Lucene search
SuseOPENSUSE-SU-2020:0446-1HistoryApr 04, 2020 - 12:00 a.m.
Security update for spamassassin (important)
2020-04-0400:00:00
lists.opensuse.org
86
0.009 Low
EPSS
Percentile
82.4%
An update that solves three vulnerabilities and has one
errata is now available.
Description:
This update for spamassassin fixes the following issues:
Security issues fixed:
- CVE-2018-11805: Fixed an issue with delimiter handling in rule files
related to is_regexp_valid() (bsc#1118987). - CVE-2020-1930: Fixed an issue with rule configuration (.cf) files which
can be configured to run system commands (bsc#1162197). - CVE-2020-1931: Fixed an issue with rule configuration (.cf) files which
can be configured to run system commands with warnings (bsc#1162200).
Non-security issue fixed:
- Altering hash requires restarting loop (bsc#862963).
This update was imported from the SUSE:SLE-15-SP1:Update update project.
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
-
openSUSE Leap 15.1:
zypper in -t patch openSUSE-2020-446=1
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| openSUSE Leap | 15.1 | x86_64 | < - openSUSE Leap 15.1 (x86_64): | - openSUSE Leap 15.1 (x86_64):.x86_64.rpm |
Related
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2020:0811-1)
2021-06-09 00:00:00
openSUSE: Security Advisory for spamassassin (openSUSE-SU-2020:0446-1)
2020-04-05 00:00:00
SUSE: Security Advisory (SUSE-SU-2020:0810-1)
2021-04-19 00:00:00
nessus
nessus
SUSE SLES12 Security Update : spamassassin (SUSE-SU-2020:0810-1)
2020-03-31 00:00:00
SUSE SLED15 / SLES15 Security Update : spamassassin (SUSE-SU-2020:0811-1)
2020-03-31 00:00:00
SUSE SLES15 Security Update : spamassassin (SUSE-SU-2020:0813-1)
2020-03-31 00:00:00
almalinux
almalinux
Moderate: spamassassin security update
2020-11-03 12:21:29
oraclelinux
oraclelinux
spamassassin security update
2020-11-10 00:00:00
redhat
redhat
(RHSA-2020:4625) Moderate: spamassassin security update
2020-11-03 12:21:29
ubuntucve
ubuntucve
nvd
nvd
cve
cve
prion
prion
Command injection
2020-01-30 18:15:00
Command injection
2020-01-30 18:15:00
Design/Logic Flaw
2019-12-12 23:15:00
debiancve
debiancve
redhatcve
redhatcve
cvelist
cvelist
alpinelinux
alpinelinux
osv
osv
CVE-2020-1930
2020-01-30 18:15:11
CVE-2020-1931
2020-01-30 18:15:11
spamassassin - security update
2020-02-01 00:00:00
veracode
veracode
Arbitrary Command Execution
2020-08-11 03:23:26
Arbitrary Code Execution
2020-11-05 03:19:23
OS Command Injection
2020-08-11 03:23:30
fedora
fedora
[SECURITY] Fedora 31 Update: spamassassin-3.4.4-1.fc31
2020-02-12 02:15:41
[SECURITY] Fedora 30 Update: spamassassin-3.4.4-1.fc30
2020-02-12 01:41:33
freebsd
freebsd
spamassassin -- Nefarious rule configuration files can run system commands
2020-01-28 00:00:00
spamassassin -- Apache SpamAssassin Nefarious rule configuration (.cf) files can be configured to run system commands with warnings
2020-01-30 00:00:00
spamassassin -- multiple vulnerabilities
2019-12-11 00:00:00
mageia
mageia
Updated spamassassin packages fix security vulnerabilities
2020-02-09 22:13:40
Updated spamassassin packages fix security vulnerabilities
2019-12-24 15:24:34
ubuntu
ubuntu
SpamAssassin vulnerabilities
2020-02-04 00:00:00
SpamAssassin vulnerabilities
2020-02-04 00:00:00
SpamAssassin vulnerabilities
2020-01-13 00:00:00
debian
debian
[SECURITY] [DSA 4615-1] spamassassin security update
2020-02-01 19:42:11
[SECURITY] [DLA 2107-1] spamassassin security update
2020-02-18 12:54:51
[SECURITY] [DSA 4615-1] spamassassin security update
2020-02-01 19:42:11
rosalinux
rosalinux
Advisory ROSA-SA-2021-1973
2021-07-02 18:08:24
amazon
amazon
Medium: spamassassin
2020-02-04 22:46:00