[jira] [Created] (AIRAVATA-2297) Upgrade PHPMailer to >= 5.2.20 to address CVE-2016-10045

Marcus Christie (JIRA) Thu, 05 Jan 2017 05:28:38 -0800

Marcus Christie created AIRAVATA-2297:
-----------------------------------------


             Summary: Upgrade PHPMailer to >= 5.2.20 to address CVE-2016-10045
                 Key: AIRAVATA-2297
                 URL: https://issues.apache.org/jira/browse/AIRAVATA-2297
             Project: Airavata
          Issue Type: Bug
          Components: PGA PHP Web Gateway
            Reporter: Marcus Christie
            Assignee: Marcus Christie
            Priority: Critical
             Fix For: 0.17


PGA uses [PHPMailer version 5.2.13| 
https://github.com/apache/airavata-php-gateway/blob/8a7330c205d9e37bf8fbf9a062bdcf24d44d95c1/composer.json#L9
]. Looks like a new release, [5.2.20| 
https://github.com/PHPMailer/PHPMailer/releases/tag/v5.2.20], fixes the 
security exploit mentioned in [this security 
bulletin|https://legalhackers.com/advisories/PHPMailer-Exploit-Remote-Code-Exec-CVE-2016-10045-Vuln-Patch-Bypass.html].





--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Created] (AIRAVATA-2297) Upgrade PHPMailer to >= 5.2.20 to address CVE-2016-10045

Reply via email to