Hi,
I recently moved to a new host (A2 Hosting) - they run regular security checks on installed software and sent me a warning email about a code injection vulnerability in phpmailer. I'm running projeqtor 9.2.1. Their patch system (patchman) patched the software.
Received form A2 Hosting
Hello,
As part of our commitment to providing you with a secure hosting environment, we performed an automated scan of your domain(s)
It appears patches are available for application(s) installed in the following path(s):
Code injection vulnerability in PHPMailer
/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/projeqtor/external/PHPMailer/src/PHPMailer.php
If you are working with a development partner, please forward this email on to them as they will be able to take care of the update for you. Otherwise, we will automatically apply the above patches within seven days.
Thanks for sharing this issue with external Library PHPMailer.
Did you have a patch file with the notification ?
If so, could you please post it here ?
We have the opportunity to upgrade the library from V6.0.6 to V6.5.0 but would like to check if this leak is fixed on this version.
Thanks.
Hi,
No, I don't have the patch file - A2 Hosting's patchman system patched it automatically. If it helps, I can send you the patched file - it should be possible to work out the changes using diff.
En poursuivant votre navigation, vous acceptez le dépôt de cookies tiers destinés au bon fonctionnement et à la sécurisation du site (gestion de session, reCaptcha) et à une analyse statistique anonymisée des accès sur notre site (Google Analytics). Si vous vous inscrivez, les informations que vous fournirez ne seront jamais divulguées à un tiers sous quelque forme que ce soit. En savoir plus
Cookies settings
×
Functional Cookies
Ce site utilise des cookies pour assurer son bon fonctionnement et ne peuvent pas être désactivés de nos systèmes. Nous ne les utilisons pas à des fins publicitaires. Si ces cookies sont bloqués, certaines parties du site ne pourront pas fonctionner.
Session
Please login to see yours activities!
Other cookies
Ce site web utilise un certain nombre de cookies pour gérer, par exemple, les sessions utilisateurs.