Read Time:38 Second

FEDORA-2023-f2be748f28

Packages in this update:

php-phpmailer6-6.8.1-1.fc37

Update description:

Minor security note

The DSN support added in 6.8.0 reflects the DSN back to the user in an error message if it is invalid. If a DSN uses user-supplied input (a very bad idea), it opens a distant possibility of XSS if the host app does not escape output. In an abundance of caution, malformed DSNs are no longer reflected in error messages.

Changes

Don’t reflect malformed DSNs in error messages to avert any risk of XSS
Improve Simplified Chinese, Sinhalese, and Norwegian translations
Don’t use setAccessible in PHP >= 8.1 in tests
Avoid a deprecation notice in PHP 8.3
Fix link in readme

Cyber Security News

php-phpmailer6-6.8.1-1.fc37

FEDORA-2023-f2be748f28

Packages in this update:

Update description:

News, Advisories and much more