View Issue Details

IDProjectCategoryView StatusLast Update
0028821mantisbtsecuritypublic2021-06-17 12:40
Reporterdregad Assigned Todregad  
PrioritynormalSeveritymajorReproducibilityN/A
Status closedResolutionfixed 
Product Version2.25.0 
Target Version2.25.2Fixed in Version2.25.2 
Summary0028821: Update PHPMailer to 6.5.0
Description

PHPMailer 6.5.0 is a security release, fixing.

  • CVE-2021-34551, a complex RCE affecting Windows hosts.
  • CVE-2021-3603 that may permit untrusted code to be run from an address validator.

See https://github.com/PHPMailer/PHPMailer/blob/HEAD/SECURITY.md for details.

PR: https://github.com/mantisbt/mantisbt/pull/1759

TagsNo tags attached.

Relationships

related to 0028530 closeddregad Update PHPMailer to 6.4.1 (fixes CVE-2020-36326) 

Activities

There are no notes attached to this issue.

Related Changesets

MantisBT: master-2.25 d092e648

2021-06-16 21:09:08

dependabot[bot]


Committer: dregad Details Diff
Bump phpmailer/phpmailer from 6.4.1 to 6.5.0

Bumps [phpmailer/phpmailer](https://github.com/PHPMailer/PHPMailer) from 6.4.1 to 6.5.0.
- [Release notes](https://github.com/PHPMailer/PHPMailer/releases)
- [Changelog](https://github.com/PHPMailer/PHPMailer/blob/master/changelog.md)
- [Commits](https://github.com/PHPMailer/PHPMailer/compare/v6.4.1...v6.5.0)

---
updated-dependencies:
- dependency-name: phpmailer/phpmailer
dependency-type: direct:production
update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Fixes 0028821, PR https://github.com/mantisbt/mantisbt/pull/1759
Affected Issues
0028821
mod - composer.lock Diff File