Synopsis: Moderate: spamassassin security update Issue date: 2007-06-13 CVE Names: CVE-2007-2873 Description: Martin Krafft discovered a symlink issue in SpamAssassin that affects certain non-default configurations. A local user could use this flaw to create or overwrite files writable by the spamd process (CVE-2007-2873). SL 4.x: SRPMS: spamassassin-3.1.9-1.el4.src.rpm i386: spamassassin-3.1.9-1.el4.i386.rpm x86_64: spamassassin-3.1.9-1.el4.x86_64.rpm SL 5.x: SRPMS: spamassassin-3.1.9-1.el5.src.rpm i386: spamassassin-3.1.9-1.el5.i386.rpm x86_64: spamassassin-3.1.9-1.el5.x86_64.rpm --Connie Sieh --Troy Dawson