FEDORA-2017-f838eb0c5e created by monnerat 4 years ago for Fedora 25
stable

Update to 5.2.24: fixes XSS vulnerability CVE-2017-11503.

How to install

sudo dnf upgrade --advisory=FEDORA-2017-f838eb0c5e

This update has been submitted for testing by monnerat.

4 years ago
User Icon anonymous commented & provided feedback 4 years ago

Thanks for the patch! Since You seem to be in the know: the release notes state 'There was also an undisclosed potential XSS vulnerability in the default exception handler (unused by default)'...does this mean the default exception handler is not used by default? Is 'default exception handler' just a name here?

User Icon monnerat commented & provided feedback 4 years ago

As I am only the packager for Fedora, please contact upstream for security-related questions. ... and please login and leave karma here if you are happy with the release. Thank you!

User Icon anonymous commented & provided feedback 4 years ago

"Thanks for the patch!" was referring to the patch for both XSS issues someone with a name similar to Yours submitted to PHPMailer, sorry for the confusion. Can't really test Fedora environments. The question was meant to be a more general one and I chose the wrong means of communication. Cheers!

This update has been pushed to testing.

4 years ago
User Icon robbinespu commented & provided feedback 4 years ago
karma

Thank for patch.

BZ#1474418 CVE-2017-11503 php-PHPMailer: phpmailer: XSS in code_generator.php [fedora-all]

This update has been submitted for stable by bodhi.

4 years ago

This update has been pushed to stable.

4 years ago

Please login to add feedback.

Metadata
Type
security
Karma
1
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
1
Stable by Time
disabled
Dates
submitted
4 years ago
in testing
4 years ago
in stable
4 years ago
BZ#1474418 CVE-2017-11503 php-PHPMailer: phpmailer: XSS in code_generator.php [fedora-all]
0
1

Automated Test Results