php-swiftmailer-5.4.5-1.fc24

**Version 5.4.5** (2016-12-29)

* SECURITY FIX: fixed CVE-2016-10074 by disallowing potentially unsafe shell characters

Prior to 5.4.5, the mail transport (Swift_Transport_MailTransport) was vulnerable to passing
arbitrary shell arguments if the “From”, “ReturnPath” or “Sender” header came
from a non-trusted source, potentially allowing Remote Code Execution

* deprecated the mail transport

Leave a Reply