-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Package : libphp-phpmailer Version : 5.1-1.3+deb7u1 CVE ID : CVE-2017-5223 Debian Bug : #853232
It was discovered that there was a local file disclosure vulnerability in libphp-phpmailer, a email transfer class for PHP, where insufficient parsing of HTML messages could potentially be used by attacker to read a local file. For Debian 7 "Wheezy", this issue has been fixed in libphp-phpmailer version 5.1-1.3+deb7u1. We recommend that you upgrade your libphp-phpmailer packages. Regards, - -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `- -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAliYOsMACgkQHpU+J9Qx HlhV4BAAoiPxzEcuo/886pJcR8ogmVvVCK5CBviEne259wRsSG7N2cZFuY8oYhY/ MhV+24YM0eNkclxk7KlHASRMXgsm1I+ocfpdbqFIiTDohDYBxx2R/KvwW2ohCqMK 4Z/QrbFVib+P9ZDkanqBUk+6uq5QfUEbUzcvC150Y4odIKC6h0F4lrfkoGgR2Kcp CjoFmE8Dgdta0OS3n0XH+sYGBJJXFr02n0UsRHgM6rsjC6w6tK0TmbO9ZE+uiDqX nS/A+M3pXxX6kaXZg4hPVTdxgIILztix347BgsTeIwotxd0bmysmirqXJfYA/fqy pLb4Ps6rk3CAM0dviss9vWhd4Si9iT0HsaF3hQZFM8T+lOg3hSFnzfSlZCp3HHUw koD0jLOcVWNjaeF6iF19mr6w0Gbgm4RJP/vw2uKoCflw4C8QvQVKYj1ecabXKN6b urZHRiWGa6nu16EnIf9EJ1SUf7RhpABaGCg9Jd3Mhl5zS2n20uSTb9ktzkRbCAhG PZ8nJdjpjwaerZeRt3G3nveW25LdPMQcAuNCgQL0xAWFhoGtckMjqPDdrV4lm8yC x2kvbnVDFGbXqK2foin7p8s9AgG6PisTgOuy2BwVf3YzjkFx3LrMG+W9xt403XXJ WuuF2ylc7NgeqclpWXHAP+E8B2lELMYgWeuOY6DTmjuH/8NvPAk= =yOg7 -----END PGP SIGNATURE-----