Full Disclosure mailing list archives
rPSA-2007-0119-1 spamassassin
From: rPath Update Announcements <announce-noreply () rpath com>
Date: Wed, 13 Jun 2007 17:28:12 -0400
rPath Security Advisory: 2007-0119-1 Published: 2007-06-13 Products: rPath Linux 1 Rating: Minor Exposure Level Classification: Indirect User Deterministic Denial of Service Updated Versions: spamassassin=/conary.rpath.com@rpl:devel//1/3.2.1-0.1-1 References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2873 https://issues.rpath.com/browse/RPL-1450 Description: Previous versions of the spamassassin package are vulnerable to a Denial of Service attack in which a local attacker may overwrite arbitrary files when spamd is run using uncommon configuration options. rPath Linux does not configure spamd using these options and is thus not vulnerable to this attack. Copyright 2007 rPath, Inc. This file is distributed under the terms of the MIT License. A copy is available at http://www.rpath.com/permanent/mit-license.html _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- rPSA-2007-0119-1 spamassassin rPath Update Announcements (Jun 14)