Fedora: 2007-582 Moderate: Local Symlink Issue for SpamAssassin

fedora

June 13, 2007

Local symlink vulnerability

Summary

SpamAssassin provides you with a way to reduce if not completely eliminate

Unsolicited Commercial Email (SPAM) from your incoming email. It can

be invoked by a MDA such as sendmail or postfix, or can be called from

a procmail script, .forward file, etc. It uses a genetic-algorithm

evolved scoring system to identify messages which look spammy, then

adds headers to the message so they can be filtered by the user's mail

reading software. This distribution includes the spamd/spamc components

which create a server that considerably speeds processing of mail.

To enable spamassassin, if you are receiving mail locally, simply add

this line to your ~/.procmailrc:

INCLUDERC=/etc/mail/spamassassin/spamassassin-default.rc

To filter spam for all users, add that line to /etc/procmailrc

(creating if necessary).

Local symlink vulnerability. Fedora is not vulnerable in any

default or common configurations. Read upstream's

announcement for details.

https://spamassassin.apache.org/404.html

- 3.1.9 CVE-2007-2873

e35f9489f830f3fd3cb8c1270b86a56a1856a952 SRPMS/spamassassin-3.1.9-1.fc6.src.rpm

e35f9489f830f3fd3cb8c1270b86a56a1856a952 noarch/spamassassin-3.1.9-1.fc6.src.rpm

424c75875c9bbb4d77821e420c56a714c4b0bb7f ppc/spamassassin-3.1.9-1.fc6.ppc.rpm

fb39e814ce1cff3fd691a59b3f7ee7c6ffa00474 ppc/debug/spamassassin-debuginfo-3.1.9-1.fc6.ppc.rpm

77fee9411cfe1d3aafd06f3338e7d67d4b8e68d1 x86_64/debug/spamassassin-debuginfo-3.1.9-1.fc6.x86_64.rpm

7bd1a5062cab3ebc8f3ad9893547850eefdc6ae4 x86_64/spamassassin-3.1.9-1.fc6.x86_64.rpm

fc4d2f0597ca411bd6fafb1d68172953aadb736d i386/spamassassin-3.1.9-1.fc6.i386.rpm

2a71ee2c4ac5cd4a4dbbbbec9db3288dc43c1167 i386/debug/spamassassin-debuginfo-3.1.9-1.fc6.i386.rpm

This update can be installed with the 'yum' update program. Use 'yum update

package-name' at the command line. For more information, refer to 'Managing

Software with yum,' available at .

Fedora-package-announce mailing list

Fedora-package-announce@redhat.com

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Topics Covered

security advisory moderate fedora update spamassassin local symlink

Change Log

References

Update Instructions

Severity

important

Lowest

Low

Medium

High

Critical

Name: spamassassin

Version: 3.1.9

Release: 1.fc6

Summary: Spam filter for email which can be invoked from mail delivery agents.

Topics Covered

security advisory moderate fedora update spamassassin local symlink

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Fedora: 2007-582 Moderate: Local Symlink Issue for SpamAssassin

Summary

Topics Covered

Change Log

References

Update Instructions

Topics Covered

Get the latest News and Insights

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Fedora: 2007-582 Moderate: Local Symlink Issue for SpamAssassin

Summary

Topics Covered

Change Log

References

Update Instructions

Topics Covered

Get the latest News and Insights

Related Articles

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!