Critical Alert: Spamassassin Denial of Service & Code Injection in SL7

Oct 12, 2018 •

LinuxSecurity Advisories

1 min read

Topics Covered

security advisory denial of service security update code injection spamassassin Scientific Linux

spamassassin: Certain unclosed tags in crafted emails allow for scan timeouts and result in denial of service (CVE-2017-15705) * spamassassin: Local user code injection in the meta rule syntax (CVE-2018-11781) SL7 x86_64 spamassassin-3.4.0-4.el7_5.x86_64.rpm spamassassin-debuginfo-3.4.0-4.el7_5.x86_64.rpm - Scientific Linux Development Team

Synopsis:          Important: spamassassin security update
Advisory ID:       SLSA-2018:2916-1
Issue Date:        2018-10-11
CVE Numbers:       CVE-2017-15705
                   CVE-2018-11781
--

Security Fix(es):

* spamassassin: Certain unclosed tags in crafted emails allow for scan
timeouts and result in denial of service (CVE-2017-15705)

* spamassassin: Local user code injection in the meta rule syntax
(CVE-2018-11781)
--

SL7
  x86_64
    spamassassin-3.4.0-4.el7_5.x86_64.rpm
    spamassassin-debuginfo-3.4.0-4.el7_5.x86_64.rpm

- Scientific Linux Development Team

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Your message here

Critical Alert: Spamassassin Denial of Service & Code Injection in SL7

Topics Covered

Search Advisories & Updates

Recent Searches

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Critical Alert: Spamassassin Denial of Service & Code Injection in SL7

Topics Covered

Search Advisories & Updates

Recent Searches

Related Articles

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!