Updated spamassassin package in etch, fixes CVE-2007-0451

To: backports-users@lists.backports.org
Subject: Updated spamassassin package in etch, fixes CVE-2007-0451
From: Stuart Rowan <strr-backports-users@decisionsoft.co.uk>
Date: Fri, 23 Feb 2007 14:53:17 +0000
Message-id: <[🔎] 45DEFFDD.9070204@decisionsoft.co.uk>

As found in etch ...

 spamassassin  (3.1.7-2) unstable; urgency=high

   * Security fixes backported from 3.1.8:
     - CVE-2007-0451: potential DoS with long URIs found in the message
     content (Closes: #410843)
     - Prevents perl code from being loaded via sa-update by default
     (override with --allowplugins) (SpamAssassin bug 5240)

 -- Duncan Findlay <duncf@debian.org>  Wed, 14 Feb 2007 21:46:52 -0500

Can we get an updated backport to close this vulnerability?

Thanks,
Stu.

Reply to:

Prev by Date: Re: fail2ban needs updating ... DoS issue CVE-2006-6302
Next by Date: Re: MySQL-Server 5.0.32-3~bpo.1 crashes on certain queries
Previous by thread: Re: yaird disappeared?
Next by thread: odd issue with linux-image-2.6.18-4
Index(es):
- Date
- Thread