Debian 10263 Published by

Updated libphp-phpmailer packages has been released for Debian 7 LTS



Package : libphp-phpmailer
Version : 5.1-1.3+deb7u1
CVE ID : CVE-2017-5223
Debian Bug : #853232

It was discovered that there was a local file disclosure vulnerability in
libphp-phpmailer, a email transfer class for PHP, where insufficient parsing of
HTML messages could potentially be used by attacker to read a local file.

For Debian 7 "Wheezy", this issue has been fixed in libphp-phpmailer version
5.1-1.3+deb7u1.

We recommend that you upgrade your libphp-phpmailer packages.