mahara-contributors team mailing list archive

Thread
Date

[Bug 1652995] Re: Phpmailer security update (v5.2.21)

To: mahara-contributors@xxxxxxxxxxxxxxxxxxx
From: Kristina Hoeppner <1652995@xxxxxxxxxxxxxxxxxx>
Date: Thu, 29 Dec 2016 10:23:23 -0000
Reply-to: Bug 1652995 <1652995@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-10045

** Information type changed from Private Security to Public Security

-- 
You received this bug notification because you are a member of Mahara
Contributors, which is subscribed to Mahara.
Matching subscriptions: Subscription for all Mahara Contributors -- please ask on #mahara-dev or mahara.org forum before editing or unsubscribing it!
https://bugs.launchpad.net/bugs/1652995

Title:
  Phpmailer security update (v5.2.21)

Status in Mahara:
  Fix Committed
Status in Mahara 15.04 series:
  Fix Released
Status in Mahara 15.10 series:
  Fix Released
Status in Mahara 16.04 series:
  Fix Released
Status in Mahara 16.10 series:
  Fix Released

Bug description:
  PHPMailer just released fixes for some serious security issues. For
  more details, see https://github.com/PHPMailer/PHPMailer/wiki/About-
  the-CVE-2016-10033-and-CVE-2016-10045-vulnerabilities

  
  Not sure to what extent Mahara might be affected, but would suggest to upgrade all supported branches.

To manage notifications about this bug go to:
https://bugs.launchpad.net/mahara/+bug/1652995/+subscriptions