SpamAssassin: Multiple vulnerabilities

SpamAssassin: Multiple vulnerabilities Multiple vulnerabilities have been found in SpamAssassin, the worst of which may lead to remote code execution. spamassassin 2018-12-15 2018-12-15 666348 remote 3.4.2-r2 3.4.2-r2

SpamAssassin is an extensible email filter used to identify junk email.

Multiple vulnerabilities have been discovered in SpamAssassin. Please review the referenced CVE identifiers for details.

A remote attacker could execute arbitrary code, escalate privileges, or cause a Denial of Service condition.

There is no known workaround at this time.

All SpamAssassin users should upgrade to the latest version:


      # emerge --sync
      # emerge --ask --oneshot --verbose
      ">=mail-filter/spamassassin-3.4.2-r2"

CVE-2016-1238 CVE-2017-15705 CVE-2018-11780 CVE-2018-11781 b-man b-man