PHPMailer v6.5.1 Release Notes

Release Date: 2021-08-18 // 4 months ago
    • ๐Ÿ‘ Provisional support for PHP 8.1
    • โœ… Major overhaul of test suite
    • โž• Add codecov.io coverage reporting
    • 0๏ธโƒฃ Prefer implicit TLS on port 465 as default encryption scheme in examples, as per RFC8314
    • ๐Ÿ›  Fix potential noisy output from IMAP address parser
    • Stricter checking of custom MessageID validity
    • 0๏ธโƒฃ Replace invalid default From address
    • ๐Ÿ‘Œ Support fallback for languages, so a request for pt_xx will fall back to pt rather than the default en.
    • ๐Ÿ‘Œ Support multi-line RFC2047 addresses in parseAddresses
    • ๐Ÿ‘Œ Improved Japanese translation

    Many thanks to @jrfnl for all her work.


Previous changes from v6.5.0

    • ๐Ÿ”’ SECURITY Fixes CVE-2021-34551, a complex RCE affecting Windows hosts. See [SECURITY.md](SECURITY.md) for details.
    • The fix for this issue changes the way that language files are loaded. While they remain in the same PHP-like format, they are processed as plain text, and any code in them will not be run, including operations such as concatenation using the . operator.
    • ๐Ÿ—„ Deprecation The current translation file format using PHP arrays is now deprecated; the next major version will introduce a new format.
    • ๐Ÿ”’ SECURITY Fixes CVE-2021-3603 that may permit untrusted code to be run from an address validator. See [SECURITY.md](SECURITY.md) for details.
    • The fix for this issue includes a minor BC break: callables injected into validateAddress, or indirectly through the $validator class property, may no longer be simple strings. If you want to inject your own validator, provide a closure instead of a function name.
    • Haraka message ID strings are now recognised