Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update to PHPMailer 5.2.21 #13388

Merged
merged 1 commit into from
Dec 29, 2016
Merged

Update to PHPMailer 5.2.21 #13388

merged 1 commit into from
Dec 29, 2016

Conversation

mbabker
Copy link
Contributor

@mbabker mbabker commented Dec 28, 2016
edited
Loading

Summary of Changes

Updates PHPMailer to 5.2.21. Composer is run with 1.3.0 which explains the ClassLoader and timestamp changes.

Testing Instructions

Mail sending works

Documentation Changes Required

N/A

@yvesh
Copy link
Member

yvesh commented Dec 28, 2016

I have tested this item ✅ successfully on 16e7dec

This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/13388.

1 similar comment
@jeckodevelopment
Copy link
Member

I have tested this item ✅ successfully on 16e7dec

This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/13388.

@jeckodevelopment
Copy link
Member

RTC

This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/13388.

@joomla-cms-bot joomla-cms-bot added the RTC This Pull Request is Ready To Commit label Dec 28, 2016
@jeckodevelopment jeckodevelopment added this to the Joomla 3.7.0 milestone Dec 28, 2016
@mbabker mbabker changed the title Update to PHPMailer 5.2.20 Update to PHPMailer 5.2.21 Dec 28, 2016
mbabker
mbabker commented Dec 28, 2016
View reviewed changes
composer.json
@@ -31,7 +31,7 @@
"ircmaxell/password-compat": "1.*",
"leafo/lessphp": "0.5.0",
"paragonie/random_compat": "~1.0",
"phpmailer/phpmailer": "^5.2.18",
"phpmailer/phpmailer": "^5.2.20",
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's fine as is. This declares that any PHPMailer version on the current major series greater than or equal to this one is fine. It'll allow anything >=5.2.20 && <6.0.

@smz
Copy link
Contributor

smz commented Dec 28, 2016

I think this is important enough to justify a quick fix release...

@mbabker
Copy link
Contributor Author

mbabker commented Dec 28, 2016

No, it's not. See https://developer.joomla.org/security-centre/668-20161205-phpmailer-security-advisory.html and associated references.

@Bakual
Copy link
Contributor

Bakual commented Dec 28, 2016
edited
Loading

I think this is important enough to justify a quick fix release...

See https://developer.joomla.org/security-centre/668-20161205-phpmailer-security-advisory.html
No action required for Joomla as the vulnerability isn't useable in core.

edit: Michael was faster 😄

@smz
Copy link
Contributor

smz commented Dec 28, 2016

@mbabker & @Bakual: OK, thanks, I trust your judgement...

@rdeutz rdeutz merged commit c9c2c04 into joomla:staging Dec 29, 2016
@joomla-cms-bot joomla-cms-bot removed the RTC This Pull Request is Ready To Commit label Dec 29, 2016
@mbabker mbabker deleted the phpmailer-5.2.20 branch December 29, 2016 13:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
Composer Dependency Changed
Projects
None yet
Milestone
Joomla 3.7.0
Development

Successfully merging this pull request may close these issues.
7 participants
@mbabker @yvesh @jeckodevelopment @smz @Bakual @rdeutz @joomla-cms-bot