Summary: | [TRACKER] Remote code execution through embedded dev-php/PHPMailer (CVE-2016-{10033,10045}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Thomas Deutschmann (RETIRED) <whissi> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | Keywords: | Tracker |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
See Also: |
https://bugs.gentoo.org/show_bug.cgi?id=603750 https://bugs.gentoo.org/show_bug.cgi?id=603972 |
||
Whiteboard: | |||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 603754, 603756, 603758, 603760, 603764, 603766 | ||
Bug Blocks: |
Description
Thomas Deutschmann (RETIRED)
2016-12-26 13:14:53 UTC
I am the maintainer of joomla. It is unknown whether joomla has bundled an affected version of PHPMailer. Please remove joomla from portage until further notice. Please, no comments in the tracker. Feel free to post any questions/concerns in the bug of your package. First fix was incomplete, see bug 603972 aka CVE-2016-10045. |