On June 11 I published an input validation vulnerability in PHPMailer, CVE-2007-3215. Since then, a number of applications have manually patched their PHPMailer source files and released updates.
- WordPress 2.2.1
- Symfony 1.0.5
- Debian DSA-1315-1 libphp-phpmailer
- knowledgeroot Knowledgebase 0.9.8.3
- IPplan 4.86a
Unfortunately, PHPMailer itself has not released an official update and is still being distributed with the vulnerable version 1.73 source files.
Judas Iscariote from the Swift Mailer project added a patch file to my original bug report (1734811), which seems to have been the most widely circulated manual patch.
I guess we can safely assume that PHPMailer is now a dormant project, which should be abandoned in favor of actively maintained projects such as Switch Mailer that from the looks of it has a more structured approach to security 
[...] was using PHPMailer until recently, but unfortunately security vulnerabilities have been discovered. Given the fact that PHPMailer hasn’t released an update in 2 years, the [...]