This new point release fixes a security vulnerability in wrestool. For further details see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=850017

**Version 5.2.22** (January 5th 2017)

* **SECURITY** Fix [CVE-2017-5223](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5223), local file disclosure vulnerability if content passed to `msgHTML()` is sourced from unfiltered user input. Reported by Yongxiang Li of Asiasecurity. The fix for this means that calls to `msgHTML()` without a `$basedir` will not import images with relative URLs, and relative URLs containing `..` will be ignored.
* Add simple contact form example
* Emoji in test content

—-

**Version 5.2.21** (December 28th 2016)

* Fix missed number update in version file – no functional changes

—-

**Version 5.2.20** (December 28th 2016)

* **SECURITY** Critical security update for CVE-2016-10045 please update now! Thanks to [Dawid Golunski](https://legalhackers.com) and Paul Buonopane (Zenexer).

—-

** Version 5.2.19** (December 26th 2016)

* Minor cleanup

—-

** Version 5.2.18** (December 24th 2016)

* **SECURITY** Critical security update for CVE-2016-10033 please update now! Thanks to [Dawid Golunski](https://legalhackers.com).
* Add ability to extract the SMTP transaction ID from some common SMTP success messages
* Minor documentation tweaks

—-

** Version 5.2.17** (December 9th 2016)

* This is officially the last feature release of 5.2. Security fixes only from now on; use PHPMailer 6.0!
* Allow DKIM private key to be provided as a string
* Provide mechanism to allow overriding of boundary and message ID creation
* Improve Brazilian Portuguese, Spanish, Swedish, Romanian, and German translations
* PHP 7.1 support for Travis-CI
* Fix some language codes
* Add security notices
* Improve DKIM compatibility in older PHP versions
* Improve trapping and capture of SMTP connection errors
* Improve passthrough of error levels for debug output
* PHPDoc cleanup

**Version 5.2.22** (January 5th 2017)

* **SECURITY** Fix [CVE-2017-5223](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5223), local file disclosure vulnerability if content passed to `msgHTML()` is sourced from unfiltered user input. Reported by Yongxiang Li of Asiasecurity. The fix for this means that calls to `msgHTML()` without a `$basedir` will not import images with relative URLs, and relative URLs containing `..` will be ignored.
* Add simple contact form example
* Emoji in test content

—-

**Version 5.2.21** (December 28th 2016)

* Fix missed number update in version file – no functional changes

—-

**Version 5.2.20** (December 28th 2016)

* **SECURITY** Critical security update for CVE-2016-10045 please update now! Thanks to [Dawid Golunski](https://legalhackers.com) and Paul Buonopane (Zenexer).

—-

** Version 5.2.19** (December 26th 2016)

* Minor cleanup

** Version 5.2.18** (December 24th 2016)

* **SECURITY** Critical security update for CVE-2016-10033 please update now! Thanks to [Dawid Golunski](https://legalhackers.com).
* Add ability to extract the SMTP transaction ID from some common SMTP success messages
* Minor documentation tweaks

** Version 5.2.17** (December 9th 2016)

* This is officially the last feature release of 5.2. Security fixes only from now on; use PHPMailer 6.0!
* Allow DKIM private key to be provided as a string
* Provide mechanism to allow overriding of boundary and message ID creation
* Improve Brazilian Portuguese, Spanish, Swedish, Romanian, and German translations
* PHP 7.1 support for Travis-CI
* Fix some language codes
* Add security notices
* Improve DKIM compatibility in older PHP versions
* Improve trapping and capture of SMTP connection errors
* Improve passthrough of error levels for debug output
* PHPDoc cleanup

**Version 5.2.22** (January 5th 2017)

* **SECURITY** Fix [CVE-2017-5223](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5223), local file disclosure vulnerability if content passed to `msgHTML()` is sourced from unfiltered user input. Reported by Yongxiang Li of Asiasecurity. The fix for this means that calls to `msgHTML()` without a `$basedir` will not import images with relative URLs, and relative URLs containing `..` will be ignored.
* Add simple contact form example
* Emoji in test content

—-

**Version 5.2.21** (December 28th 2016)

* Fix missed number update in version file – no functional changes

—-

**Version 5.2.20** (December 28th 2016)

* **SECURITY** Critical security update for CVE-2016-10045 please update now! Thanks to [Dawid Golunski](https://legalhackers.com) and Paul Buonopane (Zenexer).

—-

** Version 5.2.19** (December 26th 2016)

* Minor cleanup

** Version 5.2.18** (December 24th 2016)

* **SECURITY** Critical security update for CVE-2016-10033 please update now! Thanks to [Dawid Golunski](https://legalhackers.com).
* Add ability to extract the SMTP transaction ID from some common SMTP success messages
* Minor documentation tweaks

** Version 5.2.17** (December 9th 2016)

* This is officially the last feature release of 5.2. Security fixes only from now on; use PHPMailer 6.0!
* Allow DKIM private key to be provided as a string
* Provide mechanism to allow overriding of boundary and message ID creation
* Improve Brazilian Portuguese, Spanish, Swedish, Romanian, and German translations
* PHP 7.1 support for Travis-CI
* Fix some language codes
* Add security notices
* Improve DKIM compatibility in older PHP versions
* Improve trapping and capture of SMTP connection errors
* Improve passthrough of error levels for debug output
* PHPDoc cleanup

This new point release fixes a security vulnerability in wrestool. For further details see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=850017

This new point release fixes a security vulnerability in wrestool. For further details see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=850017