SpamAssassin vulnerabilities

2018-12-05T00:00:00
ID USN-3811-3
Type ubuntu
Reporter Ubuntu
Modified 2018-12-05T00:00:00

Description

USN-3811-1 fixed a vulnerability in spamassassin. This update provides the corresponding update for Ubuntu 12.04 ESM.

Original advisory details:

It was discovered that SpamAssassin incorrectly handled the PDFInfo plugin. A remote attacker could possibly use this issue to execute arbitrary code. (CVE-2018-11780)

It was discovered that SpamAssassin incorrectly handled meta rule syntax. A local attacker could possibly use this issue to execute arbitrary code. (CVE-2018-11781)