Information on source package spamassassin

Available versions

ReleaseVersion
jessie3.4.0-6
jessie (security)3.4.2-0+deb8u2
stretch3.4.2-1~deb9u1
stretch (security)3.4.2-1~deb9u2
buster3.4.2-1
buster (security)3.4.2-1+deb10u1
bullseye3.4.4~rc1-1
sid3.4.4~rc1-1

Resolved issues

BugDescription
CVE-2019-12420In Apache SpamAssassin before 3.4.3, a message can be crafted in a way ...
CVE-2018-11805In Apache SpamAssassin before 3.4.3, nefarious CF files can be configu ...
CVE-2018-11781Apache SpamAssassin 3.4.2 fixes a local user code injection in the met ...
CVE-2018-11780A potential Remote Code Execution bug exists with the PDFInfo plugin i ...
CVE-2017-15705A denial of service vulnerability was identified that exists in Apache ...
CVE-2016-1238(1) cpan/Archive-Tar/bin/ptar, (2) cpan/Archive-Tar/bin/ptardiff, (3) ...
CVE-2007-2873SpamAssassin 3.1.x, 3.2.0, and 3.2.1 before 20070611, when running as ...
CVE-2007-0451Apache SpamAssassin before 3.1.8 allows remote attackers to cause a de ...
CVE-2006-2447SpamAssassin before 3.1.3, when running with vpopmail and the paranoid ...
CVE-2005-3351SpamAssassin 3.0.4 allows attackers to bypass spam detection via an e- ...
CVE-2005-1266Apache SpamAssassin 3.0.1, 3.0.2, and 3.0.3 allows remote attackers to ...
CVE-2004-0796SpamAssassin 2.5x, and 2.6x before 2.64, allows remote attackers to ca ...
CVE-2003-1557Off-by-one buffer overflow in spamc of SpamAssassin 2.40 through 2.43, ...

Security announcements

DSA / DLADescription
DLA-2037-1spamassassin - security update
DSA-4584-1spamassassin - security update
DSA-4584-1spamassassin - security update
DLA-1578-1spamassassin - security update
DSA-1090-1spamassassin - programming error
DSA-736-2spamassassin - mail header parsing error
DSA-736-2spamassassin - mail header parsing error
DSA-736-1spamassassin - mail header parsing error
DSA-736-1spamassassin - mail header parsing error

Search for package or bug name: Reporting problems