Information on source package spamassassin

Available versions

ReleaseVersion
jessie3.4.0-6
jessie (security)3.4.2-0+deb8u1
stretch3.4.2-1~deb9u1
buster3.4.2-1
sid3.4.2-1

Resolved issues

BugDescription
CVE-2018-11781Apache SpamAssassin 3.4.2 fixes a local user code injection in the ...
CVE-2018-11780A potential Remote Code Execution bug exists with the PDFInfo plugin ...
CVE-2017-15705A denial of service vulnerability was identified that exists in Apache ...
CVE-2016-1238(1) cpan/Archive-Tar/bin/ptar, (2) cpan/Archive-Tar/bin/ptardiff, (3) ...
CVE-2007-2873SpamAssassin 3.1.x, 3.2.0, and 3.2.1 before 20070611, when running as ...
CVE-2007-0451Apache SpamAssassin before 3.1.8 allows remote attackers to cause a ...
CVE-2006-2447SpamAssassin before 3.1.3, when running with vpopmail and the paranoid ...
CVE-2005-3351SpamAssassin 3.0.4 allows attackers to bypass spam detection via an ...
CVE-2005-1266Apache SpamAssassin 3.0.1, 3.0.2, and 3.0.3 allows remote attackers to ...
CVE-2004-0796SpamAssassin 2.5x, and 2.6x before 2.64, allows remote attackers to ...
CVE-2003-1557Off-by-one buffer overflow in spamc of SpamAssassin 2.40 through 2.43, ...

Security announcements

DSA / DLADescription
DLA-1578-1spamassassin - security update
DSA-1090-1spamassassin - programming error
DSA-736-2spamassassin - mail header parsing error
DSA-736-2spamassassin - mail header parsing error
DSA-736-1spamassassin - mail header parsing error
DSA-736-1spamassassin - mail header parsing error

Search for package or bug name: Reporting problems