(RHSA-2007:0492) Moderate: spamassassin security update

ID RHSA-2007:0492
Type redhat
Reporter RedHat
Modified 2017-09-08T12:07:14


SpamAssassin provides a way to reduce unsolicited commercial email (spam) from incoming email.

Martin Krafft discovered a symlink issue in SpamAssassin that affects certain non-default configurations. A local user could use this flaw to create or overwrite files writable by the spamd process (CVE-2007-2873).

Users of SpamAssassin should upgrade to these updated packages which contain a backported patch to correct this issue.

Note: This issue did not affect the version of SpamAssassin shipped with Red Hat Enterprise Linux 3.