drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Ausführen beliebiger Kommandos in SpamAssassin (Aktualisierung)
Name: |
Ausführen beliebiger Kommandos in SpamAssassin (Aktualisierung) |
|
ID: |
USN-4899-2 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 14.04 ESM |
|
Datum: |
Mo, 12. April 2021, 23:46 |
|
Referenzen: |
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1946 |
|
Applikationen: |
SpamAssassin |
|
Update von: |
Ausführen beliebiger Kommandos in SpamAssassin |
|
Originalnachricht |
--===============6842223070438337669== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="4Ckj6UjgE2iN1+kY" Content-Disposition: inline
--4Ckj6UjgE2iN1+kY Content-Type: text/plain; charset=us-ascii Content-Disposition: inline
========================================================================== Ubuntu Security Notice USN-4899-2 April 12, 2021
spamassassin vulnerability ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 ESM
Summary:
SpamAssassin could be made to run programs if it opened a specially crafted file.
Software Description: - spamassassin: Perl-based spam filter using text analysis
Details:
USN-4899-1 fixed a vulnerability in SpamAssassin. This update provides the corresponding update for Ubuntu 14.04 ESM.
Original advisory details:
Damian Lukowski discovered that SpamAssassin incorrectly handled certain CF files. If a user or automated system were tricked into using a specially- crafted CF file, a remote attacker could possibly run arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 14.04 ESM: spamassassin 3.4.2-0ubuntu0.14.04.1+esm3
In general, a standard system update will make all the necessary changes.
References: https://ubuntu.com/security/notices/USN-4899-2 https://ubuntu.com/security/notices/USN-4899-1 CVE-2020-1946
--4Ckj6UjgE2iN1+kY Content-Type: application/pgp-signature; name="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEf+ebRFcoyOoAQoOeRbznW4QLH2kFAmB0RJYACgkQRbznW4QL H2ka9Q//acr5EsoQKqGiLOQR+UhPFUVNgBv1JphuBOvl63+ErtF5gruI5dKdLpLn qnz84a/kbko+ruUKwZXh2bmlvUnZ7koJIqexJe/Ea8c13BbOByU2b/XNVDhdPLqQ rytCaaSW/creMF+QLzakJszG2cLODoRq20vWuhuYM3JrLHsq47QKghZwAMd8UWVp LIplRQm3nqRsT9osk7MOPMB+EWSzAPS5+Nl2ZtWI6u1KJkv8hTWKlgFrrIEVsOIN DY867sliBTIydwLvD1lyADcS07+9X04veKXxHMWo3+NXGMNFZqtx8wYPHs3OGZXu wyfiAB3T4FnNC4lAH0QtT0U9snhsXc95dAgPkUss6Mz81dlvkOVnte0czV7uw7qC H4HxVFUXIa9qvaaUlrN+ueo8VHiijSoH0BnoLakd0Jj8jZn4b+XC6Z3zRjODLD6y OXo55LbFumprYR7rYgdr1c0DBEezhNFSZO52Gdty6KRnLKkGIPzz0uhvEfYo5mVa smQbGk8XkNm4wiU1WHdKFmHNphEQA9zQk/QB/xyCV3Vr41ILxowpOLKbKRcN6pIL byItKREzw1LnmWO73Gi3Yu2wmiBIQFJ26n2kEUua7DUnpnDoCe6+jWz5A5o19Bj4 suxBFLiMf7kUBrRIZRb+Nez0nn4YSYOz1Nak50Eble1kfe2Rt5k= =cHNZ -----END PGP SIGNATURE-----
--4Ckj6UjgE2iN1+kY--
--===============6842223070438337669== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
|
|
|
|