Your message dated Wed, 04 Jan 2017 17:04:02 +0000
with message-id <[email protected]>
and subject line Bug#849626: fixed in libphp-swiftmailer 5.4.2-1.1
has caused the Debian Bug report #849626,
regarding libphp-swiftmailer: CVE-2016-10074
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
849626: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=849626
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: libphp-swiftmailer
Version: 5.2.2-1
Severity: grave
Tags: security upstream
Justification: user security hole
Hi,
the following vulnerability was published for libphp-swiftmailer.
CVE-2016-10074[0]:
Remote Code Execution
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2016-10074
[1]
https://legalhackers.com/advisories/SwiftMailer-Exploit-Remote-Code-Exec-CVE-2016-10074-Vuln.html
Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: libphp-swiftmailer
Source-Version: 5.4.2-1.1
We believe that the bug you reported is fixed in the latest version of
libphp-swiftmailer, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Thijs Kinkhorst <[email protected]> (supplier of updated libphp-swiftmailer
package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Wed, 04 Jan 2017 16:31:03 +0000
Source: libphp-swiftmailer
Binary: php-swiftmailer libphp-swiftmailer
Architecture: source all
Version: 5.4.2-1.1
Distribution: unstable
Urgency: high
Maintainer: Nicolas Roudaire <[email protected]>
Changed-By: Thijs Kinkhorst <[email protected]>
Description:
libphp-swiftmailer - transitional dummy package
php-swiftmailer - ${phpcomposer:description}
Closes: 849626
Changes:
libphp-swiftmailer (5.4.2-1.1) unstable; urgency=high
.
* Non-maintainer upload by the Security Team.
* Fix CVE-2016-10074: Remote Code Execution by applying patch
e6ccf40d from upstream (Closes: #849626).
Checksums-Sha1:
5645df04732720d403d450275ff52bb8b8d33ce7 1696 libphp-swiftmailer_5.4.2-1.1.dsc
3790535de39003b36c1ca2f8b5f6ec469abc8d8f 4800
libphp-swiftmailer_5.4.2-1.1.debian.tar.xz
22ba395e1e9c9e55dfb8b0ed6f189ace2f097a68 6254
libphp-swiftmailer_5.4.2-1.1_all.deb
e2ef86e27ff7bfac36baf7e6e5717674e6aca6f2 5579
libphp-swiftmailer_5.4.2-1.1_amd64.buildinfo
4d3eff0fe5d7109714cee3853b9df65c9a14edc7 225414
php-swiftmailer_5.4.2-1.1_all.deb
Checksums-Sha256:
50d39b8aa7e005056395ce2cdeafb2369d5c88604b4a94ca938b8d4a9ce010ed 1696
libphp-swiftmailer_5.4.2-1.1.dsc
0900889a3684f7bf50115e44670cc41f2eca5f9926c1136f84787e528fcafb8e 4800
libphp-swiftmailer_5.4.2-1.1.debian.tar.xz
e5cadb1fee3262d3ae26d9b30f10ce4d609364ce911444296a21e03218d17e1e 6254
libphp-swiftmailer_5.4.2-1.1_all.deb
d5ccad7bd7a911272502fb0dbf475592fe9b8c240c0055985473fde74d73c573 5579
libphp-swiftmailer_5.4.2-1.1_amd64.buildinfo
a14c5745fae5010883dc99838028dab66a68c5cdb3b8bc9a485e3b12f049e6ce 225414
php-swiftmailer_5.4.2-1.1_all.deb
Files:
4cc802237deffb0ee3f7471590970779 1696 php optional
libphp-swiftmailer_5.4.2-1.1.dsc
559cc659f44df3479446dc5c89874e32 4800 php optional
libphp-swiftmailer_5.4.2-1.1.debian.tar.xz
de740f40d699f39c7b0624070e05dbf3 6254 php optional
libphp-swiftmailer_5.4.2-1.1_all.deb
fb985b8d26dfc4d55c3d1d2e5f610ced 5579 php optional
libphp-swiftmailer_5.4.2-1.1_amd64.buildinfo
79eb4047b9c8ec9104b888e5915c6f82 225414 php optional
php-swiftmailer_5.4.2-1.1_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQEcBAEBCAAGBQJYbSXjAAoJEFb2GnlAHawEercH/ilWQUesKkItB4MpNimIBJVv
ClyziYZx07dBd8pRJlgMB9v27lXYuxuPhmEU/Ww6U/Bu/pvdk0IWO9+aoeYK2Scw
kJmGOWg0tqAsOOnaNrbjUO0Wtu//rgBIbuoSzSji8Tf/q4WvWH6E1/lW5r2gUvt9
oyZtmoCZJawIdJFjCPTH+hqj/fLslDh1oifbU4fw5xGiJH/rOmyHAhvS8S0rrQTn
kBcv8mLjMsZJcn/Uch2e2Ps2gkmJAP0lm7cueh0mhe+Tf3tB8rG3QI/nHeve40ie
VK+QRDdf+jBqXuspSzE3A9vfoUoRrFsCtpN/Ku1siKiApFUJsnFx8I3a7nESrdw=
=7HB3
-----END PGP SIGNATURE-----
--- End Message ---
