Swiftmailer 5.2.2 released

Swiftmailer 5.2.2 has just been released; it contains the following changes:

  • fixed Japanese support
  • fixed the memory spool when the message changes when in the pool
  • added support for cloning messages
  • fixed PHP warning in the redirect plugin
  • changed the way to and cc-ed email are sent to only use one transaction

Security Fix: Swiftmailer 5.2.1 released

Swiftmailer 5.2.1 has just been released and it contains a security fix.

Prior to 5.2.1, the sendmail transport (Swift_Transport_SendmailTransport) was vulnerable to an arbitrary shell execution if the “From” header came from a non-trusted source and no “Return-Path” is configured. This has been fixed in 5.2.1. If you are using sendmail as a transport, you are encouraged to upgrade as soon as possible.

I’d like to thank Tim Starling who reported this security issue and provided a way to reproduce it very easily.

You can easily check if your project is vulnerable by uploading your composer.lock file on security.sensiolabs.org.

Swiftmailer 5.2.0 released

Swiftmailer 5.2.0 has just been released; it contains the following changes:

  • fixed Swift_ByteStream_FileByteStream::read() to match to the specification
  • fixed from-charset and to-charset arguments in mbstring_convert_encoding() usages
  • fixed infinite loop in StreamBuffer
  • fixed NullTransport to return the number of ignored emails instead of 0
  • Use phpunit and mockery for unit testing (realityking)

PEAR packages won’t be published anymore

Now that Composer is the de-facto standard for dependency management in PHP, it’s time to stop releasing new PEAR packages for Swiftmailer.

So, from now on, I won’t publish PEAR packages for new versions of Swiftmailer. That said, the current PEAR channel will continue to work, and I don’t expect to close it anytime soon (you just won’t get any new versions).

More information on my personal blog.

Swiftmailer 5.1.0 released

Swiftmailer 5.1.0 has just been released; it contains the following changes:

  • fixed data writing to stream when sending large messages
  • added support for libopendkim (https://github.com/xdecock/php-opendkim)
  • merged SignedMessage and Message
  • added Gmail XOAuth2 authentication
  • updated the list of known mime types
  • added NTLM authentication

Swiftmailer 5.0.3 released

Swiftmailer 5.0.3 is out. It fixes a long-standing issue about double-dots. Thanks to Xavier de Cock for the fix.

Swiftmailer 5.0.1 released

Swiftmailer 5.0.1 contains some minor bug fixes and fixes the main license file that was still referring to the LGPL license instead of the MIT one.

Swiftmailer 5.0.0 released

Swiftmailer 5.0.0 has just been released.

This release is the same as 4.3.1 feature-wise. So, why a major version? Because we have changed the license of Swiftmailer from LGPL to MIT.

Swiftmailer 4.3.1 released

Swiftmailer 4.3.1 has just been released.

Here is the changelog:

  • removed usage of the native QP encoder when the charset is not UTF-8
  • fixed usage of uniqid to avoid collisions
  • made a performance improvement when tokenizing large headers
  • fixed usage of the PHP native QP encoder on PHP 5.4.7+

Swiftmailer 4.3.0 released

Swiftmailer 4.3.0 has just been released. It contains one big new feature: signed and encrypted messages. Read the documentation for more information.