-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Package : libphp-phpmailer Version : 5.2.9+dfsg-2+deb8u4 CVE IDs : CVE-2017-5223 CVE-2018-19296
It was discovered that there were two vulnerabilities libphp-phpmailer, an email library for the PHP programming language: * CVE-2017-5223: Local file disclosure vulnerability via relative path HTML transformations. * CVE-2018-19296: Object injection attack. For Debian 8 "Jessie", this issue has been fixed in libphp-phpmailer version 5.2.9+dfsg-2+deb8u4. We recommend that you upgrade your libphp-phpmailer packages. Regards, - -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `- -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAlv3y1IACgkQHpU+J9Qx HliU8BAAtr8bEDPNoCYMmRIa39i/IWQp7cRW3NjF0iP6Kp6mR1/ZLICG1Xfs807B B+S8WkKQPvo9OguBKbFLLKu1HncKkeC49Yc/+9KXI9XlPtquhZ/nLlMAhcAfVv2e Nn67fCQT9Bua7wxtQ9pWZmabQm4WJsa614cTrxSjpmySFPms+S4uU+JlVzrtK0Q5 EheDBsY/f6NqCTThZfC9vy0zckj3P+6LEW6QzWktFVWbwYrcEXzIqtA8MOsMrpH/ PUrAjwP7FKBVXvkzeegVHPESz2AuK22ayFlcG8hzmrI4QyMQefrGgP5VQiLIlZS+ XZyiQFEN7AUDTxtJACmetoE8Ns62Vir+7oPIP6IqefU63CqlXpyHvYd9UlZGQZRy QHqcPLyOP5G5Kb+nnr/SlK7NwhbpqFBtxLLcwrre8ADmfVyycY5HFjWDAz3VieTR puNyC5oQhMA5+Uf/B91QHt8iAAlRVp5pLZcNX+igp1EAVuzCyT3OHnYrMIbSO5w+ USBo5D3Fl3SPJO3q+oisZNBlkw0VEstODGR1CrOg++8RA8GHoKI7eEMgZX/eZHY4 /pHlhH+aRZpRP7rgspOIzeL9eR8lDjaCIZnho4jJhM5GDGkzC+3JzPeZUWidu9VL IG1cPslmAuikfokmo2kq7XDKq0Km3FjPtOc/cllS10s6c2oYPZM= =egV+ -----END PGP SIGNATURE-----