[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#429191: flyspray phpmailer: not relevant for stable

Hi all,

> A security bug has been discovered in PHPMailer:
> | PHPMailer 1.7, when configured to use sendmail, allows remote
> | attackers to execute arbitrary shell commands via shell metacharacters
> | in the SendmailSend function in class.phpmailer.php
> <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3215>
> <https://sourceforge.net/tracker/index.php?func=detail&aid=1734811&group_id
> Your package contains a copy of PHPMailer.

I've fixed this for unstable since replacing the copy of phpmailer with a 
dependency was a good move anyway. For stable I've checked whether it's 
vulnerable and I believe it's not: the vulnerability is in the SendmailSend() 
function. That requires for the calling code to actually use the sendmail 
method, which Flyspray does not allow in any configuration.

I suppose the security team does not send advisories for insecure code that is 
not called?

As an additional note: sarge is not vulnerable because it doesn't contain a 
copy of the phpmailer class at all.


Reply to: