[pkg-php-pear] Bug#849365: libphp-phpmailer: CVE-2016-10033
Salvatore Bonaccorso
carnil at debian.org
Mon Dec 26 09:54:47 UTC 2016
Source: libphp-phpmailer
Version: 5.2.9+dfsg-2
Severity: grave
Tags: security upstream
Justification: user security hole
Hi,
the following vulnerability was published for libphp-phpmailer.
CVE-2016-10033[0]:
remote code execution
Details though at the point of writing this bugreport are not yet
available. It is fixed in the new upstream version 5.2.18.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2016-10033
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10033
Please adjust the affected versions in the BTS as needed.
Regards,
Salvatore
More information about the pkg-php-pear
mailing list