Alerts This Week
Warning Icon 1 560
Alerts This Week
Warning Icon 1 560

Ubuntu 12.04 ESM USN-3811-3 Critical: SpamAssassin Code Execution

Calendar Dec 05, 2018 User Avatar LinuxSecurity Advisories
1 min read
Ubuntu Large Esm H500
Topics%20covered

Topics Covered

security advisory critical code execution arbitrary code remote code SpamAssassin Ubuntu 12.04
Several security issues were fixed in SpamAssassin. 
=========================================================================Ubuntu Security Notice USN-3811-3
December 05, 2018

spamassassin vulnerabilities
=========================================================================
A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.04 ESM

Summary:

Several security issues were fixed in SpamAssassin.

Software Description:
- spamassassin: Perl-based spam filter using text analysis

Details:

USN-3811-1 fixed a vulnerability in spamassassin. This update provides
the corresponding update for Ubuntu 12.04 ESM.

Original advisory details:

 It was discovered that SpamAssassin incorrectly handled the PDFInfo
 plugin. A remote attacker could possibly use this issue to execute
 arbitrary code. (CVE-2018-11780)

 It was discovered that SpamAssassin incorrectly handled meta rule
 syntax. A local attacker could possibly use this issue to execute
 arbitrary code. (CVE-2018-11781)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.04 ESM:
  spamassassin                    3.4.2-0ubuntu0.12.04.2

This update uses a new upstream release, which includes additional bug
fixes. In general, a standard system update will make all the necessary
changes.

References:
  https://ubuntu.com/security/notices/USN-3811-3
  https://ubuntu.com/security/notices/USN-3811-1
  CVE-2018-11780, CVE-2018-11781

Ubuntu 12.04 ESM USN-3811-3 Critical: SpamAssassin Code Execution

ubuntu
Calendar Grey December 5, 2018
Dist Ubuntu Esm H88
A variety of vulnerabilities in SpamAssassin have been rectified in the Ubuntu update USN-3811-3. Ensure you upgrade to reduce potential threats.
Several security issues were fixed in SpamAssassin.

Summary

Topics%20covered

Topics Covered

security advisory critical code execution arbitrary code remote code SpamAssassin Ubuntu 12.04

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 12.04 ESM:   spamassassin                    3.4.2-0ubuntu0.12.04.2 This update uses a new upstream release, which includes additional bug fixes. In general, a standard system update will make all the necessary changes.

References

  https://ubuntu.com/security/notices/USN-3811-3

  https://ubuntu.com/security/notices/USN-3811-1

  CVE-2018-11780, CVE-2018-11781

Severity
critical
Lowest
Low
Medium
High
Critical

December 05, 2018

Topics%20covered

Topics Covered

security advisory critical code execution arbitrary code remote code SpamAssassin Ubuntu 12.04

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here