[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 1591-2] libphp-phpmailer regression update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : libphp-phpmailer
Version        : 5.2.9+dfsg-2+deb8u5
CVE ID         : CVE-2018-19296


A possible regression was found in the recent security update for
libphp-phpmailer, announced as DLA 1591-1. During backporting a new
variable have accidentally introduced to a conditional statement from
a much later version. Thanks to Salvatore Bonaccorso (carnil) for
reporting this.

For Debian 8 "Jessie", this problem has been fixed in version
5.2.9+dfsg-2+deb8u5.

We recommend that you upgrade your libphp-phpmailer packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE7xPqJqaY/zX9fJAuhj1N8u2cKO8FAlwlqqYACgkQhj1N8u2c
KO87YBAAkFS7E0MOPkxwRUkxcuV561O1jutWulsKv4xQxi4t2019HNgA4r0FTER0
pcegRb605IiDAbBlDDhbMZxRYW3De/GA3i2M/PCp4PffCgDzRVpd166DkgAnZlKR
KEPA42TaJZOKSffgrETMU2kvgbS6Oj5Jf8Q1csssEGhQAgqDpqoSydkrfxhMyWMJ
v+yzrXeJ1TUJXF40aDLk0xiDXYe8zLlCaQShaNFbW7p4Vj0Ka75Bb0DIZ4W+oB/Y
36icnKPvvEa6hFvrLw+R3pLtqggxxJ1NCG4A7ylDW9xZ/A+owlN4beGSxgPWgubw
7dugkCAP2KoA4XIIjCdT2oTlEPfsXBr9XnQwdmX/NXP/tk+XJmIcb5VDQK1otIUD
AtGYQh9sNtUk1kJTjXn8haqOYYhn6srwtToUdpT0iTT5HyInLOCGZAHewfOcNkQM
O0qL1crpQk/xRVIl5e3hlAzl7CZVEYJEuWc1IlS91/W94L39eJwhMMgoxlilbJtl
kuizvEF56T5+PX9e612H0N9Ds6PkQN8X8RElP6UlPzhJeRTvktr8IygeJEn23/F1
0CG1IRSJKDXI0GQqn3E2/NLnjOL/WefAEomyQpIAJuPdc41GtWsqwpGJHydJNsfB
lFKaj/P7BvH0obIv9YFLlzBOFcHPqKE7sMwMNeZq4vvn/4WbQ9w=
=GDog
-----END PGP SIGNATURE-----


Reply to: