Advisories ยป MGASA-2017-0322

Updated apache-commons-email packages fix security vulnerability

Publication date: 01 Sep 2017
Modification date: 01 Sep 2017
Type: security
Affected Mageia releases : 5 , 6
CVE: CVE-2017-9801

Description

In apache-commons-email before 1.5, when a call-site passes a subject
for an email that contains line-breaks, the caller can add arbitrary
SMTP headers (CVE-2017-9801).
                

References

SRPMS

5/core

6/core