DSA-4584-1 spamassassin -- spamassassin| ID: oval:org.secpod.oval:def:604646 | Date: (C)2019-12-17 (M)2023-12-20 |
| Class: PATCH | Family: unix |
Two vulnerabilities were discovered in spamassassin, a Perl-based spam filter using text analysis. CVE-2018-11805 Malicious rule or configuration files, possibly downloaded from an updates server, could execute arbitrary commands under multiple scenarios. CVE-2019-12420 Specially crafted mulitpart messages can cause spamassassin to use excessive resources, resulting in a denial of service.
| Platform: |
| Debian 10.x |
| Debian 9.x |
| Product: |
| spamassassin |
| sa-compile |
| spamc |
