Source: spamassassin Version: 3.4.1-1 Severity: grave Tags: security upstream
Hi, The following vulnerability was published for spamassassin. CVE-2018-11781[0]: local user code injection in the meta rule syntax It is fixed in new upstream version 3.4.2. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2018-11781 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11781 [1] https://www.openwall.com/lists/oss-security/2018/09/16/1 Please adjust the affected versions in the BTS as needed. Regards, Salvatore
