Download
| Alert*
oval:org.secpod.oval:def:67981
The SpamAssassin tool provides a way to reduce unsolicited commercial email from incoming email. Security Fix: * spamassassin: crafted configuration files can run system commands without any output or errors * spamassassin: crafted email message can lead to DoS * spamassassin: command injection v ... oval:org.secpod.oval:def:504730 The SpamAssassin tool provides a way to reduce unsolicited commercial email from incoming email. Security Fix: * spamassassin: crafted configuration files can run system commands without any output or errors * spamassassin: crafted email message can lead to DoS * spamassassin: command injection v ... oval:org.secpod.oval:def:61532 spamassassin: Perl-based spam filter using text analysis Several security issues were fixed in SpamAssassin. oval:org.secpod.oval:def:61474 Two vulnerabilities were discovered in spamassassin, a Perl-based spam filter using text analysis. CVE-2018-11805 Malicious rule or configuration files, possibly downloaded from an updates server, could execute arbitrary commands under multiple scenarios. CVE-2019-12420 Specially crafted mulitpart m ... oval:org.secpod.oval:def:89050322 This update for spamassassin fixes the following issues: Security issues fixed: - CVE-2018-11805: Fixed an issue with delimiter handling in rule files related to is_regexp_valid . - CVE-2020-1930: Fixed an issue with rule configuration files which can be configured to run system commands . - CVE-20 ... oval:org.secpod.oval:def:1601103 In Apache SpamAssassin before 3.4.3, a message can be crafted in a way to use excessive resources. Upgrading to SA 3.4.3 as soon as possible is the recommended fix but details will not be shared publicly. In Apache SpamAssassin before 3.4.3, nefarious CF files can be configured to run system command ... oval:org.secpod.oval:def:1801657 In Apache SpamAssassin before 3.4.3, a message can be crafted in a way to use excessive resources. oval:org.secpod.oval:def:89000281 This update for spamassassin fixes the following issues: - CVE-2018-11805: Fixed an issue with delimiter handling in rule files related to is_regexp_valid . - CVE-2020-1930: Fixed an issue with rule configuration files which can be configured to run system commands . - CVE-2020-1931: Fixed an issue ... oval:org.secpod.oval:def:604646 Two vulnerabilities were discovered in spamassassin, a Perl-based spam filter using text analysis. CVE-2018-11805 Malicious rule or configuration files, possibly downloaded from an updates server, could execute arbitrary commands under multiple scenarios. CVE-2019-12420 Specially crafted mulitpart m ... oval:org.secpod.oval:def:69926 Two vulnerabilities were discovered in spamassassin, a Perl-based spam filter using text analysis. CVE-2018-11805 Malicious rule or configuration files, possibly downloaded from an updates server, could execute arbitrary commands under multiple scenarios. CVE-2019-12420 Specially crafted mulitpart m ... oval:org.secpod.oval:def:89000636 This update for spamassassin fixes the following issues: Security issues fixed: - CVE-2018-11805: Fixed an issue with delimiter handling in rule files related to is_regexp_valid . - CVE-2020-1930: Fixed an issue with rule configuration files which can be configured to run system commands . - CVE-20 ... oval:org.secpod.oval:def:1504355 [3.4.2-10] - Fixed CVE-2018-11805 - Resolves: rhbz#1787514 - Fixed CVE-2020-1930 - Resolves: rhbz#1820649 - Fixed CVE-2020-1931 - Resolves: rhbz#1820650 [3.4.2-9] - Fix CVE-2019-12420 - Resolves: rhbz#1812977 [3.4.2-8] - Removed the obsolete SOUGHT channel for rule updates - Resolves: rhbz#1630362 oval:org.secpod.oval:def:2500125 The SpamAssassin tool provides a way to reduce unsolicited commercial email from incoming email. oval:org.secpod.oval:def:705329 spamassassin: Perl-based spam filter using text analysis Several security issues were fixed in SpamAssassin. |