AVG-1077 log

Package spamassassin
Status Fixed
Severity Medium
Type multiple issues
Affected 3.4.2-5
Fixed 3.4.3-1
Current 3.4.3-1 [extra]
Ticket None
Created Thu Dec 12 19:24:41 2019
Issue Severity Remote Type Description
CVE-2019-12420 Medium Yes Denial of service
An excessive resource-consumption vulnerability where a message can be crafted in a way to use excessive resources.
CVE-2018-11805 Medium Yes Arbitrary command execution
A malicious CF file is able to execute system commands without producing output/error streams.
References
http://seclists.org/oss-sec/2019/q4/155