Package: src:spamassassin; Maintainer for src:spamassassin is Noah Meyerhans <noahm@debian.org>;
Reported by: Noah Meyerhans <noahm@debian.org>
Date: Fri, 26 Mar 2021 22:06:01 UTC
Severity: grave
Tags: patch, security, upstream
Found in versions spamassassin/3.4.2-1, spamassassin/3.4.2-1+deb10u2
Fixed in versions spamassassin/4.0.0~0.0svn1879217-1, spamassassin/3.4.5~pre1-1
Reply or subscribe to this bug.
View this report as an mbox folder, status mbox, maintainer mbox
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Changed Bug title to 'spamassassin: CVE-2020-1946: arbitrary code execution via malicious rule configuration files' from 'spamassassin: arbitrary code execution via malicious rule configuration files'.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org
.
(Fri, 26 Mar 2021 23:21:02 GMT) (full text, mbox, link).
Marked as fixed in versions spamassassin/3.4.5~pre1-1.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org
.
(Fri, 26 Mar 2021 23:24:03 GMT) (full text, mbox, link).
Marked as found in versions spamassassin/3.4.2-1.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org
.
(Fri, 26 Mar 2021 23:24:04 GMT) (full text, mbox, link).
Marked as fixed in versions spamassassin/4.0.0~0.0svn1879217-1.
Request was from Noah Meyerhans <noahm@debian.org>
to control@bugs.debian.org
.
(Sat, 27 Mar 2021 00:15:02 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.