Package: spamassassin Version: 3.1.7-1 Severity: important Tags: security patch
There is a DoS in apparantly all versions of spamassassin prior to 3.1.8 (which is not released yet). The details of this are obtained through this bugzilla log: http://issues.apache.org/SpamAssassin/show_bug.cgi?id=5318 As well as a patch to fix the issue for 3.1.8. This will likely require a backported fix for sarge. CVE id to be assigned shortly. Micah -- System Information: Debian Release: 4.0 APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18-3-vserver-686 Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Versions of packages spamassassin depends on: ii libdigest-sha1-perl 2.11-2 NIST SHA-1 message digest algorith ii libhtml-parser-perl 3.56-1 A collection of modules that parse ii libnet-dns-perl 0.59-1 Perform DNS queries from a Perl sc pn libsocket6-perl <none> (no description available) ii perl 5.8.8-7 Larry Wall's Practical Extraction Versions of packages spamassassin recommends: pn libmail-spf-query-perl <none> (no description available) ii perl [libmime-base64-perl] 5.8.8-7 Larry Wall's Practical Extraction pn spamc <none> (no description available) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

