SpamAssassin provides a way to reduce unsolicited commercial email (SPAM)
from incoming email.
A denial of service bug was found in SpamAssassin. An attacker could
construct a message in such a way that would cause SpamAssassin to crash.
If a number of these messages are sent, it could lead to a denial of
service, potentially preventing the delivery or filtering of email. The
Common Vulnerabilities and Exposures project (cve.mitre.org) assigned the
name CVE-2005-3351 to this issue.
The following issues have also been fixed in this update:
Users of SpamAssassin should upgrade to this updated package containing
version 3.0.5, which is not vulnerable to these issues.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 4 | x86_64 | spamassassin | < 3.0.5-3.el4 | spamassassin-3.0.5-3.el4.x86_64.rpm |
RedHat | 4 | ppc | spamassassin | < 3.0.5-3.el4 | spamassassin-3.0.5-3.el4.ppc.rpm |
RedHat | 4 | ia64 | spamassassin | < 3.0.5-3.el4 | spamassassin-3.0.5-3.el4.ia64.rpm |
RedHat | 4 | s390 | spamassassin | < 3.0.5-3.el4 | spamassassin-3.0.5-3.el4.s390.rpm |
RedHat | 4 | i386 | spamassassin | < 3.0.5-3.el4 | spamassassin-3.0.5-3.el4.i386.rpm |
RedHat | 4 | s390x | spamassassin | < 3.0.5-3.el4 | spamassassin-3.0.5-3.el4.s390x.rpm |
RedHat | 4 | src | spamassassin | < 3.0.5-3.el4 | spamassassin-3.0.5-3.el4.src.rpm |