diff options
| author | Andrew Dolgov <[email protected]> | 2021-05-14 13:28:50 +0300 |
|---|---|---|
| committer | Andrew Dolgov <[email protected]> | 2021-05-14 13:28:50 +0300 |
| commit | 89f07409b1e95f167d9a4609c46329f481068d02 (patch) | |
| tree | e0af6df164dd1fa1cb60f62a6683d8f3f3766246 | |
| parent | e5e76d233fb632cb2928eae125c6e45c488fdf89 (diff) | |
bump phpmailer to 6.4.1
| -rw-r--r-- | composer.json | 2 | ||||
| -rw-r--r-- | composer.lock | 16 | ||||
| -rw-r--r-- | vendor/composer/InstalledVersions.php | 10 | ||||
| -rw-r--r-- | vendor/composer/installed.json | 16 | ||||
| -rw-r--r-- | vendor/composer/installed.php | 10 | ||||
| -rw-r--r-- | vendor/phpmailer/phpmailer/README.md | 16 | ||||
| -rw-r--r-- | vendor/phpmailer/phpmailer/SECURITY.md | 4 | ||||
| -rw-r--r-- | vendor/phpmailer/phpmailer/VERSION | 2 | ||||
| -rw-r--r-- | vendor/phpmailer/phpmailer/composer.json | 8 | ||||
| -rw-r--r-- | vendor/phpmailer/phpmailer/get_oauth_token.php | 8 | ||||
| -rw-r--r-- | vendor/phpmailer/phpmailer/language/phpmailer.lang-uk.php | 4 | ||||
| -rw-r--r-- | vendor/phpmailer/phpmailer/src/PHPMailer.php | 51 | ||||
| -rw-r--r-- | vendor/phpmailer/phpmailer/src/POP3.php | 2 | ||||
| -rw-r--r-- | vendor/phpmailer/phpmailer/src/SMTP.php | 4 |
14 files changed, 92 insertions, 61 deletions
diff --git a/composer.json b/composer.json index 8f8ff09..79d77c4 100644 --- a/composer.json +++ b/composer.json @@ -1,5 +1,5 @@ { "require": { - "phpmailer/phpmailer": "^6.3" + "phpmailer/phpmailer": "^6.4" } } diff --git a/composer.lock b/composer.lock index d137db4..336a391 100644 --- a/composer.lock +++ b/composer.lock @@ -4,20 +4,20 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies", "This file is @generated automatically" ], - "content-hash": "b2689d5674c85bc3fe831b10221d0072", + "content-hash": "d01b4a542231b112db557e6b7e5a5121", "packages": [ { "name": "phpmailer/phpmailer", - "version": "v6.3.0", + "version": "v6.4.1", "source": { "type": "git", "url": "https://github.com/PHPMailer/PHPMailer.git", - "reference": "4a08cf4cdd2c38d12ee2b9fa69e5d235f37a6dcb" + "reference": "9256f12d8fb0cd0500f93b19e18c356906cbed3d" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/PHPMailer/PHPMailer/zipball/4a08cf4cdd2c38d12ee2b9fa69e5d235f37a6dcb", - "reference": "4a08cf4cdd2c38d12ee2b9fa69e5d235f37a6dcb", + "url": "https://api.github.com/repos/PHPMailer/PHPMailer/zipball/9256f12d8fb0cd0500f93b19e18c356906cbed3d", + "reference": "9256f12d8fb0cd0500f93b19e18c356906cbed3d", "shasum": "" }, "require": { @@ -35,7 +35,7 @@ "yoast/phpunit-polyfills": "^0.2.0" }, "suggest": { - "ext-mbstring": "Needed to send email in multibyte encoding charset", + "ext-mbstring": "Needed to send email in multibyte encoding charset or decode encoded addresses", "hayageek/oauth2-yahoo": "Needed for Yahoo XOAUTH2 authentication", "league/oauth2-google": "Needed for Google XOAUTH2 authentication", "psr/log": "For optional PSR-3 debug logging", @@ -72,7 +72,7 @@ "description": "PHPMailer is a full-featured email creation and transfer class for PHP", "support": { "issues": "https://github.com/PHPMailer/PHPMailer/issues", - "source": "https://github.com/PHPMailer/PHPMailer/tree/v6.3.0" + "source": "https://github.com/PHPMailer/PHPMailer/tree/v6.4.1" }, "funding": [ { @@ -80,7 +80,7 @@ "type": "github" } ], - "time": "2021-02-19T15:28:08+00:00" + "time": "2021-04-29T12:25:04+00:00" } ], "packages-dev": [], diff --git a/vendor/composer/InstalledVersions.php b/vendor/composer/InstalledVersions.php index 6d41c6a..784e448 100644 --- a/vendor/composer/InstalledVersions.php +++ b/vendor/composer/InstalledVersions.php @@ -30,7 +30,7 @@ private static $installed = array ( 'aliases' => array ( ), - 'reference' => '1f9daa1b78be226505949e32984e3b167c4963a5', + 'reference' => 'e5e76d233fb632cb2928eae125c6e45c488fdf89', 'dev-requirement' => true, 'name' => '__root__', ), @@ -43,17 +43,17 @@ private static $installed = array ( 'aliases' => array ( ), - 'reference' => '1f9daa1b78be226505949e32984e3b167c4963a5', + 'reference' => 'e5e76d233fb632cb2928eae125c6e45c488fdf89', 'dev-requirement' => false, ), 'phpmailer/phpmailer' => array ( - 'pretty_version' => 'v6.3.0', - 'version' => '6.3.0.0', + 'pretty_version' => 'v6.4.1', + 'version' => '6.4.1.0', 'aliases' => array ( ), - 'reference' => '4a08cf4cdd2c38d12ee2b9fa69e5d235f37a6dcb', + 'reference' => '9256f12d8fb0cd0500f93b19e18c356906cbed3d', 'dev-requirement' => false, ), ), diff --git a/vendor/composer/installed.json b/vendor/composer/installed.json index 844f428..2ba2179 100644 --- a/vendor/composer/installed.json +++ b/vendor/composer/installed.json @@ -2,17 +2,17 @@ "packages": [ { "name": "phpmailer/phpmailer", - "version": "v6.3.0", - "version_normalized": "6.3.0.0", + "version": "v6.4.1", + "version_normalized": "6.4.1.0", "source": { "type": "git", "url": "https://github.com/PHPMailer/PHPMailer.git", - "reference": "4a08cf4cdd2c38d12ee2b9fa69e5d235f37a6dcb" + "reference": "9256f12d8fb0cd0500f93b19e18c356906cbed3d" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/PHPMailer/PHPMailer/zipball/4a08cf4cdd2c38d12ee2b9fa69e5d235f37a6dcb", - "reference": "4a08cf4cdd2c38d12ee2b9fa69e5d235f37a6dcb", + "url": "https://api.github.com/repos/PHPMailer/PHPMailer/zipball/9256f12d8fb0cd0500f93b19e18c356906cbed3d", + "reference": "9256f12d8fb0cd0500f93b19e18c356906cbed3d", "shasum": "" }, "require": { @@ -30,14 +30,14 @@ "yoast/phpunit-polyfills": "^0.2.0" }, "suggest": { - "ext-mbstring": "Needed to send email in multibyte encoding charset", + "ext-mbstring": "Needed to send email in multibyte encoding charset or decode encoded addresses", "hayageek/oauth2-yahoo": "Needed for Yahoo XOAUTH2 authentication", "league/oauth2-google": "Needed for Google XOAUTH2 authentication", "psr/log": "For optional PSR-3 debug logging", "stevenmaguire/oauth2-microsoft": "Needed for Microsoft XOAUTH2 authentication", "symfony/polyfill-mbstring": "To support UTF-8 if the Mbstring PHP extension is not enabled (^1.2)" }, - "time": "2021-02-19T15:28:08+00:00", + "time": "2021-04-29T12:25:04+00:00", "type": "library", "installation-source": "dist", "autoload": { @@ -69,7 +69,7 @@ "description": "PHPMailer is a full-featured email creation and transfer class for PHP", "support": { "issues": "https://github.com/PHPMailer/PHPMailer/issues", - "source": "https://github.com/PHPMailer/PHPMailer/tree/v6.3.0" + "source": "https://github.com/PHPMailer/PHPMailer/tree/v6.4.1" }, "funding": [ { diff --git a/vendor/composer/installed.php b/vendor/composer/installed.php index 89a5506..517cc5e 100644 --- a/vendor/composer/installed.php +++ b/vendor/composer/installed.php @@ -6,7 +6,7 @@ 'aliases' => array ( ), - 'reference' => '1f9daa1b78be226505949e32984e3b167c4963a5', + 'reference' => 'e5e76d233fb632cb2928eae125c6e45c488fdf89', 'dev-requirement' => true, 'name' => '__root__', ), @@ -19,17 +19,17 @@ 'aliases' => array ( ), - 'reference' => '1f9daa1b78be226505949e32984e3b167c4963a5', + 'reference' => 'e5e76d233fb632cb2928eae125c6e45c488fdf89', 'dev-requirement' => false, ), 'phpmailer/phpmailer' => array ( - 'pretty_version' => 'v6.3.0', - 'version' => '6.3.0.0', + 'pretty_version' => 'v6.4.1', + 'version' => '6.4.1.0', 'aliases' => array ( ), - 'reference' => '4a08cf4cdd2c38d12ee2b9fa69e5d235f37a6dcb', + 'reference' => '9256f12d8fb0cd0500f93b19e18c356906cbed3d', 'dev-requirement' => false, ), ), diff --git a/vendor/phpmailer/phpmailer/README.md b/vendor/phpmailer/phpmailer/README.md index 45da2ec..fa27d2f 100644 --- a/vendor/phpmailer/phpmailer/README.md +++ b/vendor/phpmailer/phpmailer/README.md @@ -2,7 +2,7 @@ # PHPMailer – A full-featured email creation and transfer class for PHP -[](https://github.com/PHPMailer/PHPMailer/actions) [](https://packagist.org/packages/phpmailer/phpmailer) [](https://packagist.org/packages/phpmailer/phpmailer) [](https://packagist.org/packages/phpmailer/phpmailer) [](https://packagist.org/packages/phpmailer/phpmailer) [](https://phpmailer.github.io/PHPMailer/) +[](https://github.com/PHPMailer/PHPMailer/actions) [](https://packagist.org/packages/phpmailer/phpmailer) [](https://packagist.org/packages/phpmailer/phpmailer) [](https://packagist.org/packages/phpmailer/phpmailer) [](https://phpmailer.github.io/PHPMailer/) ## Features - Probably the world's most popular code for sending email from PHP! @@ -142,7 +142,7 @@ PHPMailer defaults to English, but in the [language](https://github.com/PHPMaile $mail->setLanguage('fr', '/optional/path/to/language/directory/'); ``` -We welcome corrections and new languages – if you're looking for corrections to do, run the [PHPMailerLangTest.php](https://github.com/PHPMailer/PHPMailer/tree/master/test/PHPMailerLangTest.php) script in the tests folder and it will show any missing translations. +We welcome corrections and new languages – if you're looking for corrections, run the [PHPMailerLangTest.php](https://github.com/PHPMailer/PHPMailer/tree/master/test/PHPMailerLangTest.php) script in the tests folder and it will show any missing translations. ## Documentation Start reading at the [GitHub wiki](https://github.com/PHPMailer/PHPMailer/wiki). If you're having trouble, head for [the troubleshooting guide](https://github.com/PHPMailer/PHPMailer/wiki/Troubleshooting) as it's frequently updated. @@ -185,12 +185,20 @@ git remote set-url upstream https://github.com/PHPMailer/PHPMailer.git Please *don't* use the SourceForge or Google Code projects any more; they are obsolete and no longer maintained. ## Sponsorship -Development time and resources for PHPMailer are provided by [Smartmessages.net](https://info.smartmessages.net/), the world's only privacy-first email marketing system. +Development time and resources for PHPMailer are provided by [Smartmessages.net](https://info.smartmessages.net/), the world's only privacy-first email marketing system. <a href="https://info.smartmessages.net/"><img src="https://www.smartmessages.net/img/smartmessages-logo.svg" width="550" alt="Smartmessages.net privacy-first email marketing logo"></a> +Donations are very welcome, whether in beer 🍺, T-shirts 👕, or cold, hard cash 💰. Sponsorship through GitHub is a simple and convenient way to say "thank you" to PHPMailer's maintainers and contributors – just click the "Sponsor" button [on the project page](https://github.com/PHPMailer/PHPMailer). If your company uses PHPMailer, consider taking part in Tidelift's enterprise support programme. -Contributions are very welcome, whether in beer 🍺, T-shirts 👕, or cold, hard cash 💰. Sponsorship through GitHub is a simple and convenient way to say "thank you" to PHPMailer's maintainers and contributors – just click the "Sponsor" button [on the project page](https://github.com/PHPMailer/PHPMailer). +## PHPMailer For Enterprise + +Available as part of the Tidelift Subscription. + +The maintainers of PHPMailer and thousands of other packages are working with Tidelift to deliver commercial +support and maintenance for the open source packages you use to build your applications. Save time, reduce risk, and +improve code health, while paying the maintainers of the exact packages you +use. [Learn more.](https://tidelift.com/subscription/pkg/packagist-phpmailer-phpmailer?utm_source=packagist-phpmailer-phpmailer&utm_medium=referral&utm_campaign=enterprise&utm_term=repo) ## Changelog See [changelog](changelog.md). diff --git a/vendor/phpmailer/phpmailer/SECURITY.md b/vendor/phpmailer/phpmailer/SECURITY.md index fc3e61c..5a6a8f4 100644 --- a/vendor/phpmailer/phpmailer/SECURITY.md +++ b/vendor/phpmailer/phpmailer/SECURITY.md @@ -1,6 +1,8 @@ # Security notices relating to PHPMailer -Please disclose any vulnerabilities found responsibly - report any security problems found to the maintainers privately. +Please disclose any security issues or vulnerabilities found through [Tidelift's coordinated disclosure system](https://tidelift.com/security) or to the maintainers privately. + +PHPMailer versions between 6.1.8 and 6.4.0 contain a regression of the earlier CVE-2018-19296 object injection vulnerability as a result of [a fix for Windows UNC paths in 6.1.8](https://github.com/PHPMailer/PHPMailer/commit/e2e07a355ee8ff36aba21d0242c5950c56e4c6f9). Recorded as [CVE-2020-36326](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-36326). Reported by Fariskhi Vidyan via Tidelift. 6.4.1 fixes this issue, and also enforces stricter checks for URL schemes in local path contexts. PHPMailer versions 6.1.5 and earlier contain an output escaping bug that occurs in `Content-Type` and `Content-Disposition` when filenames passed into `addAttachment` and other methods that accept attachment names contain double quote characters, in contravention of RFC822 3.4.1. No specific vulnerability has been found relating to this, but it could allow file attachments to bypass attachment filters that are based on matching filename extensions. Recorded as [CVE-2020-13625](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-13625). Reported by Elar Lang of Clarified Security. diff --git a/vendor/phpmailer/phpmailer/VERSION b/vendor/phpmailer/phpmailer/VERSION index e7e42a4..306894a 100644 --- a/vendor/phpmailer/phpmailer/VERSION +++ b/vendor/phpmailer/phpmailer/VERSION @@ -1 +1 @@ -6.3.0
\ No newline at end of file +6.4.1
\ No newline at end of file diff --git a/vendor/phpmailer/phpmailer/composer.json b/vendor/phpmailer/phpmailer/composer.json index 7388bd9..58393b2 100644 --- a/vendor/phpmailer/phpmailer/composer.json +++ b/vendor/phpmailer/phpmailer/composer.json @@ -40,7 +40,7 @@ "yoast/phpunit-polyfills": "^0.2.0" }, "suggest": { - "ext-mbstring": "Needed to send email in multibyte encoding charset", + "ext-mbstring": "Needed to send email in multibyte encoding charset or decode encoded addresses", "hayageek/oauth2-yahoo": "Needed for Yahoo XOAUTH2 authentication", "league/oauth2-google": "Needed for Google XOAUTH2 authentication", "psr/log": "For optional PSR-3 debug logging", @@ -57,5 +57,9 @@ "PHPMailer\\Test\\": "test/" } }, - "license": "LGPL-2.1-only" + "license": "LGPL-2.1-only", + "scripts": { + "check": "./vendor/bin/phpcs", + "test": "./vendor/bin/phpunit" + } } diff --git a/vendor/phpmailer/phpmailer/get_oauth_token.php b/vendor/phpmailer/phpmailer/get_oauth_token.php index ad8c5a6..befdc34 100644 --- a/vendor/phpmailer/phpmailer/get_oauth_token.php +++ b/vendor/phpmailer/phpmailer/get_oauth_token.php @@ -48,10 +48,10 @@ use Stevenmaguire\OAuth2\Client\Provider\Microsoft; if (!isset($_GET['code']) && !isset($_GET['provider'])) { ?> <html> -<body>Select Provider:<br/> -<a href='?provider=Google'>Google</a><br/> -<a href='?provider=Yahoo'>Yahoo</a><br/> -<a href='?provider=Microsoft'>Microsoft/Outlook/Hotmail/Live/Office365</a><br/> +<body>Select Provider:<br> +<a href='?provider=Google'>Google</a><br> +<a href='?provider=Yahoo'>Yahoo</a><br> +<a href='?provider=Microsoft'>Microsoft/Outlook/Hotmail/Live/Office365</a><br> </body> </html> <?php diff --git a/vendor/phpmailer/phpmailer/language/phpmailer.lang-uk.php b/vendor/phpmailer/phpmailer/language/phpmailer.lang-uk.php index 9fa60cf..3dea055 100644 --- a/vendor/phpmailer/phpmailer/language/phpmailer.lang-uk.php +++ b/vendor/phpmailer/phpmailer/language/phpmailer.lang-uk.php @@ -16,11 +16,11 @@ $PHPMAILER_LANG['file_access'] = 'Немає доступу до фай $PHPMAILER_LANG['file_open'] = 'Помилка файлової системи: не вдається відкрити файл: '; $PHPMAILER_LANG['from_failed'] = 'Невірна адреса відправника: '; $PHPMAILER_LANG['instantiate'] = 'Неможливо запустити функцію mail().'; -$PHPMAILER_LANG['provide_address'] = 'Будь-ласка, введіть хоча б одну email-адресу отримувача.'; +$PHPMAILER_LANG['provide_address'] = 'Будь ласка, введіть хоча б одну email-адресу отримувача.'; $PHPMAILER_LANG['mailer_not_supported'] = ' - поштовий сервер не підтримується.'; $PHPMAILER_LANG['recipients_failed'] = 'Помилка SMTP: не вдалося відправлення для таких отримувачів: '; $PHPMAILER_LANG['empty_message'] = 'Пусте повідомлення'; -$PHPMAILER_LANG['invalid_address'] = 'Не відправлено через невірний формат email-адреси: '; +$PHPMAILER_LANG['invalid_address'] = 'Не відправлено через неправильний формат email-адреси: '; $PHPMAILER_LANG['signing'] = 'Помилка підпису: '; $PHPMAILER_LANG['smtp_connect_failed'] = 'Помилка з\'єднання з SMTP-сервером'; $PHPMAILER_LANG['smtp_error'] = 'Помилка SMTP-сервера: '; diff --git a/vendor/phpmailer/phpmailer/src/PHPMailer.php b/vendor/phpmailer/phpmailer/src/PHPMailer.php index 62553fd..2d16116 100644 --- a/vendor/phpmailer/phpmailer/src/PHPMailer.php +++ b/vendor/phpmailer/phpmailer/src/PHPMailer.php @@ -748,7 +748,7 @@ class PHPMailer * * @var string */ - const VERSION = '6.3.0'; + const VERSION = '6.4.1'; /** * Error severity: message only, continue processing. @@ -1199,7 +1199,11 @@ class PHPMailer ) ) { //Decode the name part if it's present and encoded - if (property_exists($address, 'personal') && preg_match('/^=\?.*\?=$/', $address->personal)) { + if ( + property_exists($address, 'personal') && + extension_loaded('mbstring') && + preg_match('/^=\?.*\?=$/', $address->personal) + ) { $address->personal = mb_decode_mimeheader($address->personal); } @@ -1680,16 +1684,11 @@ class PHPMailer //Sendmail docs: http://www.sendmail.org/~ca/email/man/sendmail.html //Qmail docs: http://www.qmail.org/man/man8/qmail-inject.html //Example problem: https://www.drupal.org/node/1057954 - //CVE-2016-10033, CVE-2016-10045: Don't pass -f if characters will be escaped. - if ('' === $this->Sender) { - $this->Sender = $this->From; - } if (empty($this->Sender) && !empty(ini_get('sendmail_from'))) { //PHP config has a sender address we can use $this->Sender = ini_get('sendmail_from'); } //CVE-2016-10033, CVE-2016-10045: Don't pass -f if characters will be escaped. - //But sendmail requires this param, so fail without it if (!empty($this->Sender) && static::validateAddress($this->Sender) && self::isShellSafe($this->Sender)) { if ($this->Mailer === 'qmail') { $sendmailFmt = '%s -f%s'; @@ -1697,8 +1696,12 @@ class PHPMailer $sendmailFmt = '%s -oi -f%s -t'; } } else { - $this->edebug('Sender address unusable or missing: ' . $this->Sender); - return false; + //allow sendmail to choose a default envelope sender. It may + //seem preferable to force it to use the From header as with + //SMTP, but that introduces new problems (see + //<https://github.com/PHPMailer/PHPMailer/issues/2298>), and + //it has historically worked this way. + $sendmailFmt = '%s -oi -t'; } $sendmail = sprintf($sendmailFmt, escapeshellcmd($this->Sendmail), $this->Sender); @@ -1718,9 +1721,10 @@ class PHPMailer fwrite($mail, $header); fwrite($mail, $body); $result = pclose($mail); + $addrinfo = static::parseAddresses($toAddr); $this->doCallback( ($result === 0), - [$toAddr], + [[$addrinfo['address'], $addrinfo['name']]], $this->cc, $this->bcc, $this->Subject, @@ -1807,7 +1811,8 @@ class PHPMailer */ protected static function isPermittedPath($path) { - return !preg_match('#^[a-z]+://#i', $path); + //Matches scheme definition from https://tools.ietf.org/html/rfc3986#section-3.1 + return !preg_match('#^[a-z][a-z\d+.-]*://#i', $path); } /** @@ -1819,12 +1824,15 @@ class PHPMailer */ protected static function fileIsAccessible($path) { + if (!static::isPermittedPath($path)) { + return false; + } $readable = file_exists($path); //If not a UNC path (expected to start with \\), check read permission, see #2069 if (strpos($path, '\\\\') !== 0) { $readable = $readable && is_readable($path); } - return static::isPermittedPath($path) && $readable; + return $readable; } /** @@ -1858,9 +1866,6 @@ class PHPMailer //Qmail docs: http://www.qmail.org/man/man8/qmail-inject.html //Example problem: https://www.drupal.org/node/1057954 //CVE-2016-10033, CVE-2016-10045: Don't pass -f if characters will be escaped. - if ('' === $this->Sender) { - $this->Sender = $this->From; - } if (empty($this->Sender) && !empty(ini_get('sendmail_from'))) { //PHP config has a sender address we can use $this->Sender = ini_get('sendmail_from'); @@ -1876,7 +1881,17 @@ class PHPMailer if ($this->SingleTo && count($toArr) > 1) { foreach ($toArr as $toAddr) { $result = $this->mailPassthru($toAddr, $this->Subject, $body, $header, $params); - $this->doCallback($result, [$toAddr], $this->cc, $this->bcc, $this->Subject, $body, $this->From, []); + $addrinfo = static::parseAddresses($toAddr); + $this->doCallback( + $result, + [[$addrinfo['address'], $addrinfo['name']]], + $this->cc, + $this->bcc, + $this->Subject, + $body, + $this->From, + [] + ); } } else { $result = $this->mailPassthru($to, $this->Subject, $body, $header, $params); @@ -1965,7 +1980,7 @@ class PHPMailer $isSent = true; } - $callbacks[] = ['issent' => $isSent, 'to' => $to[0]]; + $callbacks[] = ['issent' => $isSent, 'to' => $to[0], 'name' => $to[1]]; } } @@ -1986,7 +2001,7 @@ class PHPMailer foreach ($callbacks as $cb) { $this->doCallback( $cb['issent'], - [$cb['to']], + [[$cb['to'], $cb['name']]], [], [], $this->Subject, diff --git a/vendor/phpmailer/phpmailer/src/POP3.php b/vendor/phpmailer/phpmailer/src/POP3.php index 0c20590..a39f480 100644 --- a/vendor/phpmailer/phpmailer/src/POP3.php +++ b/vendor/phpmailer/phpmailer/src/POP3.php @@ -46,7 +46,7 @@ class POP3 * * @var string */ - const VERSION = '6.3.0'; + const VERSION = '6.4.1'; /** * Default POP3 port number. diff --git a/vendor/phpmailer/phpmailer/src/SMTP.php b/vendor/phpmailer/phpmailer/src/SMTP.php index 68f3aec..0e7f53d 100644 --- a/vendor/phpmailer/phpmailer/src/SMTP.php +++ b/vendor/phpmailer/phpmailer/src/SMTP.php @@ -35,7 +35,7 @@ class SMTP * * @var string */ - const VERSION = '6.3.0'; + const VERSION = '6.4.1'; /** * SMTP line break constant. @@ -553,6 +553,8 @@ class SMTP } //Send encoded username and password if ( + //Format from https://tools.ietf.org/html/rfc4616#section-2 + //We skip the first field (it's forgery), so the string starts with a null byte !$this->sendCommand( 'User & Password', base64_encode("\0" . $username . "\0" . $password), |