| Revision Date: | 2007-06-13 | Version: | 635 |
| Title: | RHSA-2007:0492: spamassassin security update (Moderate) |
| Description: | SpamAssassin provides a way to reduce unsolicited commercial email (spam) from incoming email.
Martin Krafft discovered a symlink issue in SpamAssassin that affects certain non-default configurations. A local user could use this flaw to create or overwrite files writable by the spamd process (CVE-2007-2873).
Users of SpamAssassin should upgrade to these updated packages which contain a backported patch to correct this issue.
Note: This issue did not affect the version of SpamAssassin shipped with Red Hat Enterprise Linux 3.
|
| Family: | unix | Class: | patch |
| Status: | | Reference(s): | CVE-2007-2873
RHSA-2007:0492
RHSA-2007:0492-02
RHSA-2007:0492-02
|
| Platform(s): | Red Hat Enterprise Linux 4
Red Hat Enterprise Linux 5
| Product(s): | |
| Definition Synopsis |
| Red Hat Enterprise Linux must be installed OR Package Information
Red Hat Enterprise Linux 4 is installed
AND spamassassin is earlier than 0:3.1.9-1.el4
AND spamassassin is signed with Red Hat redhatrelease2 key
OR Package Information
Red Hat Enterprise Linux 5 is installed
AND spamassassin is earlier than 0:3.1.9-1.el5
AND spamassassin is signed with Red Hat redhatrelease2 key
|