- Detalji os-a: WN7
- Važnost: IMP
- Operativni sustavi: L
- Kategorije: LFE
——————————————————————————–
Fedora Update Notification
FEDORA-2016-b65e546846
2017-01-08 20:51:00.219912
——————————————————————————–
Name : php-swiftmailer
Product : Fedora 24
Version : 5.4.5
Release : 1.fc24
URL : http://www.swiftmailer.org/
Summary : Free Feature-rich PHP Mailer
Description :
Swift Mailer integrates into any web app written in PHP, offering a
flexible and elegant object-oriented approach to sending emails with
a multitude of features.
Autoloader: /usr/share/php/Swift/swift_required.php
——————————————————————————–
Update Information:
**Version 5.4.5** (2016-12-29) * SECURITY FIX: fixed CVE-2016-10074 by
disallowing potentially unsafe shell characters Prior to 5.4.5, the mail
transport (Swift_Transport_MailTransport) was vulnerable to passing arbitrary
shell arguments if the “From”, “ReturnPath” or “Sender” header came from a
non-trusted source, potentially allowing Remote Code Execution * deprecated
the mail transport
——————————————————————————–
References:
[ 1 ] Bug #1409517 – CVE-2016-10074 php-swiftmailer: Parameter injection via mail() function
https://bugzilla.redhat.com/show_bug.cgi?id=1409517
——————————————————————————–
This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade php-swiftmailer’ at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
——————————————————————————–
Fedora Update Notification
FEDORA-2016-f7ef82c1b4
2017-01-08 20:49:06.547055
——————————————————————————–
Name : php-swiftmailer
Product : Fedora 25
Version : 5.4.5
Release : 1.fc25
URL : http://www.swiftmailer.org/
Summary : Free Feature-rich PHP Mailer
Description :
Swift Mailer integrates into any web app written in PHP, offering a
flexible and elegant object-oriented approach to sending emails with
a multitude of features.
Autoloader: /usr/share/php/Swift/swift_required.php
——————————————————————————–
Update Information:
**Version 5.4.5** (2016-12-29) * SECURITY FIX: fixed CVE-2016-10074 by
disallowing potentially unsafe shell characters Prior to 5.4.5, the mail
transport (Swift_Transport_MailTransport) was vulnerable to passing arbitrary
shell arguments if the “From”, “ReturnPath” or “Sender” header came from a
non-trusted source, potentially allowing Remote Code Execution * deprecated
the mail transport
——————————————————————————–
References:
[ 1 ] Bug #1409517 – CVE-2016-10074 php-swiftmailer: Parameter injection via mail() function
https://bugzilla.redhat.com/show_bug.cgi?id=1409517
——————————————————————————–
This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade php-swiftmailer’ at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
| Autor | Vlatka Misic |
| Cert id | NCERT-REF-2017-01-0056-ADV |
| Cve | CERT-CVE-DUMMY |
| ID izvornika | CERT-ORIGID-DUMMY |
| Proizvod | CERT-DUMMY-PRODUCT |
| Izvor | http://www.adobe.com/ |
