Package: spamassassin; Maintainer for spamassassin is Noah Meyerhans <noahm@debian.org>; Source for spamassassin is src:spamassassin (PTS, buildd, popcon).
Reported by: Noah Meyerhans <noahm@debian.org>
Date: Thu, 12 Dec 2019 21:09:02 UTC
Severity: grave
Tags: fixed-upstream, pending, security, upstream
Found in versions spamassassin/3.4.2-1~deb9u1, spamassassin/3.4.2-1
Fixed in version 3.4.3~rc6-1
Reply or subscribe to this bug.
View this report as an mbox folder, status mbox, maintainer mbox
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Marked as fixed in versions 3.4.3~rc6-1.
Request was from Noah Meyerhans <noahm@debian.org>
to control@bugs.debian.org
.
(Thu, 12 Dec 2019 21:21:10 GMT) (full text, mbox, link).
Marked as found in versions spamassassin/3.4.2-1~deb9u1.
Request was from Noah Meyerhans <noahm@debian.org>
to control@bugs.debian.org
.
(Thu, 12 Dec 2019 21:21:17 GMT) (full text, mbox, link).
Changed Bug title to 'spamassassin: CVE-2019-12420: specially crafted messages can exhaust system resources resulting in a denial of service' from 'spamassassin: specially crafted messages can exhaust system resources resulting in a denial of service'.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org
.
(Thu, 12 Dec 2019 21:27:04 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.