notification
2020-07-01 01:48:22.588196

Name : php-PHPMailer
Product : Fedora 32
Version : 5.2.28
Release : 2.fc32
URL : https://github.com/PHPMailer/PHPMailer
Summary : PHP email transport class with a lot of features
Description :
Full Featured Email Transfer Class for PHP. PHPMailer features:

* Supports emails digitally signed with S/MIME encryption!
* Supports emails with multiple TOs, CCs, BCCs and REPLY-TOs
* Works on any platform.
* Supports Text & HTML emails.
* Embedded image support.
* Multipart/alternative emails for mail clients that do not read
HTML email.
* Flexible debugging.
* Custom mail headers.
* Redundant SMTP servers.
* Support for 8bit, base64, binary, and quoted-printable encoding.
* Word wrap.
* Multiple fs, string, and binary attachments (those from database,
string, etc).
* SMTP authentication.
* Tested on multiple SMTP servers: Sendmail, qmail, Postfix, Gmail,
Imail, Exchange, etc.
* Good documentation, many examples included in download.
* It's swift, small, and simple.

Update Information:

Fix CVE-2020-13625 vulnerability.

* Sun Jun 21 2020 Patrick Monnerat <patrick@monnerat.net> 5.2.28-2
- Patch "cve2020-13625" fixes CVE-2020-13625 vulnerability. This is a
of https://github.com/PHPMailer/PHPMailer/commit/c2796cb.

[ 1 ] Bug #1848842 - CVE-2020-13625 php-PHPMailer: output escaping could
result in the file type being misinterpreted [fedora-all]

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2020-06e87e71fe' at the command
line. For more information, refer to the dnf documentation available at

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org
Pro-Linux @Facebook
Neue Nachrichten