Updated spamassassin package in etch, fixes CVE-2007-0451
As found in etch ...
spamassassin (3.1.7-2) unstable; urgency=high
* Security fixes backported from 3.1.8:
- CVE-2007-0451: potential DoS with long URIs found in the message
content (Closes: #410843)
- Prevents perl code from being loaded via sa-update by default
(override with --allowplugins) (SpamAssassin bug 5240)
-- Duncan Findlay <duncf@debian.org> Wed, 14 Feb 2007 21:46:52 -0500
Can we get an updated backport to close this vulnerability?
Thanks,
Stu.
Reply to: