On Sunday, 17 June 2007, Moritz Muehlenhoff wrote: > Package: moodle > Severity: serious > > Your package includes a copy of PHPMailer, which also is packaged as > libphp-phpmailer in the archive. You need to fix your package > to use the system-wide library. Otherwise it requires too much overhead > whenever a vulnerability in PHPMailer is found. (like right now > CVE-2007-3215)
Moodle's integration of phpmailer requires some modifications to phpmailer, so I can't just use Debian's phpmailer. The current vulnerability doesn't even affect Moodle. I could have said it before so I know that since last Wednesday. Sorry for that. Best regards -- Isaac Clerencia at Warp Networks, http://www.warp.es Blog: http://people.warp.es/~isaac/blog/ Work: <[EMAIL PROTECTED]> | Debian: <[EMAIL PROTECTED]>
signature.asc
Description: This is a digitally signed message part.