mirror
/
PHPMailer
mirror of https://github.com/PHPMailer/PHPMailer.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Changelog

This commit is contained in:
Marcus Bointon 2021-06-15 20:03:50 +02:00
parent c2f191be6b
commit 1047838e84
No known key found for this signature in database
GPG Key ID: DE31CD6EB646AA24
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
changelog.md
View File

@ -1,6 +1,7 @@
# PHPMailer Change Log
* **SECURITY** Fixes CVE-2021-3603 that may permit untrusted code to be run from an address validator, see SECURITY.md for details
* **SECURITY** Fixes CVE-2021-3603 that may permit untrusted code to be run from an address validator, see [SECURITY.md](SECURITY.md) for details
* The fix for this issue includes a minor BC break: callables injected into `validateAddress`, or indirectly through the `$validator` class property, may no longer be simple strings. If you want to inject your own validator, provide a closure instead of a function name.
## Version 6.4.1 (April 29th, 2021)
* **SECURITY** Fixes CVE-2020-36326, a regression of CVE-2018-19296 object injection introduced in 6.1.8, see SECURITY.md for details