I recommend all users to replace it with current version from Github.
We build. You grow.
Get best community software hereStart a social network, a fan-site, an education project with oxwall - free opensource community software
Please update phpmailer library | Forum
Alexander Hu
Feb 26 '17
Latest stable version of oxwall still uses old version, which is vulnerable.
Carsten
Feb 28 '17
I'm still new to Oxwall. Ho do you update it ?
I can't seam to figure out where all the files go.
I can't seam to figure out where all the files go.
Alexander Hu
Mar 2 '17
Funny that nobody noticed that...
Seriously, how can you relate to an unfixed project like that?
Proof:
legalhackers.com/advisories/PHPMailer-Exploit-Remote-Code-Exec-CVE-2016-10033-Vuln.html
Bug since last December.
Seriously, how can you relate to an unfixed project like that?
Proof:
legalhackers.com/advisories/PHPMailer-Exploit-Remote-Code-Exec-CVE-2016-10033-Vuln.html
Bug since last December.
Alexander Hu
Mar 8 '17
Sorry, but if you would be able to do it yourself, you wouldn't ask.
There are many other bugs i've already fixed...
OW-Ghost
Mar 8 '17
Sorry, but if you would be able to do it yourself, you wouldn't ask.i confused about how you talking? do you want help or not help?There are many other bugs i've already fixed...
Alexander Hu
Mar 10 '17
What do you want?
A step-by-step tutorial?
Sorry guys, this is basic stuff, not rocket science.
If you can't handle this, you'd better shut down your communities.
I've shown you proof that it's broken, and all you say is: please help to fix this?
Guys, wake up! If you want to run a community, you have the responsibility for the data you handle from your users.
Use Google, educate yourself!
A step-by-step tutorial?
Sorry guys, this is basic stuff, not rocket science.
If you can't handle this, you'd better shut down your communities.
I've shown you proof that it's broken, and all you say is: please help to fix this?
Guys, wake up! If you want to run a community, you have the responsibility for the data you handle from your users.
Use Google, educate yourself!
OW-Ghost
Mar 10 '17
Alexander Hu
Not all are developers and coders that why there is a oxwall forum for get help sometimes.
One more thing do you think oxwall or any software in the world is safe?
Educate you self and look around at google and you see no software are safe!
Rent or borrow someone else software is in my opinion NEVER safe even that people here will say it is i know it is not true.
I take the risk because like many other here we no have the time or money to create our own software so that is the price you have to pay i guess. but again this is my opinion
there is always people that find loopholes in the software every month and day and it will never stops.
it could help some people not bee hacked but there is so many other loopholes that we do not aware of
The Forum post is edited by OW-Ghost Mar 10 '17
Carsten
Mar 11 '17
Let him be. He just wants to pride himself.
I don't care. As i wrote, i'm new to Oxwall, so some day someone, that would like to help other, will show how it's done. Until that, i won't give it a thought :)
I don't care. As i wrote, i'm new to Oxwall, so some day someone, that would like to help other, will show how it's done. Until that, i won't give it a thought :)
Theo
Mar 25 '17
@Alexander Hu you fixed many bugs? is that in Oxwall core? I really hope you share this with the core developers. Keeping it to yourselves does not benefit yourself or the community at large, especially when they have given you a free software to use.
To update your PHPmailer:
- Download phpmailer: https://github.com/PHPMailer/PHPMailer (by clicking the green button called 'clone or download' and click on 'Download zip')
- Uncompress the file on your desktop and rename 'PHPMailer-master' to 'phpmailer'
- Navigate to /ow_libraries/vendor/phpmailer/ directory in your installation on server.
- Rename the directory /ow_libraries/vendor/phpmailer/phpmailer to phpmailer.old
- Upload the new phpmailer you have rename and downloaded to your desktop to /ow_libraries/vendor/phpmailer/
OW-Ghost
Mar 25 '17
+1 Thanks for sharing this@Alexander Hu you fixed many bugs? is that in Oxwall core? I really hope you share this with the core developers. Keeping it to yourselves does not benefit yourself or the community at large, especially when they have given you a free software to use.
To update your PHPmailer:
- Download phpmailer: https://github.com/PHPMailer/PHPMailer (by clicking the green button called 'clone or download' and click on 'Download zip')
- Uncompress the file on your desktop and rename 'PHPMailer-master' to 'phpmailer'
- Navigate to /ow_libraries/vendor/phpmailer/ directory in your installation on server.
- Rename the directory /ow_libraries/vendor/phpmailer/phpmailer to phpmailer.old
- Upload the new phpmailer you have rename and downloaded to your desktop to /ow_libraries/vendor/phpmailer/
Carsten
Mar 26 '17
It works, or at least, it does not break anything regarding sending emails :)
The crack is fixed, so everything is good now :)
The crack is fixed, so everything is good now :)
IntrigU
Mar 30 '17
Confirming that this method works.
@Alexander Hu you fixed many bugs? is that in Oxwall core? I really hope you share this with the core developers. Keeping it to yourselves does not benefit yourself or the community at large, especially when they have given you a free software to use.
To update your PHPmailer:
- Download phpmailer: https://github.com/PHPMailer/PHPMailer (by clicking the green button called 'clone or download' and click on 'Download zip')
- Uncompress the file on your desktop and rename 'PHPMailer-master' to 'phpmailer'
- Navigate to /ow_libraries/vendor/phpmailer/ directory in your installation on server.
- Rename the directory /ow_libraries/vendor/phpmailer/phpmailer to phpmailer.old
- Upload the new phpmailer you have rename and downloaded to your desktop to /ow_libraries/vendor/phpmailer/
Bruce Tran
Apr 14 '17
Thanks guys. Just curious anybody know why the original has 21 files, while the new one has only 14?
