Mitigation of DRUPAL-SA-PSA-2016-004
Incident Report for amazee.io
Resolved
The Drupal Security Team just announced a new highly critical security announcement (23/25 points) for the 3rd Party Library PHPmailer: https://www.drupal.org/node/2839366
There is no Contrib or Core Module of Drupal directly affected, but multiple Contrib Modules of Drupal download the 3rd Party Library PHPmailer in order to send emails. Every website that uses PHPmailer is encouraged to update to the a newer version of PHPmailer then 5.2.18 (current available version is 5.2.19).

As amazee.io cannot mitigate this issue from an infrastructure level, we informed all our clients which have PHPmailer 5.2.18 or earlier installed to update their codebase and with that fix their issue.
If you did not receive such an information, our scripts did not find your website affected and there is probably nothing to do as of right now (even though amazee.io strongly suggests to keep all websites up to date at any time).
Posted Dec 27, 2016 - 02:24 UTC
This incident affected: General (Lagoon API, Deployment Infrastructure, Nameservers).