-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Package : spamassassin Version : 3.4.2-0+deb8u3 CVE ID : CVE-2020-1930 CVE-2020-1931 Debian Bug : 950258
Two vulnerabilities were discovered in spamassassin, a Perl-based spam filter using text analysis. Malicious rule or configuration files, possibly downloaded from an updates server, could execute arbitrary commands under multiple scenarios. For Debian 8 "Jessie", these problems have been fixed in version 3.4.2-0+deb8u3. We recommend that you upgrade your spamassassin packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAl5L3psACgkQnUbEiOQ2 gwJ7RQ//R5YJn7oGBYS6R8WK+5xBrdaGLLqLufv0lKGmE5verJrf/OgMBLZSO/bQ hjjPjHJdJI3Bycbj9iwuGezAqzTpxNxLt8+GXst90j0oBAot+JBEG8omBkByYTxn Dgrsb3ATZSIcwt3shh8jF/HJxthX322MGb2h5jYgGPGHXKOjCwFjtZ5dd6DQODd7 AyS0AVSiOylo8DQRrPDkZcbcPURbhrH9cMFQ1FbWYLiKhI0oIfQvYZGiIIbp/ka/ +cQyUiP5kMPiZ+GanguRbgR7kzSFFYz7p5z3rYjdr4kKqWdgq6Nnq86xGp4fa/Yg UZQFDjNeNMRGpI+Hua3oEZW3M9hL8uzfAvpbC5g5hFWE/eKp7hqHTnvofsAqd7II CBiDZa9EOe3h/qJNPwCqEooomv1EwmeNE6SWrlV6tm/EEoVDXrpnN11j5kfGE2sJ ebz/ADc9zzNuK1ENAllxZ5BQOUgWR8CSmPLTNoJsOsrdxslev/jmEWXJe3oZ33A9 gLu0W4uWclguyU1lnLbb0ec3iG/VglliuPaUgqOqRaSl+/EaHbSsziE140XQ6GGX dVndukOIJ75oNo1jFu69UqXyU+uqztb6LG1qF3+iOa3XOnbAb3TXK1c9RwbE5ckP KaEIUmjPfeS6PkDMzM7f4NIl6dYm+p0nlkkOxyyhVKJz4qmuors= =CspL -----END PGP SIGNATURE-----