-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Thu, 12 Dec 2019 20:26:44 -0800 Source: spamassassin Binary: sa-compile spamassassin spamc spamc-dbgsym Architecture: source all amd64 Version: 3.4.2-1+deb10u1 Distribution: buster-security Urgency: high Maintainer: Noah Meyerhans <noahm@debian.org> Changed-By: Noah Meyerhans <noahm@debian.org> Description: sa-compile - Tools for compiling SpamAssassin rules into C spamassassin - Perl-based spam filter using text analysis spamc - Client for SpamAssassin spam filtering daemon Closes: 946652 946653 Changes: spamassassin (3.4.2-1+deb10u1) buster-security; urgency=high . * Security update to address CVE-2018-11805. Malicious rule or configuration files, possibly downloaded from an updates server, could execute arbitrary commands under multiple scenarios. (Closes: 946652) * Security update to address CVE-2019-12420. Messages can be crafted in a way to use excessive resources, resulting in a denial of service. (Closes: 946653) Checksums-Sha1: 332eb8485bb1ddc31288d2114a53466845cc3e96 2469 spamassassin_3.4.2-1+deb10u1.dsc e3fae9b87c40aa0355333e91af5156cecedae457 60448 spamassassin_3.4.2-1+deb10u1.debian.tar.xz dcce34c16685a2ec2178438ba438941e21a36e83 48104 sa-compile_3.4.2-1+deb10u1_all.deb ae77da077232903b591a602f6a6f094cd5eebaec 1125576 spamassassin_3.4.2-1+deb10u1_all.deb d33e004bd4fc04bfe694e0f426501524f1a49998 6607 spamassassin_3.4.2-1+deb10u1_amd64.buildinfo e912652da5f0874e2d54b339b2986bd1ff248379 51660 spamc-dbgsym_3.4.2-1+deb10u1_amd64.deb 6080d4d679456aacda12abdc9002f5fcf2572ada 82988 spamc_3.4.2-1+deb10u1_amd64.deb Checksums-Sha256: 870b5ce3c536e13ce00659c59f65bc3fa9d4b142931edf4629f1f1c5aaa91437 2469 spamassassin_3.4.2-1+deb10u1.dsc 725395c239eb4d3826496234a8ccbf83302ab8797cce3adf6a693e71bb4ab761 60448 spamassassin_3.4.2-1+deb10u1.debian.tar.xz f2d032a76beb4aaf3354815789b68ac678a12804e64f10b7fbbca94be7aa26f0 48104 sa-compile_3.4.2-1+deb10u1_all.deb 03eeee00efb2d85a60dee41a03cfe197500f36a10f0ec8ee01a9f447900b6f17 1125576 spamassassin_3.4.2-1+deb10u1_all.deb 4e6c5fb9bc90fef104f2089f5189b0970bbd27e5aec3fca89b3ee4649ba6bc2b 6607 spamassassin_3.4.2-1+deb10u1_amd64.buildinfo 750fdcb5b425fb97d24d07a4a0dc35917854a7be9456fed13a7f8abed679497b 51660 spamc-dbgsym_3.4.2-1+deb10u1_amd64.deb 346b28040069c2f46983693e64e5fe0470c6c27c9ad31b19a65d0a36a77b92fe 82988 spamc_3.4.2-1+deb10u1_amd64.deb Files: c1377837beae6e63f5cac1da45d5ef11 2469 mail optional spamassassin_3.4.2-1+deb10u1.dsc 4443ad2677d31bd787499a4c00dad7ea 60448 mail optional spamassassin_3.4.2-1+deb10u1.debian.tar.xz 98c7a8574d827310d0d457ff05b9a652 48104 mail optional sa-compile_3.4.2-1+deb10u1_all.deb 5ea0083e91e100819fccc10acc2aa5ad 1125576 mail optional spamassassin_3.4.2-1+deb10u1_all.deb 9f2e4b526d4da70c25efdc5b3be05167 6607 mail optional spamassassin_3.4.2-1+deb10u1_amd64.buildinfo 3f85e8994633b02670c71809954c0b28 51660 debug optional spamc-dbgsym_3.4.2-1+deb10u1_amd64.deb 1a223d35034fd586a2f4ba2ec1e1ff75 82988 mail optional spamc_3.4.2-1+deb10u1_amd64.deb -----BEGIN PGP SIGNATURE----- iQJFBAEBCAAvFiEE65xaF5r2LDCTz+zyV68+Bn2yWDMFAl3z02gRHG5vYWhtQGRl Ymlhbi5vcmcACgkQV68+Bn2yWDPIpA//YUY3JqSxCmJKFQq9g/1nRVwUdro+2rYi u7NN3/Ko0H9e2OPIFgyJOB4t2ulTy1l0Sxr2XH/Q20I35dXL7vy6sS7Socv+HmLD /qgJ6txy6Ao4JG718anpJxe56/UPYEG4mha9AmDlEgdIDvLBemW3KHgUXlmADJYq Ayor0US4eETnKsyigGgtpqv+NefRemarOOamSNkSwWGzDXMqU78LBWhwFyZ3z0/I vGBz5Cz7WyWJI4Ui5wPQ/2Jv2IibxhDSY3apRKVkgYIPrpyKTjUzcxpPUA49OxZQ HLOPsxT4rCg6YbKsP9OgLKvY8Grw7BjxAT3bs9fIiW7RuzgdwhCo2SVxv1fNkys/ 7mQxIoVbiE+WoEDUvaylwu7jCtnyV9YLiD7gt7tBVJx4DW41wBRktx2gPLWgrjm5 UlK+cf6EAC0yZoN4OvDC5qPE9Gb/8jQ7361CiuNJibqVCeD+wWnFlgw0JjLloM/t qRwheKd1QjV1EGjfgK+/SH3NIe/7nLKIorzb08I6j5+TnxtDTwFOqvOjkm9ixTz0 4LHeRtrGdG/n+pfE220NF5Lyxtk8Uo9wo/FSr/TcAsG9t7Aq6Gtt4YKRa7FgfgvI x61LzQmIuigSYhnmVSZYRb9RLo8exHjQuZ+EjPk7XaXrVPI3I5cj60P3qo4QToqI 0bJ075xBsAQ= =ctWF -----END PGP SIGNATURE-----
