Linux Security
Linux Security
Linux Security

Apache SpamAssassin 3.4.6 Release Fixes Two Potentially Aggravating Bugs

Date 14 Apr 2021
753
Posted By Brittany Day
Arrowlogo V1

On April 12, 2021, the Apache SpamAssassin Project announced the release of Apache SpamAssassin Version 3.4.6 mitigating two small but potentially annoying bugs introduced in Version 3.4.5, which was created to fix a few security vulnerabilities just a few weeks ago.

A Quick Introduction to Apache SpamAssassin

Apache SpamAssassin is a mature, widely-deployed open-source project that serves as a mail filter to identify spam. SpamAssassin leverages a combination of mail header and text analysis, Bayesian filtering, DNS blocklists, and collaborative filtering databases. SpamAssassin’s flexible modular architecture makes the framework compatible with a wide array of other technologies

Apache SpamAssassin typically runs on a server, classifying and labeling spam before it reaches your mailbox, while allowing other components of a mail system to act on its results.

Portability, robustness and facilitated maintenance are among the key benefits that Apache SpamAssassin offers.

What’s New in Apache SpamAssassin Version 3.4.6?

While the release of Apache SpamAssassin doesn’t include any groundbreaking new features, configuration options or Internal changes, it does feature mitigations for two minor - but potentially aggravating - bugs introduced in Version 3.4.5. Sidney Markowitz, Apache SpamAssassin PMC Chair, stated in a recent announcement email:

 

Apache SpamAssassin 3.4.6 fixes two small but potentially annoying bugs in 3.4.5

 

*** On March 1, 2020, we stopped publishing rulesets with SHA-1 signatures.

If you do not update to 3.4.2 or later, you will be stuck at the last

ruleset with SHA-1 signatures. Such an upgrade should be to 3.4.6 to

obtain the contained security fixes ***

 

*** Ongoing development on the 3.4 branch has ceased. All future releases

and bug fixes will be on the 4.0 series, unless a new security issue

is found that necessitates a 3.4.7 release. ***

 

Many thanks to the committers, contributors, rule testers, mass checkers,

and code testers who have made this release possible. 

 

Notable changes

---------------

This release includes fixes for the following:

  - Fixed URIDNSBL not triggering meta rules

  - Fix false positive in T_KAM_HTML_FONT_INVALID on CSS color !important 

 

Downloading and availability

----------------------------

Downloads are available from:

https://spamassassin.apache.org/downloads.cgi

The Bottom Line

The release of Apache SpamAssassin Version 3.4.6 is fairly mundane when it comes to features, improvements and optimizations. That being said, the release does introduce fixes for two small but potentially annoying security bugs introduced in Version 3.4.5. Upgrading is quick, easy and free and stands to make your SpamAssassin user experience more pleasant and hassle-free. All in all, it seems like the logical decision to make the switch to Apache SpamAssassin Version 3.4.6.

LinuxSecurity Poll

How frequently do you patch/update your system?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum 0 answer(s) and maximum 3 answer(s).
/main-polls/52-how-frequently-do-you-patch-update-your-system?task=poll.vote&format=json
52
radio
[{"id":"179","title":"As soon as patches\/updates are released - I track advisories for my distro(s) diligently","votes":"69","type":"x","order":"1","pct":75.82,"resources":[]},{"id":"180","title":"Every so often, when I think of it","votes":"14","type":"x","order":"2","pct":15.38,"resources":[]},{"id":"181","title":"Hardly ever","votes":"8","type":"x","order":"3","pct":8.79,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350

Please vote first in order to view vote results.

VOTE ON THE POLL PAGE


VIEW MORE POLLS

bottom 200

Please enable / Bitte aktiviere JavaScript!
Veuillez activer / Por favor activa el Javascript![ ? ]

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.