Synopsis: Important: spamassassin security update Advisory ID: SLSA-2018:2916-1 Issue Date: 2018-10-11 CVE Numbers: CVE-2017-15705 CVE-2018-11781 -- Security Fix(es): * spamassassin: Certain unclosed tags in crafted emails allow for scan timeouts and result in denial of service (CVE-2017-15705) * spamassassin: Local user code injection in the meta rule syntax (CVE-2018-11781) -- SL7 x86_64 spamassassin-3.4.0-4.el7_5.x86_64.rpm spamassassin-debuginfo-3.4.0-4.el7_5.x86_64.rpm - Scientific Linux Development Team