Full Disclosure mailing list archives
[SECURITY] [DSA 2585-1] bogofilter security update
From: Florian Weimer <fw () deneb enyo de>
Date: Tue, 11 Dec 2012 19:27:11 +0100
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2585-1 security () debian org http://www.debian.org/security/ December 11, 2012 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : bogofilter Vulnerability : buffer overflow Problem type : remote Debian-specific: no CVE ID : CVE-2012-5468 Debian Bug : 695139 A heap-based buffer overflow was discovered in bogofilter, a software package for classifying mail messages as spam or non-spam. Crafted mail messages with invalid base64 data could lead to heap corruption and, potentially, arbitrary code execution. For the stable distribution (squeeze), this problem has been fixed in version 1.2.2-2+squeeze1. For the testing distribution (wheezy) and the unstable distribution (sid), this problem has been fixed in version 1.2.2+dfsg1-2. We recommend that you upgrade your bogofilter packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/ Mailing list: debian-security-announce () lists debian org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAEBAgAGBQJQx30nAAoJEL97/wQC1SS+kUYH/2Gy18haNbQH4mcyubyopI7l 6rdPfHNBV8eycklg4oSmjDjjjk0OizbqqXRMEReLTZv/noOGVUNDDub7Sp5n9v2B 872PaS85VucvRncgDyQrOhk94omZz1A51DjJJxzqjOW7Hr+/jS+r5vHtdxGrd66/ OE3Dm85f2qlIZsuDr/Mho3f1gv85OwqHyXcR8837zsjhPRteJUKHzpZRCL9jWv4+ vzHKZx89wy5I3oP1WQQnkL7gFmY/BMi2XBpveQBncymUiPdGZtliBe6je2zVWjzc dcTvXOIgelmjjW/RM4/hufSxWD0OqWXv9yMhl6SI43IAzQxZAessDRfSt1Ju2r0= =Zl0F -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- [SECURITY] [DSA 2585-1] bogofilter security update Florian Weimer (Dec 11)