feel free to keep it strictly simple...

left-image

 

rss-feedSubscribe now latest news via RSS-Feed

 

news around LEPTON

lib_phpmailer: security fix

27.07.2017
news around LEPTON >> en

There had been a security fix in current lib_phpmailer for LEPTON 2-series.

Please download and install current package.

 

Information from phpmailer github site:

 

  • SECURITY Fix XSS vulnerability in one of the code examples, CVE-2017-11503. The code_generator.phps example did not filter user input prior to output. This file is distributed with a .phps extension, so it it not normally executable unless it is explicitly renamed, so it is safe by default. There was also an undisclosed potential XSS vulnerability in the default exception handler (unused by default). Patches for both issues kindly provided by Patrick Monnerat of the Fedora Project.
  • Handle bare codes (an RFC contravention) in SMTP server responses
  • Make message timestamps more dynamic - calculate the date separately for each message
  • Include timestamps in HTML-format debug output
  • Improve Turkish, Norwegian, Serbian, Brazilian Portuguese & simplified Chinese translations
  • Correction of Serbian ISO language code from sr to rs
  • Fix matching of multiple entries in Host to match IPv6 literals without breaking port selection (see #1094, caused by a3b4f6b)
  • Better capture and reporting of SMTP connection errors

Back

Newsticker +++

Update: LEPTON 3.0.1

[ 10/07/2017 ] After fixing some bugs we are happy to release LEPTON 3.0.1 as Stable...

[ more ]


NEW: LEPTON 3.0.0

[ 08/14/2017 ] After more than another 130 commits we are happy to release LEPTON 3.0.0 as...

[ more ]


lib_phpmailer: security fix

[ 07/27/2017 ] There had been a security fix in current lib_phpmailer for LEPTON...

[ more ]


NEW: LEPTON 3.0.0-RC1

[ 07/04/2017 ] We are happy to release LEPTON 3.0.0 as Release Candidate 1 today. We have...

[ more ]