feel free to keep it strictly simple...

news around LEPTON

lib_phpmailer: security fix

27.07.2017
news around LEPTON >> en

There had been a security fix in current lib_phpmailer for LEPTON 2-series.

Please download and install current package.

 

Information from phpmailer github site:

 

  • SECURITY Fix XSS vulnerability in one of the code examples, CVE-2017-11503. The code_generator.phps example did not filter user input prior to output. This file is distributed with a .phps extension, so it it not normally executable unless it is explicitly renamed, so it is safe by default. There was also an undisclosed potential XSS vulnerability in the default exception handler (unused by default). Patches for both issues kindly provided by Patrick Monnerat of the Fedora Project.
  • Handle bare codes (an RFC contravention) in SMTP server responses
  • Make message timestamps more dynamic - calculate the date separately for each message
  • Include timestamps in HTML-format debug output
  • Improve Turkish, Norwegian, Serbian, Brazilian Portuguese & simplified Chinese translations
  • Correction of Serbian ISO language code from sr to rs
  • Fix matching of multiple entries in Host to match IPv6 literals without breaking port selection (see #1094, caused by a3b4f6b)
  • Better capture and reporting of SMTP connection errors

Back

Latest News

NEW Release LEPTON 7.2.0

14.09.2024

Main task of this release was to rework the access system (groups and...

read more

NEW Release LEPTON 7.1.0

16.02.2024

This version is mostly a maintaining release. It also contains some...

read more

NEW Release LEPTON 7.0.0

02.09.2023

This release has mainly reworked LEPTON files in /account and /backend...

read more

Subscribe now latest news via RSS-Feed
rss-feed