php-swiftmailer-5.4.5-1.el7

December 29, 2016 007admin Leave a comment

**Version 5.4.5** (2016-12-29)

* SECURITY FIX: fixed CVE-2016-10074 by disallowing potentially unsafe shell characters

Prior to 5.4.5, the mail transport (Swift_Transport_MailTransport) was vulnerable to passing
arbitrary shell arguments if the “From”, “ReturnPath” or “Sender” header came
from a non-trusted source, potentially allowing Remote Code Execution

* deprecated the mail transport

007 Software

php-swiftmailer-5.4.5-1.el7

Leave a Reply Cancel reply

Software and Security Information