AVG-1077 log
| Package | spamassassin |
| Status | Fixed |
| Severity | Medium |
| Type | multiple issues |
| Affected | 3.4.2-5 |
| Fixed | 3.4.3-1 |
| Current | 4.0.1-2 [extra] |
| Ticket | None |
| Created | Thu Dec 12 19:24:41 2019 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2019-12420 | Medium | Yes | Denial of service | An excessive resource-consumption vulnerability where a message can be crafted in a way to use excessive resources. |
| CVE-2018-11805 | Medium | Yes | Arbitrary command execution | A malicious CF file is able to execute system commands without producing output/error streams. |
| References |
|---|
http://seclists.org/oss-sec/2019/q4/155 |