VYPR

rpm package

suse/spamassassin&distro=SUSE Linux Enterprise Server 15 SP1-LTSS

pkg:rpm/suse/spamassassin&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSS

Vulnerabilities (2)

  • CVE-2020-1946Mar 25, 2021
    affected < 3.4.5-12.10.1fixed 3.4.5-12.10.1

    In Apache SpamAssassin before 3.4.5, malicious rule configuration (.cf) files can be configured to run system commands without any output or errors. With this, exploits can be injected in a number of scenarios. In addition to upgrading to SA version 3.4.5, users should only use u

  • CVE-2019-12420Dec 12, 2019
    affected < 3.4.5-12.10.1fixed 3.4.5-12.10.1

    In Apache SpamAssassin before 3.4.3, a message can be crafted in a way to use excessive resources. Upgrading to SA 3.4.3 as soon as possible is the recommended fix but details will not be shared publicly.