From fcf9cb7ae5c89fb26f5e1afd3feb91a2037e0278 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Arne=20J=C3=B8rgensen?= <arne@arnested.dk>
Date: Fri, 8 Jul 2016 11:09:34 +0200
Subject: [PATCH 1/4] Fix ISO-639-1 code for Danish (#764)

The ISO-639-1 code for Danish is `da` (`dk` is the ISO 3166-1 alpha-2 for Denmark).
---
 class.phpmailer.php                                      | 9 +++++++++
 .../{phpmailer.lang-dk.php => phpmailer.lang-da.php}     | 0
 2 files changed, 9 insertions(+)
 rename language/{phpmailer.lang-dk.php => phpmailer.lang-da.php} (100%)

diff --git a/class.phpmailer.php b/class.phpmailer.php
index f9013ebb..a89b5327 100644
--- a/class.phpmailer.php
+++ b/class.phpmailer.php
@@ -1681,6 +1681,15 @@ class PHPMailer
      */
     public function setLanguage($langcode = 'en', $lang_path = '')
     {
+        // Backwards compatibility for renamed language codes
+        $renamed_langcodes = array(
+            'dk' => 'da',
+        );
+
+        if (isset($renamed_langcodes[$langcode])) {
+            $langcode = $renamed_langcodes[$langcode];
+        }
+
         // Define full set of translatable strings in English
         $PHPMAILER_LANG = array(
             'authenticate' => 'SMTP Error: Could not authenticate.',
diff --git a/language/phpmailer.lang-dk.php b/language/phpmailer.lang-da.php
similarity index 100%
rename from language/phpmailer.lang-dk.php
rename to language/phpmailer.lang-da.php

From 8beacc646acb67c995aea10ac5585970efc7355a Mon Sep 17 00:00:00 2001
From: Marcus Bointon <marcus@synchromedia.co.uk>
Date: Fri, 22 Jul 2016 12:05:21 +0200
Subject: [PATCH 2/4] Add security notices

---
 README.md | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/README.md b/README.md
index 4eeecaf3..6f45a78d 100644
--- a/README.md
+++ b/README.md
@@ -139,6 +139,14 @@ Build status: [![Build Status](https://travis-ci.org/PHPMailer/PHPMailer.svg)](h
 
 If this isn't passing, is there something you can do to help?
 
+## Security
+
+Please follow responsible disclosure - report any security problems found to the maintainers privately.
+
+PHPMailer versions prior to 5.2.14 (released November 2015) are vulnerable to [CVE-2015-8476](https://web.nvd.nist.gov/view/vuln/detail?vulnId=) an SMTP injection bug.
+
+PHPMailer versions prior to 5.2.10 (released May 2015) are vulnerable to [CVE-2008-5619](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5619), a remote code execution vulnerability in the bundled html2text library. This file was removed in 5.2.10, so if you are using a version prior to that and make use of the html2text function, it's vitally important that you upgrade and remove this file.
+
 ## Contributing
 
 Please submit bug reports, suggestions and pull requests to the [GitHub issue tracker](https://github.com/PHPMailer/PHPMailer/issues).

From 134a31892c7009eced10a0a0ec7be570018a1fd9 Mon Sep 17 00:00:00 2001
From: Marcus Bointon <marcus@synchromedia.co.uk>
Date: Fri, 22 Jul 2016 12:35:06 +0200
Subject: [PATCH 3/4] Validate language code

---
 class.phpmailer.php | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/class.phpmailer.php b/class.phpmailer.php
index f9013ebb..ce8aaf31 100644
--- a/class.phpmailer.php
+++ b/class.phpmailer.php
@@ -1707,6 +1707,10 @@ class PHPMailer
             // Calculate an absolute path so it can work if CWD is not here
             $lang_path = dirname(__FILE__). DIRECTORY_SEPARATOR . 'language'. DIRECTORY_SEPARATOR;
         }
+        //Validate $langcode
+        if (!preg_match('/^[a-z]{2}$/', $langcode)) {
+            $langcode = 'en';
+        }
         $foundlang = true;
         $lang_file = $lang_path . 'phpmailer.lang-' . $langcode . '.php';
         // There is no English translation file

From 97b2ea5ab5fd801913cfb2e1ba05249af1a112f3 Mon Sep 17 00:00:00 2001
From: Marcus Bointon <marcus@synchromedia.co.uk>
Date: Fri, 22 Jul 2016 12:43:58 +0200
Subject: [PATCH 4/4] Update security notices

---
 README.md |  6 ++++--
 SECURITY  | 18 ++++++++++++++++++
 2 files changed, 22 insertions(+), 2 deletions(-)
 create mode 100644 SECURITY

diff --git a/README.md b/README.md
index 6f45a78d..c48e0b07 100644
--- a/README.md
+++ b/README.md
@@ -141,12 +141,14 @@ If this isn't passing, is there something you can do to help?
 
 ## Security
 
-Please follow responsible disclosure - report any security problems found to the maintainers privately.
+Please disclose any vulnerabilities found responsibly - report any security problems found to the maintainers privately.
 
-PHPMailer versions prior to 5.2.14 (released November 2015) are vulnerable to [CVE-2015-8476](https://web.nvd.nist.gov/view/vuln/detail?vulnId=) an SMTP injection bug.
+PHPMailer versions prior to 5.2.14 (released November 2015) are vulnerable to [CVE-2015-8476](https://web.nvd.nist.gov/view/vuln/detail?vulnId=) an SMTP CRLF injection bug permitting arbitrary message sending.
 
 PHPMailer versions prior to 5.2.10 (released May 2015) are vulnerable to [CVE-2008-5619](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5619), a remote code execution vulnerability in the bundled html2text library. This file was removed in 5.2.10, so if you are using a version prior to that and make use of the html2text function, it's vitally important that you upgrade and remove this file.
 
+See [SECURITY](https://github.com/PHPMailer/PHPMailer/tree/master/SECURITY) for older security issues.
+
 ## Contributing
 
 Please submit bug reports, suggestions and pull requests to the [GitHub issue tracker](https://github.com/PHPMailer/PHPMailer/issues).
diff --git a/SECURITY b/SECURITY
new file mode 100644
index 00000000..f62b5173
--- /dev/null
+++ b/SECURITY
@@ -0,0 +1,18 @@
+# Security notices relating to PHPMailer
+
+Please disclose any vulnerabilities found responsibly - report any security problems found to the maintainers privately.
+
+PHPMailer versions prior to 5.2.14 (released November 2015) are vulnerable to [CVE-2015-8476](https://web.nvd.nist.gov/view/vuln/detail?vulnId=) an SMTP CRLF injection bug permitting arbitrary message sending.
+
+PHPMailer versions prior to 5.2.10 (released May 2015) are vulnerable to [CVE-2008-5619](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5619), a remote code execution vulnerability in the bundled html2text library. This file was removed in 5.2.10, so if you are using a version prior to that and make use of the html2text function, it's vitally important that you upgrade and remove this file.
+
+PHPMailer versions prior to 2.0.7 and 2.2.1 are vulnerable to [CVE-2012-0796](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0796), an email header injection attack.
+
+Joomla 1.6.0 uses PHPMailer in an unsafe way, allowing it to reveal local file paths, reported in [CVE-2011-3747](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3747).
+
+PHPMailer didn't sanitise the `$lang_path` parameter in `SetLanguage`. This wasn't a problem in itself, but some apps (PHPClassifieds, ATutor) also failed to sanitise user-provided parameters passed to it, permitting semi-arbitrary local file inclusion, reported in [CVE-2010-4914](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4914), [CVE-2007-2021](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-2021) and [CVE-2006-5734](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-5734).
+
+PHPMailer 1.7.2 and earlier contained a possible DDoS vulnerability reported in [CVE-2005-1807](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-1807).
+
+PHPMailer 1.7 and earlier (June 2003) have a possible vulnerability in the `SendmailSend` method where shell commands may not be sanitised. Reported in [CVE-2007-3215](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-3215).
+