You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa php-swiftmailer

Sigurnosni nedostatak programskog paketa php-swiftmailer

——————————————————————————–
Fedora Update Notification
FEDORA-2016-b65e546846
2017-01-08 20:51:00.219912
——————————————————————————–

Name : php-swiftmailer
Product : Fedora 24
Version : 5.4.5
Release : 1.fc24
URL : http://www.swiftmailer.org/
Summary : Free Feature-rich PHP Mailer
Description :
Swift Mailer integrates into any web app written in PHP, offering a
flexible and elegant object-oriented approach to sending emails with
a multitude of features.

Autoloader: /usr/share/php/Swift/swift_required.php

——————————————————————————–
Update Information:

**Version 5.4.5** (2016-12-29) * SECURITY FIX: fixed CVE-2016-10074 by
disallowing potentially unsafe shell characters Prior to 5.4.5, the mail
transport (Swift_Transport_MailTransport) was vulnerable to passing arbitrary
shell arguments if the “From”, “ReturnPath” or “Sender” header came from a
non-trusted source, potentially allowing Remote Code Execution * deprecated
the mail transport
——————————————————————————–
References:

[ 1 ] Bug #1409517 – CVE-2016-10074 php-swiftmailer: Parameter injection via mail() function
https://bugzilla.redhat.com/show_bug.cgi?id=1409517
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade php-swiftmailer’ at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

——————————————————————————–
Fedora Update Notification
FEDORA-2016-f7ef82c1b4
2017-01-08 20:49:06.547055
——————————————————————————–

Name : php-swiftmailer
Product : Fedora 25
Version : 5.4.5
Release : 1.fc25
URL : http://www.swiftmailer.org/
Summary : Free Feature-rich PHP Mailer
Description :
Swift Mailer integrates into any web app written in PHP, offering a
flexible and elegant object-oriented approach to sending emails with
a multitude of features.

Autoloader: /usr/share/php/Swift/swift_required.php

——————————————————————————–
Update Information:

**Version 5.4.5** (2016-12-29) * SECURITY FIX: fixed CVE-2016-10074 by
disallowing potentially unsafe shell characters Prior to 5.4.5, the mail
transport (Swift_Transport_MailTransport) was vulnerable to passing arbitrary
shell arguments if the “From”, “ReturnPath” or “Sender” header came from a
non-trusted source, potentially allowing Remote Code Execution * deprecated
the mail transport
——————————————————————————–
References:

[ 1 ] Bug #1409517 – CVE-2016-10074 php-swiftmailer: Parameter injection via mail() function
https://bugzilla.redhat.com/show_bug.cgi?id=1409517
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade php-swiftmailer’ at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Top
More in Preporuke
Sigurnosni nedostaci programskog paketa gstreamer1-plugins-bad-free

Otkriveni su sigurnosni nedostaci u programskom paketu gstreamer1-plugins-bad-free za Redhat. Otkriveni nedostaci potencijalnim napadačima omogućuju rušenje servisa ili izvršavanje proizvoljnog...

Close