Your message dated Fri, 30 Dec 2016 12:19:02 +0000 with message-id <e1cmw9g-000cmb...@fasolo.debian.org> and subject line Bug#849365: fixed in libphp-phpmailer 5.2.14+dfsg-2.1 has caused the Debian Bug report #849365, regarding libphp-phpmailer: CVE-2016-10033 to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 849365: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=849365 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Source: libphp-phpmailer Version: 5.2.9+dfsg-2 Severity: grave Tags: security upstream Justification: user security hole Hi, the following vulnerability was published for libphp-phpmailer. CVE-2016-10033[0]: remote code execution Details though at the point of writing this bugreport are not yet available. It is fixed in the new upstream version 5.2.18. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2016-10033 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10033 Please adjust the affected versions in the BTS as needed. Regards, Salvatore
--- End Message ---
--- Begin Message ---Source: libphp-phpmailer Source-Version: 5.2.14+dfsg-2.1 We believe that the bug you reported is fixed in the latest version of libphp-phpmailer, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 849...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Thijs Kinkhorst <th...@debian.org> (supplier of updated libphp-phpmailer package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Fri, 30 Dec 2016 11:22:28 +0000 Source: libphp-phpmailer Binary: libphp-phpmailer Architecture: source all Version: 5.2.14+dfsg-2.1 Distribution: unstable Urgency: high Maintainer: Debian PHP PEAR Maintainers <pkg-php-p...@lists.alioth.debian.org> Changed-By: Thijs Kinkhorst <th...@debian.org> Description: libphp-phpmailer - full featured email transfer class for PHP Closes: 849365 Changes: libphp-phpmailer (5.2.14+dfsg-2.1) unstable; urgency=high . * Non-maintainer upload by the Security Team. * Fix CVE-2016-10033 (and CVE-2016-10045): apply commits 4835657c 9743ff5c 833c35fe from upstream. Closes: #849365. Checksums-Sha1: df5692fde82a79d13099b6a98bed3b2c3c7df035 1725 libphp-phpmailer_5.2.14+dfsg-2.1.dsc 9377456502201ad9726ca3380085989b403d0a32 8376 libphp-phpmailer_5.2.14+dfsg-2.1.debian.tar.xz 21787b4f76e05cc9fcccb13c44fbcacd6f88c26e 146990 libphp-phpmailer_5.2.14+dfsg-2.1_all.deb 1fa767c9ca5d65243265c9e73f83fc8bdf4b5ed9 5448 libphp-phpmailer_5.2.14+dfsg-2.1_amd64.buildinfo Checksums-Sha256: 41896a97b246e3802e3feb1794e6408985dbb93461b1a2210dde4c50c5b40887 1725 libphp-phpmailer_5.2.14+dfsg-2.1.dsc 2baeddfecc1d58c5fa145df86f3934a54f3b770b57f5322f225c211ddb21ac53 8376 libphp-phpmailer_5.2.14+dfsg-2.1.debian.tar.xz ee7d6edceaab0e492c24e813e020bea57d70fc562df982686f3039f99fc97243 146990 libphp-phpmailer_5.2.14+dfsg-2.1_all.deb 91af522e6479ef466562777f1e3498f95e6b94d74259d0ab803b81a891a47a68 5448 libphp-phpmailer_5.2.14+dfsg-2.1_amd64.buildinfo Files: 17c85cb076d7c537cc74832345bd59f8 1725 php optional libphp-phpmailer_5.2.14+dfsg-2.1.dsc 1083c3c296bc7d14467fadb38d685737 8376 php optional libphp-phpmailer_5.2.14+dfsg-2.1.debian.tar.xz 24ff78c1b9bbf205e38ff0ec7d39f234 146990 php optional libphp-phpmailer_5.2.14+dfsg-2.1_all.deb d19f70cf7582391ee9b584ef71600aef 5448 php optional libphp-phpmailer_5.2.14+dfsg-2.1_amd64.buildinfo -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEcBAEBCAAGBQJYZk4BAAoJEFb2GnlAHawETXAH/A966SYswH+JzvJEum6quLRV wz5zIaGgoVu2E5Jh5y9r3JdgZGwmwsC8faPbHF4O27uoX1ko4QPn+wqhivpu3UCA 03KNHV2/ABkK/T3QdjVbtJkJo/5nf1pL3Ktcop+jiGmyUMSO5Op8e0PI4gxbOdjf IhXXmfZ/bfzcWMBjOwmQkIG2rnfQkl58RzJBdaeh5xH6VFPAEZC7SjFS+nQBYjlc d/fp8iFflDUi9Vy4KEqw0+JMqcTBX/2rpRpeK98rrIk6zlhxD0lG+fWbEMNKl1Pn 8XHeIgXg3dtx9SjYISobc3auL/XV16leUHqH/BL1L4mF4ci2gYqwRihtatwgEdg= =/cAe -----END PGP SIGNATURE-----
--- End Message ---
