Executive Summary

Titlespamassassin security update
NameDSA-4615First vendor Publication2020-02-01
VendorDebianLast vendor Modification2020-02-01
Severity (Vendor) N/ARevision1

Security-Database Scoring CVSS v2

Cvss vector :
Cvss Base ScoreN/AAttack RangeN/A
Cvss Impact ScoreN/AAttack ComplexityN/A
Cvss Expoit ScoreN/AAuthenticationN/A
Calculate full CVSS 2.0 Vectors scores


Two vulnerabilities were discovered in spamassassin, a Perl-based spam filter using text analysis. Malicious rule or configuration files, possibly downloaded from an updates server, could execute arbitrary commands under multiple scenarios.

For the oldstable distribution (stretch), these problems have been fixed in version 3.4.2-1~deb9u3.

For the stable distribution (buster), these problems have been fixed in version 3.4.2-1+deb10u2.

We recommend that you upgrade your spamassassin packages.

For the detailed security status of spamassassin please refer to its security tracker page at: https://security-tracker.debian.org/tracker/spamassassin

Original Source

Url : http://www.debian.org/security/2020/dsa-4615

Alert History

If you want to see full details history, please login or register.
2020-02-01 21:18:37
  • First insertion