November 22, 2009

Debian Security Advisory 1938 php-mail - programming error

Article Source Debian Security Advisories
November 22, 2009, 4:00 pm

It was discovered that php-mail, a PHP PEAR module for sending email, has insufficient input sanitising, which might be used to obtain sensitive data from the system that uses php-mail.

For the oldstable distribution (etch), this problem has been fixed in version 1.1.6-2+etch1.

For the stable distribution (lenny), this problem has been fixed in version 1.1.14-1+lenny1.

For the testing distribution (squeeze), this problem will be fixed soon...

Read More

Click Here!