Synopsis: Moderate: spamassassin security update
Issue date: 2007-06-13
CVE Names: CVE-2007-2873
Description:
Martin Krafft discovered a symlink issue in SpamAssassin that affects
certain non-default configurations. A local user could use this flaw to
create or overwrite files writable by the spamd process (CVE-2007-2873).
SL 4.x:
SRPMS:
spamassassin-3.1.9-1.el4.src.rpm
i386:
spamassassin-3.1.9-1.el4.i386.rpm
x86_64:
spamassassin-3.1.9-1.el4.x86_64.rpm
SL 5.x:
SRPMS:
spamassassin-3.1.9-1.el5.src.rpm
i386:
spamassassin-3.1.9-1.el5.i386.rpm
x86_64:
spamassassin-3.1.9-1.el5.x86_64.rpm
--Connie Sieh
--Troy Dawson