Fedora Legacy Test Update Notification: spamassassin

Marc Deslauriers marcdeslauriers at videotron.ca
Mon Mar 7 00:26:49 UTC 2005 

This version adds a better patch.

---------------------------------------------------------------------
Fedora Legacy Test Update Notification
FEDORALEGACY-2005-2268
Bugzilla https://bugzilla.fedora.us/show_bug.cgi?id=2268
2005-03-06
---------------------------------------------------------------------

Name        : spamassassin
Versions    : fc1: spamassassin-2.63-0.2.2.legacy
Summary     : Spam filter for email which can be invoked from mail
               delivery agents.
Description :
SpamAssassin provides you with a way to reduce if not completely
eliminate Unsolicited Commercial Email (SPAM) from your incoming email.
It can be invoked by a MDA such as sendmail or postfix, or can be called
from a procmail script, .forward file, etc.  It uses a genetic-algorithm
evolved scoring system to identify messages which look spammy, then
adds headers to the message so they can be filtered by the user's mail
reading software.  This distribution includes the spamd/spamc components
which create a server that considerably speeds processing of mail.

---------------------------------------------------------------------
Update Information:

An updated spamassassin package that fixes a denial of service bug when
parsing malformed messages is now available.

SpamAssassin provides a way to reduce unsolicited commercial email
(SPAM) from incoming email.

A denial of service bug has been found in SpamAssassin versions below
2.64. A malicious attacker could construct a message in such a way that
would cause spamassassin to stop responding, potentially preventing the
delivery or filtering of email. The Common Vulnerabilities and Exposures
project (cve.mitre.org) has assigned the name CAN-2004-0796 to this
issue.

Users of SpamAssassin should update to these updated packages which
contain a backported patch and is not vulnerable to this issue.

---------------------------------------------------------------------
Changelogs

fc1:
* Sun Dec 19 2004 Pekka Savola <pekkas at netcore.fi> 2.63-0.2.2.legacy
- more extensive patch for CAN-2004-0796 (from 2.64)

* Tue Nov 16 2004 Rob Myers <rob.myers at gtri.gatech.edu> 2.63-0.2.1.legacy
- patch for CAN-2004-0796 (FL #2268)

---------------------------------------------------------------------
This update can be downloaded from:
   http://download.fedoralegacy.org/
(sha1sums)

fc1:
e76200ac598d6cb56ec18b92cfe6ce6af0181683 
fedora/1/updates-testing/i386/spamassassin-2.63-0.2.2.legacy.i386.rpm
21e17d5e33e8ba6bf76c288544719169982bb415 
fedora/1/updates-testing/SRPMS/spamassassin-2.63-0.2.2.legacy.src.rpm

---------------------------------------------------------------------

Please test and comment in bugzilla.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 256 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/fedora-legacy-list/attachments/20050306/d1cfe14d/attachment.sig>

More information about the fedora-legacy-list mailing list