[jira] [Resolved] (AIRAVATA-2297) Upgrade PHPMailer to >= 5.2.20 to address CVE-2016-10045

Marcus Christie (JIRA) Tue, 25 Apr 2017 12:29:16 -0700

     [ 
https://issues.apache.org/jira/browse/AIRAVATA-2297?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Marcus Christie resolved AIRAVATA-2297.
---------------------------------------
    Resolution: Fixed

> Upgrade PHPMailer to >= 5.2.20 to address CVE-2016-10045
> --------------------------------------------------------
>
>                 Key: AIRAVATA-2297
>                 URL: https://issues.apache.org/jira/browse/AIRAVATA-2297
>             Project: Airavata
>          Issue Type: Bug
>          Components: PGA PHP Web Gateway
>            Reporter: Marcus Christie
>            Assignee: Marcus Christie
>            Priority: Critical
>             Fix For: 0.17
>
>
> PGA uses [PHPMailer version 
> 5.2.13|https://github.com/apache/airavata-php-gateway/blob/8a7330c205d9e37bf8fbf9a062bdcf24d44d95c1/composer.json#L9].
>  Looks like a new release, [5.2.20| 
> https://github.com/PHPMailer/PHPMailer/releases/tag/v5.2.20], fixes the 
> security exploit mentioned in [this security 
> bulletin|https://legalhackers.com/advisories/PHPMailer-Exploit-Remote-Code-Exec-CVE-2016-10045-Vuln-Patch-Bypass.html].



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Resolved] (AIRAVATA-2297) Upgrade PHPMailer to >= 5.2.20 to address CVE-2016-10045

Reply via email to