[Secure-testing-commits] r47544 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Dec 29 07:34:31 UTC 2016
Author: carnil
Date: 2016-12-29 07:34:31 +0000 (Thu, 29 Dec 2016)
New Revision: 47544
Modified:
data/CVE/list
Log:
Make fix for CVE-2016-10033 better identifiable
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-12-29 07:32:43 UTC (rev 47543)
+++ data/CVE/list 2016-12-29 07:34:31 UTC (rev 47544)
@@ -2162,7 +2162,7 @@
RESERVED
- libphp-phpmailer <unfixed> (bug #849365)
NOTE: https://legalhackers.com/advisories/PHPMailer-Exploit-Remote-Code-Exec-CVE-2016-10033-Vuln.html
- NOTE: Fixed by: https://github.com/PHPMailer/PHPMailer/commit/4835657cd639fbd09afd33307cef164edf807cdc
+ NOTE: Fixed by: https://github.com/PHPMailer/PHPMailer/commit/4835657cd639fbd09afd33307cef164edf807cdc#diff-ace81e501931d8763b49f2410cf3094dR1449
NOTE: Fix potentially incomplete, cf http://www.openwall.com/lists/oss-security/2016/12/28/1
NOTE: When updating libphp-phpmailer for CVE-2016-10033 make sure to apply the
NOTE: complete patch to not make libphp-phpmailer affected by CVE-2016-10045.
More information about the Secure-testing-commits
mailing list